We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
Contact Forum Editor

Send an email to our Forum Editor:


PLEASE NOTE: Your name is used only to let the Forum Editor know who sent the message. Both your name and email address will not be used for any other purpose.

Tech Helproom


It's free to register, to post a question or to start / join a discussion


 

Can I get rid of RAMNIT virus on my pc


rachel99

Likes # 0

Hi. I seem to have picked up a virus called Ramnit on my WindowsXP pc. I googled it & asked a friend....My pc antivirus is normally pretty good, but each time I log on the Threat window comes on...it says.... Threat - Win32/Ramnit.L virus "Event occured on a new file created by the application" & The application always has"ciepjdbhopiqmvyd.exe" in it, & the file always has the same sequence of letters before the .sys bit. I did a search on my Start menu bit, & found a few PF files in Windows/Prefetch, & a few Applications in the C drive section too. These files & Apps all have the letter sequencethings like above.

Should I keep trying my antivirus & see what it does, Can I delete the files or applications? Any advice would be nice of you. Thank you x

Like this post
johndrew

Likes # 1

Apparently MS Security Essentials and/or the Safety Scanner (scroll to the bottom of the page) will remove this.

The MS Malicious Software Removal Tool may also assist.

However, my preference would be to use the AVG Rescue CD as it is free standing, free and simple to use. It does take a bit of time to run, but after booting from it and enabling the task you simply go and put the kettle on.

Like this post
johndrew

Likes # 0

You may also find this link of interest link text

Like this post
buteman

Likes # 0

Safe mode with networking or just plain safe mode would have done.

If you are going to use HitmanPro it would need to be safe mode with networking.

If it is a laptop you are using you should have the option of putting it back to Factory settings but you would loose whatever you have downloaded on to the laptop.

That would be tapping F10 or F11 as the laptop starts.

If a tower that would not work unless they gave you restore CD's when the computer was bought.

There should be others on here today who might be able to help but maybe better trying the Malware Removal Forum that I posted earlier.

It was almost impossible to get on here yesterday because of problems with the PCA Forum.

If you decide to try the other Forum let us know how you get on.

Like this post
badhair1963

Likes # 0

This

1: http://kartolocyber.blogspot.com/2011/03/ramnit-virus-manual-remove-fixed.html might help.

(I hope that hyperlink works. If not, I'll post again.)

Like this post
badhair1963

Likes # 0

Well, that didn't work as expected, but at least you got the link. :)

Like this post
rachel99

Likes # 0

hi thanks for that link. I used it & went into my TaskManager section, but could not see any W32Ramnit processes?, then tried the WindowsStart button bit to find the W32Ramnit inthe HKEY area, but no joy there too. So no joy but thanks alot anyway

Like this post
buteman

Likes # 0

According to most of the forums out there.The best way to remove it is to do a reformat.

Not sure if this one actually removes it or not although it says it does.

http://www.bitdefender.com/VIRUS-1000644-en--Win32-Ramnit-G.html

You can get a free trial of it so maybe worth trying.

Like this post
rachel99

Likes # 0

thanks pretty scared about doing that reformat thing. as worried about mucking it up and spoiling things on my pc, but i know i need to do something.

Like this post
buteman

Likes # 0

Best maybe going to this forum which will be able to hep.

http://www.malwareremoval.com/forum/

You have to sign in and follow instructions and it may take a few days for them to get back to you as they are kept very busy.

If anyone can fix it they can.

Saturday and Sunday is usually a bit slow on here for help so maybe best thinking about the other forum who specialise on problems like this.

Maybe there are other security programs that can repair it now, so have a look see what others think when they come on here this morning.

Like this post
Secret-Squirrel

Likes # 0

Rachel, if your problem's relatively recent then an XP "System Restore" done in "Safe Mode" may help neutralise the infection. The restore won't affect any of your personal files. Here's what you need to do:

1) Shutdown your PC, restart it, and immediately start tapping the F8 key quickly till the boot options menu appears - it'll be a black screen with white writing. Using the arrow keys on your keyboard, select "Safe Mode" then hit the Enter key to confirm your selection. When XP loads, don't be concerned that the screen looks different with extra-large icons etc.

2) Once in, click your Start button -> All Programs -> Accessories -> System Tools -> System Restore. Tell the program you want to restore to an earlier date and pick any date on the calendar that's in bold that pre-dates this problem. Don't go further back than you need to. If the restore doesn't help or gives unexpected results then you can always go back in and undo that restore.

When the PC reboots, let us know if you're now free of those virus alerts. If you are then I'll give you extra instructions on how to check for any (inactive) virus files that may remain.

Like this post

Reply to this topic

This thread has been locked.



IDG UK Sites

Android One vs Android Silver vs Google Nexus: What is the difference?

IDG UK Sites

iOS 8 review: Hands on with the iOS 8 beta

IDG UK Sites

Thinking robots: The philosophy of artificial intelligence and evolving technology

IDG UK Sites

How to shoot a robot rom-com in three days