Win32/Ramnit.C Help

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Aeril, Oct 11, 2010.

  1. Aeril

    Aeril Private E-2

    Hi, I've looked through the forums to try and find solutions for this virus, and they all start with posting logs from the eset online scanner. For some reason, Eset.com comes up as a cannot be found page. I do however have Eset Smart Security 4 installed, could I use that instead of using the online scanner to attach logs in order for you guys to help me?
     
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    If your version is up to date then do post those logs, reboot after each scan. I would like to see the first 3 scan logs.

    In the meantime, you need to follow these instructions:
    READ & RUN ME FIRST. Malware Removal Guide

    Have you tried doing the online scan using a different browser?
     
  3. Aeril

    Aeril Private E-2

    I've tried using multiple browsers. Firefox became unresponsive as of this morning when ESET went crazy over the virus, it won't load any pages, no progress bar, or anything. Internet explorer shows eset.com as Internet Explorer cannot display the webpage. Thank you for your quick response
     
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Just get me logs then and let's see what we are up against.
     
  5. Aeril

    Aeril Private E-2

    I've encountered a problem, I cann't download malwarebytes as the site also comes up as cannot be disaplayed. Another thing is that my ESET freezes up when I try and clear my quarantine (assuming this is because there's a massive amount of files in it)
     
  6. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    This infection has really become quit nasty and dangerous. We could attempt to remove and have had some success in the past, but recently it has become even more trouble to remove. It is really safer to just bite the bullet and do a clean reinstall.

    The problem is that the damage caused by this infection really makes a PC unreliable/untrustworthy. PE file infectors like Ramnit, Virut,.... etc are can infect all executable files (DLL, EXE, SCR....and many more and also HTML). These infections can open back doors that truly may compromise your computer and your security. These backdoors, could allow a remote attacker to access and instruct the infected computer to download and execute more malicious files.

    In many cases the infected files (which could number in the thousands) cannot be disinfected properly by your anti-virus or by other scanning tools. Also when disinfection is attempted, the files often become corrupted and the system may become unstable or irrepairable. The longer Ramnit.A remains on a computer, the more files it infects and corrupts so the degree of infection can vary.

    Ramnit is commonly spread via a flash drive (usb, pen, thumb, jump) infection where it copies Worm:Win32/Ramnit.A with a random file name. The infection is often contracted by visiting remote, crack and keygen sites. These type of sites are a major source of system infection.

    So all the above being said, and please do take serious note of the warnings, do you really wish to attempt cleaning even though the stability and security of your be cannot be guaranteed? And also, we could spend a lot of time trying to fix it and still fail due to the number of files that have been infected.
     
  7. Aeril

    Aeril Private E-2

    I was originally going to do a clean reinstall, but reading that Ramnit attaches itsself to files made me think about it. The reason being is because usually when I reformat, I backup some of my files. The majority of these files have sentimental value to me. If i choose to reinstall, will I be safe with backing up my files? The majority of them are text documents and pictures, but I also have some .exe's
     
  8. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I would be leary of the exe files. But do try backing up your files to a cd, then after you have reformated and reinstalled, get your protection software running and have it scan the disc before you transfer them back.
     
  9. Aeril

    Aeril Private E-2

    The way I backup ym files is put them onto an external hdd, could I do that and then scan the hdd after my reinstall?
     
  10. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes, certainly. But I would avoid exe files as this infection spreads over time.
     
  11. Aeril

    Aeril Private E-2

    If I were to backup an .exe file, and then scan it and it comes up as clean, would that be okay?
     
  12. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Yes.
     
  13. Aeril

    Aeril Private E-2

    Alright, thank you for all your help! Sorry for persisting on backing up my exe files even though you've said to stay away from them, it's just that some are important to me. Also, do you recommend any ways to prevent the Ramnit virus from entering my system next time? I currently use ESET Smart Security 4 (always updated to date) that's about it as far as protection goes.
     
  14. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

  15. Aeril

    Aeril Private E-2

    Okay, the only things I do not have from that list are spyware protection and configureing my ActiveX. Thank you again, and hopefully the next time I come back isn't for help!
     
  16. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are most welcome. I hope all goes well. :)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds