I.T. Experts - Win32 Ramnit-G


Status
Not open for further replies.

WASTID

Striker
Dickhead here has opened a link on an email, which Avast quickly alerted me was not the best of things to have done. Quickly closed the site down, and then started running a scan with Avast which started finding Trojan Horse/Malware which it seems is linked back to Win32 Ramnit-G.

Having done a few searches on google, I'm seeing lot of comments that this is a right fooker to get shot of properly with a lot of suggestions that reformatting is the only way to be sure its rid off completely.

Any tips?

Don't mind doing the full format and re-installing windows - but if I do, is there a way to save files and documents on the hard drive first (as I believe this thing infects USB drives, disks etc).

:-(
 
Have you tried turning it off and on again?

First thing I would do is boot into safe mode and run a full scan
 
Have you tried turning it off and on again?

First thing I would do is boot into safe mode and run a full scan

the good old off and on gag eh. :)

Shut down the PC last night and done some research on another device about it before I tried anything else - when getting time, then starting in safe mode will be the first thing I do. Problem though is whether it can be cleared - hence asking advice from the experts on here!
 
the good old off and on gag eh. :)

Shut down the PC last night and done some research on another device about it before I tried anything else - when getting time, then starting in safe mode will be the first thing I do. Problem though is whether it can be cleared - hence asking advice from the experts on here!

We've just had that on one of remote PC's - lad in the office has been on for nearly 2 days now trying to get rid. Right pain in the arse and the machine is going to have to be rebuilt. :mad:
 
Format it mate, safest option

It infects loads of files including .exe's, and opens a backdoor which allows access to your pc.

Its also a complete twat to try and get rid of manually. I've seen it and had to format it in the end. Be a lot easier for you just to wipe it and start again imo
 
Format it mate, safest option

It infects loads of files including .exe's, and opens a backdoor which allows access to your pc.

Its also a complete twat to try and get rid of manually. I've seen it and had to format it in the end. Be a lot easier for you just to wipe it and start again imo

From what i've read thought i'd have to format and reinstall. More concerned with saving few files - how safe is it to try get copies of photo's, music files etc backed up onto something before wiping it. Don't want to back up files that might be infected. Cheers

Format it mate, safest option

It infects loads of files including .exe's, and opens a backdoor which allows access to your pc.

Its also a complete twat to try and get rid of manually. I've seen it and had to format it in the end. Be a lot easier for you just to wipe it and start again imo

From what i've read thought i'd have to format and reinstall. More concerned with saving few files - how safe is it to try get copies of photo's, music files etc backed up onto something before wiping it. Don't want to back up files that might be infected. Cheers
 
I'd use Microsoft Security Essentials and run a scan, if that doesn't pick it up then use Malware Bytes.

A rebuild seems a bit extreme.
 
I'd use Microsoft Security Essentials and run a scan, if that doesn't pick it up then use Malware Bytes.

A rebuild seems a bit extreme.

Read up on it first, there isn't any software available that i know of that can reliably get rid of this. Microsoft SE and Malwarebytes won't
 
Gaz said:
Read up on it first, there isn't any software available that i know of that can reliably get rid of this. Microsoft SE and Malwarebytes won't

I just can't believe it's the only solution to get rid of it, it's not a recent virus so you would think it could be cleaned/removed by now.
 
From what i've read thought i'd have to format and reinstall. More concerned with saving few files - how safe is it to try get copies of photo's, music files etc backed up onto something before wiping it. Don't want to back up files that might be infected. Cheers

I'm not an expert mate, but from what i've seen it seems to infect .exe .com .scr .zip .dll and possibly other system files.

I don't think it infects documents and photo files, but the problem is how to get them off the PC before formatting it. Once you boot into windows its active and if you start copying stuff around to usb / cd / external hdd then you risk copying infection as well.

Depends on your PC, but is it possible to boot into command prompt and manually copy documents onto usb device or 2nd hard disk without starting windows?

Might be worth posting on here, they always been quite helpful when i've needed it in the past http://www.bleepingcomputer.com/
 
Gaz said:
I'm not an expert mate, but from what i've seen it seems to infect .exe .com .scr .zip .dll and possibly other system files.

I don't think it infects documents and photo files, but the problem is how to get them off the PC before formatting it. Once you boot into windows its active and if you start copying stuff around to usb / cd / external hdd then you risk copying infection as well.

Depends on your PC, but is it possible to boot into command prompt and manually copy documents onto usb device or 2nd hard disk without starting windows?

Might be worth posting on here, they always been quite helpful when i've needed it in the past http://www.bleepingcomputer.com/

If the code within the file has been re-written then it would make no difference whether you copied it from Windows, command prompt or another OS.

IIRC I didn't think it was possible to re-write the code of an .exe as it's a closed file, possibly encrypted too.
 
I just can't believe it's the only solution to get rid of it, it's not a recent virus so you would think it could be cleaned/removed by now.

unfortunately not, or at least i'm not aware of a way of doing it. I tried loads of forums etc at the time i couldn't get rid of it and every one said re-format was only option.
 
Depends on your PC, but is it possible to boot into command prompt and manually copy documents onto usb device or 2nd hard disk without starting windows?

You could boot the PC using an Ubuntu (or other linux) Live CD. Mount the Windows volume and then copy anything you want to an external HDD.
 
going to pick up a usb stick or two to transfer photo's etc onto. Got an external hard drive with stuff saved but its while since backed up so just want to be sure got what i need. Also can't remember if i backed up iTunes or not. If get it copied onto usb stick then once format and reinstalled XP should be able to scan the usb stick on its own to check its clear. Pissed off with the school boy error thou. Never done full format and reinstall as always been able to clear any problems so this is a right fucker!
 
going to pick up a usb stick or two to transfer photo's etc onto. Got an external hard drive with stuff saved but its while since backed up so just want to be sure got what i need. Also can't remember if i backed up iTunes or not. If get it copied onto usb stick then once format and reinstalled XP should be able to scan the usb stick on its own to check its clear. Pissed off with the school boy error thou. Never done full format and reinstall as always been able to clear any problems so this is a right fucker![/QUOTE]

This is the only infection i've seen that i couldn't fix somehow. Spent a few days trying, and its a complete twat. Not worth risking it though, even when it looks clean there could be things still infected that aren't being picked up.
 
This is the only infection i've seen that i couldn't fix somehow. Spent a few days trying, and its a complete twat. Not worth risking it though, even when it looks clean there could be things still infected that aren't being picked up.
was 95% certain before this post that format and reinstall be best bet. To be fair, it will be good to have clean Pc without half the shit programs on that have clogged up registry and start up etc. Just hope i've got the relevant disks and that its easy to do once i've tried backing up few files. How long you need to do this sort of job?
 
was 95% certain before this post that format and reinstall be best bet. To be fair, it will be good to have clean Pc without half the shit programs on that have clogged up registry and start up etc. Just hope i've got the relevant disks and that its easy to do once i've tried backing up few files. How long you need to do this sort of job?

How old is it? There's a fair chance you'll have a recovery partition sitting on the disk that can be run for a "factory restore"
 
Status
Not open for further replies.

Back
Top