Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

possible Ramnit infection - Hijackthis log attached


  • This topic is locked This topic is locked
2 replies to this topic

#1 t3rm3y

t3rm3y

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:02:05 PM

Posted 16 March 2012 - 04:47 PM

hi there,

I think i had a Ramnit infection, took pc in to work, boss removed some stuff over weekend, got i back and seemed ok, tried a number of scans and nothing found, but hikack this has the following:
O4 - HKCU\..\Run: [CvdRmimt] C:\Documents and Settings\User\Local Settings\Application Data\tplfcigd\cvdrmimt.exe

I cant find any details of this online, and the Rmimt looks very similar to Ramnit... any ideas? please look at the log and tell me if i need to delete anything..

Many thanks

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:03:05 PM

Posted 16 March 2012 - 09:24 PM

same advice as you received here

http://forums.majorgeeks.com/showthread.php?t=255290

ramnit cannot be cleaned, you will need to re-install your operating system

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:03:05 PM

Posted 20 March 2012 - 07:21 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users