Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Its everyones favourite virus..


  • Please log in to reply
8 replies to this topic

#1 Ammiit

Ammiit

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:08 PM

Posted 16 May 2013 - 07:05 AM

... Yesturday I found out my laptop had the Ramnit.A virus. About a month before this I had gotten a windows command processor virus, which I thought had been deleted as my computer was no longer slow or had any popups and did not detect any further viruses. My computer has been fine since then, I havent noticed any chances however yesturday I decided to download ESET online scanner, just to make sure everything was still okay. I have AVG 2013, but I dont exactly think much of it. Anyway ESET reported that I had two ramnit. A viruses and 2 adwares which I quarantined and deleted. However from what I gather about ramnit is that its pretty much the big cheese in viruses and that it replicates so that when you delete it it reappears? And the best way is to get rid of it is to reformat the laptop. Is there truely no way to get rid of it completely without reformating?

 

Also.. sigh, I used my USB on my infected laptop which I then used on another computer (I read the virus can transfer to computers this way), I checked the computer with ESET which I used the USB on and it did not report any viruses, do you think it is clean or is the virus hiding? Should I no longer use the USB, just to be sure?

 

Once I found the virus on my laptop and deleted it, I turned off internet connection and shut it down and have not booted it up since and if there is no cure im going to reformat it but I dont have the time to do that right now but I need to get some documents from that laptop, how can I do this without using USB? Is the laptop safe to use without internet connection? I just need to read through some word documents.. I dont use any bank information or any other important stuff on that laptop. Ive read some stuff about the virus but im not sure if it deletes documents or corrupts files the longer it stays on the laptop? Im not sure how long its been on my laptop if it installed with windows command processor then probably about a month but it hasnt done anything (yet).

 

Wow, this has gotten long.. but I also wanted to know, if anyone knows why AVG did not detect it at all? And if reformating what files can I take from the laptop? Im not sure what exactly is corrupted?

 

Thankyou, and sorry for the essay. :)



BC AdBot (Login to Remove)

 


#2 Adam Pollard

Adam Pollard

  • Members
  • 145 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Wales, UK
  • Local time:12:08 PM

Posted 16 May 2013 - 08:24 AM

Try reading this article on the limitations of anti-virus.

http://www.techrepublic.com/blog/security/antivirus-what-it-does-and-doesnt-do/8470

 

"pretty much the big cheese in viruses and that it replicates so that when you delete it it reappears?"

This is pretty much true for all viruses, and replication is how they are defined.

 

If a process is running actively in RAM, it can create multiple copies of virus files, so the process needs to be stopped first. Most removal tools will do this, or you can use a tool like rkill for this.



#3 Ammiit

Ammiit
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:08 PM

Posted 16 May 2013 - 09:08 AM

Thanks for the link, i'm pretty much a novice when it comes to computers :blush:. I think im just going to reformat it.. when I learn how to do that. Is it simply a case of putting in the the XP disk again and following setup again, will that delete everything that previously was on the laptop?



#4 chadrik916

chadrik916

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:08 AM

Posted 16 May 2013 - 01:43 PM

Doing a clean install means deleting partitions and allowing the disc to re partition your drive during install. This process wipes the drive completely and is irreversible; but necessary for a completely clean rebuild.

 

This requires booting from Disc Drive with the XP disc. You can either do this using BIOS settings or the boot key (F12, usually) before the windows splash screens appears on boot. then just following the screen prompts.

 

Some HP boxes have a Repair Computer option if you using the F8 button before booting windows. This activates the recovery partition and will do the same thing as described above, just not from a disc but a hidden partition. You will want to look for a Factory Default installation... May be a few options in.



#5 Ammiit

Ammiit
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:08 PM

Posted 16 May 2013 - 04:59 PM

chadrik916, thanks for your reply! What files can I take from my infected laptop before I reformat? I have all my ipod songs on there, including some photos and documents that I would like to keep if possible. And how would I go about moving them, since USB is likely to transfer infection.

#6 chadrik916

chadrik916

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:08 AM

Posted 16 May 2013 - 05:22 PM

chadrik916, thanks for your reply! What files can I take from my infected laptop before I reformat? I have all my ipod songs on there, including some photos and documents that I would like to keep if possible. And how would I go about moving them, since USB is likely to transfer infection.

Unfortunately, you never know if you are taking an clean file with 100% certainty; but I would suggest the following. From my experience, I create a single folder on C Root folder (C:\) called backup. "C:\Backup" Copy everything that is important in that folder, then scan it with everything you have... :) Probably just malwarebytes and an antivirus. Then format your USB thumbdrive and copy the data to it. Then build your computer and use the thumbdrive to copy your data back to your machine.

 

There are other and quicker ways, but this is the only way YOU as the user can ensure everything gets backed up. I personally have a script, but I know how to modify it to include folders outside the scope of the script and a novice user like yourself, shouldn't trust scripts from unknown users like myself. :) But if you are interested, I can post the script for all to see and you can use it at your own discretion. I will just post to you a download link from my dropbox public folder.



#7 chadrik916

chadrik916

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:08 AM

Posted 16 May 2013 - 05:25 PM

If you go to Start > Run and type in %userprofile%, it should  open up your profile directory which will be where you will find your documents, videos, music, favorites etc. You basically want to copy just the folders you recognize.

The iTunes folder is located inside the Music folder

 

%userprofile%\My Music



#8 Ammiit

Ammiit
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:12:08 PM

Posted 17 May 2013 - 07:13 AM

Hey, thankyou for the advice, you have been very helpful! I dont have time to reformat my laptop now, but I just wanted to get some documents from it for now and get everything else off later, ill do what you suggest and create a folder In C then scan the hell out of it! The smiley faces make you appear trustworthy.. but I think ill do what you said first as it sounds easiest to me. :)

 

I'm not going to use my USB however, I read that its best to copy the stuff over onto a CD with the Ramnit.A virus. I have scanned my USB (which I used on my infected laptop) on another old laptop that I dont use and suprisingly it has not found anything. How well can a virus hide though?

 

I think I know what to do now, fortunately I have found a friend who has offered to help me reformat my laptop using the disk! Thank you for your help!


Edited by Ammiit, 17 May 2013 - 07:15 AM.


#9 chadrik916

chadrik916

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:08 AM

Posted 17 May 2013 - 10:41 AM

Having someone else do it all for you is awesome. That way, there's much less of a chance for error. :). Have a wonderful day,  good luck!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users