Ramsys.exe

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

H
Just a problem on start up realy when i start i allways get 2 error messages saying ramsys.exe could not be foun
Windows XP Home starts ok after clicking ok / I think i know how it went i had a trojan found in the file by my viru
protection wich moved it to Quarantine / The PC seemed to be ok without it so i deleted it as the file could not be cleane
now i get this error on start all the time / Is there anyway to stop it or replace the file

Many thanks Pau UK
 
I have the same problem, but how would I get rid of those messages when the computer starts up on XP? I looked for the file the virus alters but its not there, so I have no idea what to do.
 
Well I found Win.ini file, but it has nothing about the Ramsys.exe file. I also found the Autoexec (But it is not .bat it is a .nt file) which also does not mention the File either, like the website said it should. I know how to disable System restore and everything, but the removal instructions just are not working for removing the computer from the registry. This does not seem to be working. Please email me at (e-mail address removed) next time with another suggestion. Thanks.
 
Trev;

{Edit the changes made to the Win.ini and Autoexec.bat files (Windows 95/98/Me).}
If you have XP the above sentence does NOT apply!!!!! For Windows 95/98/Me ONLY!!!!
++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Log onto http://swatit.org and download the free "swatit" program, which will blow away
trojan horse and GT Bot programs.
++++++++++++++++++++++++++++++=
1 Disable System Restore (Windows Me/XP).
2 Update the virus definitions.
3 Run a full system scan. If any files are detected as Trojan.Sheehy, do the following:
ÂIf the filename is other than Ramsys.exe, delete it.
ÂIf the filename is Ramsys.exe, and it is located in the \Windows\System folder, do not
delete or Quarantine it. You must choose Ignore.

1. Disabling System Restore (Windows Me/XP)
If you are running Windows Me or Windows XP, we recommend that you temporarily turn off
SystemRestore. Windows Me/XP uses this feature, which is enabled by default, to restore
the files on your computer in case they become damaged. If a virus, worm, or Trojan
infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System
Restore. Therefore, antivirus programs or tools cannot remove threats in the System
Restore folder.
As a result, System Restore has the potential of restoring an infected file on your
computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have
removed the threat.

To turn off Windows XP System Restore:
1 Click Start.
2 Right-click My Computer, and then click Properties.
3 Click the System Restore tab.
4 Select "Turn off System Restore" or "Turn off System Restore on all drives" check box.
5 Click Apply
6 As noted in the message, this will delete all existing restore points. Click Yes to do
this.
7 Click OK.
8 Proceed with what you need to do. For example, removing viruses.
===============
2. Update the virus definitions for whatever Anti Virus software you're using.
================
3. Scanning for and deleting the infected files
Run your AV software.
=============
Download, install, run, update and run again.
HijackThis
http://www.spywareinfo.com/~merijn/index.html
 
Ok, the Hijack This program worked for me, it had the run thing listed too, thank you very much, it is VERY great to have this over with. Thanks again!
 
Back
Top