XP SP3 I hope? You say 'again', like this is not the first time?
Try the following in "Safe Mode with Networking", reached by tapping F8 repeatedly while booting up - all the following steps will work in that mode.
Download, install, update (important) and run a full scan with the FREE version of THIS software.
Let it remove anything it finds and reboot if it asks you to, immediately.
If that fails to budge it then run Hijackthis in regular mode and post its log on one of the following forums for expert guidance.
Do not post Hijackthis logs here, we can't help with those!
Post the logs at a specialist Forum:
Be sure to read all the sticky announcements/instructions at the top of each malware forum!
Thanks for that Peter. It's the first time i've had this (I said again because there are othere threads on the subject). I'll give all that a go. Failing that what do you think about copying unaffected files to another drive?
Sorry, I'm not too well at the moment and overlooked that request. Possibly it will be OK but I am really not qualified to answer such a question. One of those HJT forums would be able to, I am sure.
Ramnit is a file infector, therefore you would probably need to reformat seeing as it infects everything.
It depends on the infection, really, but I don't think it would infect pictures, but this is just my opinion.
I signed up to this forum for exactly the same thing. My current McAfee security centre failed to recognise the threat and is totally unable to deal with it. Very very unimpressed!
I have tried all sorts of suggestions to get rid of the Ramnit.a virus but with no joy. In fact it was getting worse as it seemed a backdoor was opened and other hoards of viruses where imported to the drive. These McAfee did detect but they where coming in quicker than they could be quarantined.
In the end I had to shut it down and pull the hard drive. I have brought a replacement drive now and am setting up for a rebuild. The infected drive is in a linux machine where I am hoping I can cherry pick off all the important files I need. Seeing a lot of my files is web work, I have a shed load of html files to clean off. I can safely say all the exe and dll files are a right off.
I am concerned that the virus may reinfect the new drive somehow - can it live in the BIOS? I don't know. Whats worse is that I can run my back up drive as that will infect as well.
Left me with a completely ruined set up, several web projects inaccessible and my wifes training course home assignments and work backing up - Gee thanks McAfee - remind me why I pay my subscription again?? Seems to have just made matters worse.
AND.. the thing that really annoys me the most is that I have spend several wasted hours online and on the phone trying to speak to you about it. Like walking through treacle. The online help don't work and won't pass me to the email chat as I am using a linux machine which it don't recognise. Calls to the overseas call centre are a waste of time as the operators are reading scripts and can not help me. They asked me for details I won't know as they are on the affected PC. I can't log into my account to get my serial.
Plus I can not find out how I will get the software reinstalled on my new drive (although I have to think seriously if I will trust McAfee to do that job again)
The thing I want explained the most is WHY didn't McAfee see the threat and deal with it.
Don't know how this forum works - hopefully someone will contact me.