Our ReVolt Pub

I just did a virus scan, and found that EVERY .dll / .exe is infected with "W32 ramnit"

W32.Ramnit is a self-replicating worm virus that infects your computer by exploiting security vulnerabilities in Windows and drops various destructive payloads. W32.Ramnit may copy itself over to other computers through removable devices.

i may have to wipe my HD.

which means that every single unfinished car/model/track/models for tracks, that i have done, will be gone, UNLESS i go through every single car and remove every tool from it. I do have 4.6 gig of revolt stuff, so its going to take a hell of a long time

anyone had this problem? how did you solve it?

Hey, wait a bit before wiping your HD...

If you can still boot windows, you should be able to copy all your files to an external HD or USB flash drive. But be carefull, it's not recommended as it could very easily infect your external drive (if it's not done already).

My advice would be to use a bootable CD (like ubcd4win, or even easier, a live gnu/linux CD ).
- You boot on this live CD.
- You copy your files from your main HD to an external HD.
- If there is any "autorun.inf" file hidden on your external HD, you delete it (important).
- Disconnect this HD, and wipe you main HD / reinstall windows.
- Then check the files on your external HD with an antivirus/antispyware.

Just as a notice, depending on the live CD you use, accessing your main/external HD could be more or less easy. It depends of how your HD is formatted (eg. Fat32/NTFS...)

>> UNLESS i go through every single car and remove every tool from it
I don't get the meaning of that sentence... Regular files (ie. non exe/dll) should no be infected.

EDIT:
And last, if you don't feel like using a bootable CD and you can still boot your windows, it's possible to copy the file directly to an external HD. But you'll have to be very carefull when reconnecting your HD afterward. In case you have not deactivated autorun, or if you double-clic on the hardrive to open it, your system will probably be directly re-infected...

Perhaps burning the stuff on a CD/DVD could do it as well? I don't know how advanced that virus is. Do you have Bluetooth on your PC? Perhaps zipping your stuff and uploading it to a website could save your tracks as well.

I don't get the meaning of that sentence... Regular files (ie. non exe/dll) should no be infected.

every car or track has rvshade etc within the files as i usually leave them in because im always going back to it, but now all of those rv tools are infected, which means id have to go through every car and remove it all.

also i dont have a external hd, which complicates things more

ive thought about burning to cd aswell, but that would be a lot of cd's

thinking about it though, theres nothing that i couldnt easily remake, and infact for some reason it would kind of be cool to remake all of my cars to the standard i can now

gotta look on the bright side eh?

Apparently, you're not taking it too hard...

MOH @ Oct 7 2010, 10:07 PM wrote:every car or track has rvshade etc within the files as i usually leave them in because im always going back to it, but now all of those rv tools are infected, which means id have to go through every car and remove it all.

I'm quite sure that can be done with a BATCH command, something like:
for /R "your_base_dir" %D in (*.exe) do del %D
(be careful, don't run this command anywhere!)
Or I'm quite sure we can do something even more complex and replace each infected exe file by a clean copy...
I may help you if you want to try, don't hesitate to ask.

also i dont have a external hd, which complicates things more

That's true...
But do you really own only one single HD? It means you have no way to reinstall windows without loosing your data? At least, maybe your hd is partitioned, no?

I know it's too late to reply (you already redid your computer), but you could've opened a search and typed in "rvshade.exe" and any other executable you needed to get rid of... and then in the completed search box selected all and deleted them like that real easy. I always think that's the best GUI way to delete a bunch of dupes of a file you don't want.