removing ravmon virus without anti-virus is easy,
but if you want anti virus suggestion or quick and easy way to remove this virus download Trend Micro AntiVirus plus AntiSpyware
virus they can stop your pc from being infected but once you are infected they wont be able to remove it.
I dont know the actual name of this virus nor its effects
Anyways its very easy to remove it
you will have to follow just few simple steps.
- check if ur infected
- stop currently running virus
- delete virus files
- remove virus to run from startup
so here are the following steps explained
remember until you delete the virus files please open drives using address bar by typing C:\ D:\ X:\ as the virus is activated if you double click the drive
1. Right click any drive on your computer and see if right click menu shows some invalild characters
like this
If yes then you are infected.
2. Press Alt+Ctrl+Del to bring up the task manager (or right click taskbar to run it)
there will be a program in processes named “SVCHOST.EXE” there will be few svchost in small case but check one in capital letters, if you see more than one “SVCHOST.EXE” (all caps one) end the one with your username infront of it instead of LOCAL SERVICE, NETWORK SERVICE or SYSTEM.
by pressing end process
3. to delete the virus files you need to show system protected files.
for this goto
My Computer->(Menu) Tools-> Folder Options -> (Tab) View -> uncheck “Hide System protected files” -> press OK
If you are unable to unhide the system files you can use 3rd party softwares to browse drive and delete files, try ACDsee or WinRAR
Now open drive (by typing drive letter in address bar)
delete these 2 files
- Autorun.inf
- Ravmon.exe
also delete those in all drives (not CD(WR) or DVD(WR) drives) (and remember don’t double click else you will have to start over from top)
Open Windows folder and delete SVCHOST.EXE, SVCHOST.dll and MDM.EXE
Now restart the explorer.exe process by killing it in taskmanager and runing it again [(winkey + R), type "explorer" and hit enter]
now right click the drive letter and ull see a clean menu
congrats virus is removed
4. Now remove it from startup (Optional as files are deleted)
Winkey + R type “msconfig” hit enter
goto startup tab-> (uncheck) MDM -> OK -> Exit without Restart
How to prevent from this virus in feature
just right click any USB drive (that includes iPod) you have plugged into your PC
if they have currpoted menu the drive is infected
Access drive by typing drive letter and delete files from that drive
Remember you double click the curropted drive you get infected else ur safe
The End
Hey…Spc B here in Iraq… I have abour 20 people here with this virus… trust me .. if this work like i hope… we will all thank you!
@Tom
thanks Tom,
this can be due to several reasons
but try updating your display drivers and unplug ram and plug it in other slot swap if slots are full.
gimme more details about OS motherboard and graphics card
Very Good manual Guide-line for killing
Ravmon.exe and its links.
hey, mine is in small letters. how is that? i don’t get it. pls help me. can i just follow your guide?
Thanks for sharing this information with us.
But I’m infected by this virus in different way.
My pc start normally but after displaying desktop it halt my computer or slow down as I can not remove these file or do any work.
Any ideas appreciated, especially based on your extremely competent advice above.
Thanks,
Sadiq Ali
Sadiq try loggin in safe mode by pressing F8 before windows bootup screen
slowing down or hanging is not caused by ravmon i think
Hi,
I ahv a problem tht by pressing Alt+Ctrl+Del a message appears on screen “An application is disabled by administrator” and also folder options are not coming on tools menu.
What to do man?
Please help…………
Thanks in advance.
I tried but window doesn’t load in safe.
Thank you dear friend.. It did helped me alot to get out of this ****ing virus..
thank you
gytu
thank you bro, it helped us to kill this virus.
A tremendous discovery from u EMINEM but !!!!!!!!!…………………….one thing that makes me SAD
is that, no doubt we are successful in removing that VIRUS but along with that it made a usful feature of windows useless……….. n thats FILE HIDING OPTION in in which we are unable to unhide our files and folders, infact we are able to unhide those files and folders by a third party software but this doesnt makes any sense because that virus did it’s work by disabling a feature of WINDWOWS.
I was also being suffered a lot from this virus.
But after a long search i got the solution and that was a removal tool [RAVMON REMOVAL TOOL].
We have to just download that tool from http://www.mediafire.com and download it to our system.Further we have to run that tool by double clicking on the tool’s icon.
We will get the message, remove RAVMON from HARD DRIVE,USB etc.
Simply remove it and we will enjoy the benefits of our computer.
Do not worry about that fucks… I have made a software for that fucks. The problem is that you can not open any drive with dobule cilck and these files add some unknown language to your hard drive menu. so do not worry… farimarwat is still alive for you problem solutions… download my softw for free and scan your all drives, reboot your system for best result and get rid or RavMon.exe
http://www.geocities.com/farimarwat/setup.zip
farimarwat
pakistan
Some friends says that it do not start to download please right click on link and then “save target as”
This tool is only to burn for RavMon.exe with out any work hard
The name of this soft is Fari Auto Play Burner 2007
I am giving the link again http://www.geocities.com/farimarwat/setup.zip
soory but no one can kill ravmon because of the fucking windows and it’s registry. your Pc in not really yours ravmon is there forever
There is also orignal RavMon.exe of MicroSoft but my tool will only remove the fake RavMon.exe and AutoRun.inf
what is the procedure that the folder option work properly and 100% unhide all hidden files after removing Ravmon.xex and autoren.inf(149b).
plzzzzzz
inform me and send information at
shah_datcom@yahoo.com
shahnawaz_255106@yahoo.com
hey people m havin a problem with opening any drives of my system by simply double clickin…i go through the above procedure but i neither hav SVCHOST in task manager nor in windows folder….n not even MDM so plz can u help me out…thanx
before i work ur shown way the virus has disabled the folder option and search option. can u suggest me something?
I ahv a problem tht by pressing Alt Ctrl Del a message appears on screen “An application is disabled by administrator†and also folder options are not coming on tools menu.
What to do man?
Please help…………
what is the meaning of Process Explorer to kill the Process
please help me
am bac n wid more problems….lolz…….now this one has nothing to do with Ravmon but am stil pasting it here coz well i like dis page…now the prob is dis dat i have a small LAN of abt four pcs ..i hav AD installed on win 2000 server ..all oder pcs have win 2000 pro..recently I bought a new labtop dat has win XP preinstalled..I’m trying to connect it to the LAN ..I can use the internet but I cannot join the domain…it gives the following error:
[The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain IC.COM:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.IC.COM
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
IC.COM
COM
. (the root zone)
For information about correcting this problem, click Help.]
Can u plz provide a solution ????????
@pramod
its “new folder” virus not ravmon
@pam
alt ctrl del (task manager)
@peppy
try using custom dns
enter this
208.67.222.222
208.67.220.220
in primary and secondary DNS settings (in network card properties -> TCPIP4 settings)
for more info on this DNS check opendns.com
nope dosent work…………
love u thanks a lot u make me proud in front of my younger brother.
You can download my soft for this problem. It completly remove the RavMon.exe and AutoRun.inf. The link is http://www.geocities.com/farimarwat/setup.zip Right click on the link and then click “Save target as”, your download will be started.
if you have again any problem then email me. farimarwat@hotmail.com
Fari Marwat
hi,
if you need any kind of help..
ask me on my website http://tz.t35.com/mboard
i’ll be very happy to help you thanks!!!
well…mine problem seems different though its infected with Ravmon.exe…
in my task manager- processes, there are 6 SVCHOST.EXE…all in caps, no svchost.exe in small letter…and all these processes have got either SYSTEM, LOCAL PROCESS, or NETWORK SERVICE in front of it..there is no svchost.exe with my username in the task manager…
u think its possible?
wutever, its happening in my system
cud u help me out dude?
@Ashish
i dont think its running then
just end all SVCHOST as you can some of them will appear back but no problem
and continue other steps to remove ravmon
Hi. Can I ask your help my laptop has been infected w/ W31.Imauy.AY and it disable the task manager ang regedit and it closes the other programs when I open it. after When after I enable the task manager ang regedit everytime I open it stay for only a few seconds then it closes automatically. Because of the problem i encountered I can’t stop the process of SSCVIHOST.EXE in the task manager. Hope the you could help me w/ my problem. Thnks and God Bless….
Thanks for such a nice help, i recovered my system from that virus successfully.
EMiN3M your procedure is good but you have done a mistake you do not know that When we a windows system is infected with virus we can open folder options but the options “Show Hidden files and folders†and “Hide System protected files†will not be working anymore.thanks
Brilliant solution and thanks for the step by step process. It is much appreciated. Thanks a lot.
thanks dude , very nice tut.
Thanks so much!!!!
this is the best help in the www for this ravmon shit. thanks !! greetz from germany!
Hey dude thanx a million, we upto our necks in this b.s, but i still cant unhide my files, any solution to that?
@EMiN3M
i managed to get rid of this virus manually but my “show hidden files and folder function” is not working.
plz help me with this problem.
SVCHOST.INI NOT SVCHOST.DLL, but thanks anyway, works like MAGIC!
Hi friends…I am back with update..
I have updated my tool to remove the ravmon.exe completly from your all drives….
http://www.geocities.com/farimarwat/setup.zip
copy the link and paste it into your browser addressbar
If you find any problem then email me.
fari marwat
farimarwat@hotmail.com
thanx for the help…. very appreciated!!! im from malaysia….
Thanks so much, Eminem!! Your solution is still the only one that helped me. Your help and clear steps are much appreciated. You saved my day!
@all
anybody know about the new virus which crushes the file system of the pen drive to RAW file system and make it useless…. ?
is there any remedy for this damage ? plz help me with this thanks…
Hi I followed all the instrustion that u told one thing i could find is that the svchost.dll file was not there rest of the things I did now the files RavMon.exe and autorun.inf files are not there in any of the drives but still i\’m not able to see the hidden files… its sill the same case….
Please help me… Is there anything else that i should do?
just thanks mate !!!!
Salam again….
Now I amagain with updates..
Evil Eyes Tool::::
I have made a tool for New Folder.exe and a worm that creat exe file with the name of same folder. It also remove Indonasion Smile virus. It with bring back your all folder option problems..
Go to the site and download New Folder.exe removel tool for free
http://www.marwattimes.netfirms.com
I have also updated Fari Burner 2007 to F.B.I 2008
It remove all kind of worms that creats drive opening problems.
farimarwat
anybody know about the new virus which crushes the file system of the pen drive to RAW file system and make it useless
Thank you for your simple and fast solution
Nice one!
thanks