BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 0d, 8h, 0m | CPU: 10% | MEM: 4019MB of 10245MB used
{The community for beta collectors}

Forum rules


Any off topic discussions should go in this forum. Post count is not increased by posting here.
FTP Access status is required to post in this forum. Find out how to get it


Post new topic Reply to topic  [ 39 posts ]  Go to page 1, 2  Next
Author Message
 PostPost subject: Removing Viriut32        Posted: Tue Jun 09, 2009 1:46 am 
Reply with quote
Donator
User avatar
Offline

Joined
Wed Oct 24, 2007 12:21 am

Posts
2068

Location
Australia

Favourite OS
Neptune/Whistler2419/Linux Mint
Does anyone know how to remove it properly? my brother has it on his windows pc, he has formatted his c drive, and reinstalled windows ( he didnt format his other drives ) and the virus keeps on coming back and f**king up his internet,his anti-virus apps, it modifies exe files, its a royal pain in the ass. :x

_________________
Never Fear,Captain Sweatpants is Here!
*http://osbetaworld.b1.jcink.com/*


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Tue Jun 09, 2009 2:02 am 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 23, 2008 3:25 am

Posts
2688

Location
Earth.

Favourite OS
Real Life
if it is windows xp, try ComboFix (google it)

_________________
Visit my BLOG!
Wanna play a fun browser based game that plays while you're away? Click here.


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Tue Jun 09, 2009 3:00 am 
Reply with quote
Donator
User avatar
Offline

Joined
Wed Aug 27, 2008 12:52 am

Posts
890

Location
United States

Favourite OS
Windows Server 2008 Standard
you can also tell him to stop visiting websites that would infect his computer... And use Combofix, it helped me removed a nasty trojan that kept killing explorer.exe

_________________
Image


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Tue Jun 09, 2009 3:03 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
I usually recommend a combination of Spybot's Immunize feature along with Malwarebytes Anti-Malware and AVG, it's the best combination of easy, works well and free that I can find.

First, download the Slim version of CCleaner to clean all your temp files out, some of which might be the malware in question.

Now run 'msconfig' and just shut off everything in the Startup section. Then go to Services and check the Hide all Microsoft Services box and uncheck anything that's left. This is going to shut all sorts of stuff off but it's going to make it easier to work. You can go back in and turn what you need back on once all the malware is gone.

Install MBAM: http://download.cnet.com/Malwarebytes-A ... tag=button

Update and run a full scan, restart and run a full scan again. Repeat until it doesn't find anything. After that follow the same steps with your anti-virus.

If it's one of those pain-in-the ass things that won't let you run any anti-malware software you can always use a resource/hex editor to change the internal names/version numbers in the anti-malware software. That usually works for me.

If you think you have a rootkit you might try Radix Anti-Rootkit or GMER, but be careful because you might end up hosing your system. Pretty much any Anti-Virus and tons of other legitimate software will show up on these that you won't want to remove. If either of them find anything and you don't recognize it then Google the file/service/whatever name before you go removing them. I've found with both of these the full scan usually ends up crashing/freezing at some point so it's better to scan and deal with each section individually.

Another nifty little application to keep on hand is hijackthis. You can also break things with this if you remove the wrong ones, so be cautious.

If this is something that's happening quite often you might have him change browsers, the best though is to just show him that he shouldn't be just clicking 'Yes' on every dialog box that pops up and installing every application he comes across.


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Tue Jun 09, 2009 11:41 am 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
pizzaboy192 wrote:
if it is windows xp, try ComboFix (google it)

No, ComboFix won't do it, the virus infect cmd.exe too and since components of ComboFix uses command prompt, it'll fail. Here, use AVG Win32/Virut Removal tool, just run it and if it detect the virus executable is running in Windows it'll ask you to restart and it will start scanning before logging in into Windows (just like boot-time defragmenter does).

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Wed Jun 10, 2009 1:57 am 
Reply with quote
Donator
User avatar
Offline

Joined
Wed Oct 24, 2007 12:21 am

Posts
2068

Location
Australia

Favourite OS
Neptune/Whistler2419/Linux Mint
THANKS GUYS :D i.ll try all of your suggestions

*he,s runnung windows xp professional sp3

_________________
Never Fear,Captain Sweatpants is Here!
*http://osbetaworld.b1.jcink.com/*


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Wed Jun 10, 2009 2:16 am 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
Try the software FarCry3r posted before doing anything I mentioned, it might save you a lot of time.


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Fri Jun 12, 2009 9:28 am 
Reply with quote
Donator
Offline

Joined
Fri Oct 26, 2007 5:12 pm

Posts
2461
Thlump wrote:
you can also tell him to stop visiting websites that would infect his computer... And use Combofix, it helped me removed a nasty trojan that kept killing explorer.exe


That's just stupid. I could come to BA tomorrow and get spyware or a virus.

betaluva: Google says there's no cure, and you must format. See
http://evilfantasy.wordpress.com/2009/0 ... -the-rise/
http://www.computer-juice.com/forums/f4 ... post110872


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Fri Jun 12, 2009 10:54 am 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
happy dude wrote:

Then why Google on my web browser said otherwise? Have to even taken your time to read through the whole (short) thread before posting? See my post no #5

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Fri Jun 12, 2009 6:01 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 23, 2008 3:25 am

Posts
2688

Location
Earth.

Favourite OS
Real Life
happy dude wrote:
Thlump wrote:
you can also tell him to stop visiting websites that would infect his computer... And use Combofix, it helped me removed a nasty trojan that kept killing explorer.exe


That's just stupid. I could come to BA tomorrow and get spyware or a virus.

betaluva: Google says there's no cure, and you must format. See
http://evilfantasy.wordpress.com/2009/0 ... -the-rise/
http://www.computer-juice.com/forums/f4 ... post110872


There IS a way... but most people don't like it because it requires out smarting the virus the hard way... Linux
Boot into a NON-Writeable media based version of linux (CD or DVD) and make sure it has the latest version of Clam Antivirus. Scan the disks, and keep the infected files somewhere where they can't do much damage (Usually you will want to burn them to a CD, or put them on an SD card and then lock it. This is important because you can see what files you need to replace\repair) I am not sure if Clam has a repair feature, it might, and try that first. When your whole disk is scanned, it WILL be clean. Reason: Virut32 can't run on linux =)

_________________
Visit my BLOG!
Wanna play a fun browser based game that plays while you're away? Click here.


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Fri Jun 12, 2009 11:10 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Tue Aug 12, 2008 7:37 pm

Posts
2381

Location
United States
The Linux method would be faster for most people if you have ever used Linux before (which I think a good number have here) but I don't think it would matter if the Linux media was rewritable or not (even on a hard drive) unless you use fat32 for your Linux partition :P.


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Sat Jun 13, 2009 2:36 am 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
pizzaboy192 wrote:
happy dude wrote:
Thlump wrote:
you can also tell him to stop visiting websites that would infect his computer... And use Combofix, it helped me removed a nasty trojan that kept killing explorer.exe


That's just stupid. I could come to BA tomorrow and get spyware or a virus.

betaluva: Google says there's no cure, and you must format. See
http://evilfantasy.wordpress.com/2009/0 ... -the-rise/
http://www.computer-juice.com/forums/f4 ... post110872


There IS a way... but most people don't like it because it requires out smarting the virus the hard way... Linux
Boot into a NON-Writeable media based version of linux (CD or DVD) and make sure it has the latest version of Clam Antivirus. Scan the disks, and keep the infected files somewhere where they can't do much damage (Usually you will want to burn them to a CD, or put them on an SD card and then lock it. This is important because you can see what files you need to replace\repair) I am not sure if Clam has a repair feature, it might, and try that first. When your whole disk is scanned, it WILL be clean. Reason: Virut32 can't run on linux =)

Or just have the AVG removal tool running before Windows even started. Result would be the same as running anything on linux ;)

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sat Jun 13, 2009 2:37 am 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 23, 2008 3:25 am

Posts
2688

Location
Earth.

Favourite OS
Real Life
but linux is completely remote to the OS, AVG has to boot part of the OS, and if any system boot fiels were corrupted, your pc is still borked because AVG will be borked

_________________
Visit my BLOG!
Wanna play a fun browser based game that plays while you're away? Click here.


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sat Jun 13, 2009 3:47 am 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
pizzaboy192 wrote:
but linux is completely remote to the OS, AVG has to boot part of the OS, and if any system boot fiels were corrupted, your pc is still borked because AVG will be borked

Well, I don't understand the inner working of a binary code, but AVG run before Windows boot thus still rendering the virus useless. At least that was in my case. Virut was removed successfully without any need of reformat. :mrgreen:

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sat Jun 13, 2009 10:26 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 11, 2007 9:13 pm

Posts
1999

Location
United States

Favourite OS
MacOS 9.2.2
hmm, could Avast be an option? I've used avast! for awhile, and I like it

_________________
James *~*~* BA Moderator | Alternate History writer


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 3:54 am 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 23, 2008 3:25 am

Posts
2688

Location
Earth.

Favourite OS
Real Life
I use Avast! for my PC systems at home and wherever I can install it (then run a boottime scan first thing after unless I know the disks are clean (Complete format... etc...)
I still say that using Linux would be your best bet for a badly infected system.

_________________
Visit my BLOG!
Wanna play a fun browser based game that plays while you're away? Click here.


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 10:10 am 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Nov 09, 2008 12:09 am

Posts
2480

Location
Bristol, UK

Favourite OS
Windows 8
Just to say, I highly do not recommend AVG as your virus scanner. I've found it to be sluggish, annoying, slows down the computer and also misses several viruses which avast had to clean up after of.

_________________
Image


Top  Profile  WWW
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 1:21 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Sat May 12, 2007 1:05 pm

Posts
5271

Location
The Collection Book

Favourite OS
Windows & Phone
Rioter wrote:
Just to say, I highly do not recommend AVG as your virus scanner. I've found it to be sluggish, annoying, slows down the computer and also misses several viruses which avast had to clean up after of.


I am totally the otherway around.

I like AVG.
For me it has an better interface then avast.

But still it is a matter of taste.

Every Anti-virus product has it advantages and disadvantages.
So it is really upon the user to decide what product they should use.

_________________
Image
http://www.thecollectionbook.info
Subscribe to our Image for updates and like us on Image.

Reading Mode only, PM's possible.


Top  Profile  WWW
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 1:52 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Nov 09, 2008 12:09 am

Posts
2480

Location
Bristol, UK

Favourite OS
Windows 8
Really, you should mark the AV utility on how well it detects viruses, not on the aesthetics. AVG v8 does look good, I will say that (then I have seen this imitated on my brothers computer to display a fake av scanner which completely thwarted his computer), but it has failed on detecting viruses which avast and nod32 have discovered.

Anyway..

_________________
Image


Top  Profile  WWW
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 2:49 pm 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
DjRob wrote:
I am totally the otherway around.

I like AVG.
For me it has an better interface then avast.

But still it is a matter of taste.

Every Anti-virus product has it advantages and disadvantages.
So it is really upon the user to decide what product they should use.

I'm totally agree with DjRob, if you ask me, AVG still OK, but stay far far away from Avast. Bad UI, and it's frequent false alarm make me sick.

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 3:02 pm 
Reply with quote
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12467

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
I actually prefer Avast over AVG now after having so many problems with AVG. I'd recommend it any day.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 3:03 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Thu Oct 11, 2007 9:13 pm

Posts
1999

Location
United States

Favourite OS
MacOS 9.2.2
<3 avast!

_________________
James *~*~* BA Moderator | Alternate History writer


Top  Profile
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 8:43 pm 
Reply with quote
Staff
User avatar
Offline

Joined
Sun Nov 09, 2008 12:09 am

Posts
2480

Location
Bristol, UK

Favourite OS
Windows 8
Well when Microsoft's new free antivirus tool comes out we'll see if it does any better than avg or avast.

_________________
Image


Top  Profile  WWW
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 9:08 pm 
Reply with quote
Donator
Offline

Joined
Thu Nov 08, 2007 6:08 am

Posts
819

Location
Malaysia
Rioter wrote:
Well when Microsoft's new free antivirus tool comes out we'll see if it does any better than avg or avast.

Yes, I'm still waiting. My Ms source have it already in his possession, but he won't leak it as one need to sign NDA to use the beta, meh...

_________________
Image


Top  Profile  WWW  YIM
 PostPost subject: Re: Removing Viriut32        Posted: Sun Jun 14, 2009 10:30 pm 
Reply with quote
Donator
User avatar
Offline

Joined
Fri Jun 13, 2008 10:22 am

Posts
2366
On maybe two occasions I've had issues with AVG, and those were problems that would have also occurred with any other anti-virus on the same machines. The computers I was installing it on were so messed up to begin with that the install wouldn't even finish, nor would it remove everything it had changed during the attempted install, so I had to manually remove files and registry entries, which isn't really any big deal.

The reason I will not use Avast! is that it requires registration. I can't be putting free anti-virus on machines for people and then requiring them to register their email address to use it. People don't want to deal with anything, they just want their computers to work, but they want anti-virus, and they don't want to pay for it.

I'm thinking about trying out Avira AntiVir on a suggestion from Tom's Hardware.

Best Free Anti-Virus software: There was no contest with the freebie –Antivir was above and beyond its competition. Enough said.

For not-so-powerful PCs and gamers: With respect to anti-virus software, gamers and owners of older and less-powerful PCs come together in wants and needs. They need software that is as light as possible on the performance of their processors. For these requirements, it’s Norton that ekes out the win. After Norton, AVG and Comodo also gave us some pretty good results.


Top  Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 39 posts ]  Go to page 1, 2  Next




Who is online

Users browsing this forum: No registered users and 9 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS