32.Virut.g Virus Help!!!!!!!!
Solved/Closed
Jack Rex
Posts
177
Registration date
Saturday January 2, 2010
Status
Member
Last seen
August 13, 2016
-
Jun 19, 2010 at 03:35 AM
Gervarod - Jul 2, 2010 at 02:23 AM
Gervarod - Jul 2, 2010 at 02:23 AM
Related:
- 32.Virut.g Virus Help!!!!!!!!
- Tiktok live studio 32 bit download - Download - Video recording and streaming
- Goose virus - Download - Other
- Tiny 11 32 bit download - Download - Windows
- Can jpg have virus - Guide
- Online virus scan - Guide
4 responses
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 19, 2010 at 05:54 AM
Jun 19, 2010 at 05:54 AM
Greetings Jack,
Cute little rootkit you have there!:)))
To remove it, please follow these instructions to the letter, I strongly suggest that you print them:
1. Close all programmes and windows including this one.
2. Important, disable System restore.
3. With the Search utility search for and delete the following files:
%WINDIR%\system32\wbem\logs\ntevt.log
%WINDIR%\system32\wbem\logs\wbemsnmp.log
4. At command prompt, run, type regedit and enter. Your registry editor will open.
5. Click on edit and then search
Type the following key exactly. ensure not to make any mistake.
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\
Once the key is found, look in the right pane for:
* logging = 0
Delete the key, (click on it and press delete, confirm your decision)
6. Repeat the procedure for the next keys
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\ntevt\
* file = c:\windows\system32\wbem\logs\\ntevt.log
* level = 0
* maxfilesize = 4335
* type = file
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\wbemsnmp\
* file = c:\windows\system32\wbem\logs\\wbemsnmp.log
* level = 0
* maxfilesize = 4335
* type = file
7. Close the registry editor and reboot your system
8. Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
Once your computer is clean and working normally just to be on the safe side
*Turn system restore back on and create a new restore point.
Wow, that is a lot of typing, I have cramps in my fingers.
Let me know how happy you are
Regards
Cute little rootkit you have there!:)))
To remove it, please follow these instructions to the letter, I strongly suggest that you print them:
1. Close all programmes and windows including this one.
2. Important, disable System restore.
3. With the Search utility search for and delete the following files:
%WINDIR%\system32\wbem\logs\ntevt.log
%WINDIR%\system32\wbem\logs\wbemsnmp.log
4. At command prompt, run, type regedit and enter. Your registry editor will open.
5. Click on edit and then search
Type the following key exactly. ensure not to make any mistake.
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\
Once the key is found, look in the right pane for:
* logging = 0
Delete the key, (click on it and press delete, confirm your decision)
6. Repeat the procedure for the next keys
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\ntevt\
* file = c:\windows\system32\wbem\logs\\ntevt.log
* level = 0
* maxfilesize = 4335
* type = file
HKEY_LOCAL_MACHINE\Software\Microsoft\wbem\providers\logging\wbemsnmp\
* file = c:\windows\system32\wbem\logs\\wbemsnmp.log
* level = 0
* maxfilesize = 4335
* type = file
7. Close the registry editor and reboot your system
8. Download, install and run Malwarebyte which you can find on this site:
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/ es-anti-malware
Ensure you make an update.
Please request a FULL system scan, which may take from 20 minutes to hours. Do not interfere no matter how long in takes. The creators of Malwarebyte recommend that while the tool is running that you go do something else, such as watching a rerun of Gone with the Wind or read Tolstoy's War and Peace.
If Malwarebyte restarts your system, launch it again to finish the Full scan.
When the scan is completed, delete all items found.
Once your computer is clean and working normally just to be on the safe side
*Turn system restore back on and create a new restore point.
Wow, that is a lot of typing, I have cramps in my fingers.
Let me know how happy you are
Regards
Jack Rex
Posts
177
Registration date
Saturday January 2, 2010
Status
Member
Last seen
August 13, 2016
7
Jun 19, 2010 at 09:34 AM
Jun 19, 2010 at 09:34 AM
I can not find the registry key or file you have typed even in safe mode. I cannot find logging folder in the registry.
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 19, 2010 at 04:54 PM
Jun 19, 2010 at 04:54 PM
The virus must have muted again, for there are several variants even if yours was identified as V.
To keep your system safe, you must follow the instructions hereunder to the letter:
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
During the process, please do not mouse click nor must you tap on the keyboard. Let the tool run.
Once you are done, paste the log here and report to me on how your system is behaving.
Good luck
Ambucias
To keep your system safe, you must follow the instructions hereunder to the letter:
1. Download Combofix to your desktop.
http://www.combofix.org/download.php
2.Close all open Windows including this one.
Close or disable all running Antivirus, Antispyware, and Firewall programs as they may interfere with the proper running of ComboFix.
3. Double click on the ComboFix icon.
Windows is issuing this prompt because ComboFix does not have a digital signature. This is perfectly normal and safe and you can click on the Run button to continue.
4. Accept the disclaimer and the recovery
5.You should now press the Yes button to continue. If at any time during the Recovery Console installation you receive a message stating that it failed to install, please allow ComboFix to continue with the scan of your computer.
ComboFix will disconnect your computer from the Internet, so do not be surprised or concerned if you receive any warnings stating that you are no longer on the Internet. When ComboFix has finished it will automatically restore your Internet connection.
While the program is scanning your computer, it will change your clock format, so do not be concerned when you see this happen. When ComboFix is finished it will restore your clock settings to their previous settings.
If you see your Windows desktop disappear, do not worry. This is normal and ComboFix will restore your desktop before it is finished. Eventually you will see a new screen that states the program is almost finished and telling you the programs log file, or report, will be located at C:\ComboFix.txt.
During the process, please do not mouse click nor must you tap on the keyboard. Let the tool run.
Once you are done, paste the log here and report to me on how your system is behaving.
Good luck
Ambucias
Ambucias
Posts
47356
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,168
Jun 25, 2010 at 04:15 PM
Jun 25, 2010 at 04:15 PM
Greetings King Jack,
As you may noticed the Combofix log does not appear on this thread because is was filtered a the prohibited word about file sharing appeared, so I was not notified.
How is your system performing now?
Are you able to run a full system scan with Malwarebyte as I indicated June 19th?
As you may noticed the Combofix log does not appear on this thread because is was filtered a the prohibited word about file sharing appeared, so I was not notified.
How is your system performing now?
Are you able to run a full system scan with Malwarebyte as I indicated June 19th?
