none
Virus Trouble RRS feed

  • Question

  • My lab computer is infected by fujak virus.

    whenever i tries to open Regedit,CMD,Msconfig,internet explorer or any other system operation it restart my computer.

    So can anyone tell me how to Remove that virus without reformating my system.

    also is there any way to open registry in this condition..

    Friday, September 14, 2007 5:02 AM

All replies

  • Update your antivirus and then run a full system scan.Nowadays every antivirus can track and delete "FUJACK",

    if the problem still persist then use hiren's boot cd which you can download after a few googling.

    The last option is to Format your hard disk.

    Friday, September 14, 2007 6:41 AM
  •  

    Use Latest anitivirus like Norton Antivirus 2008

    Update it completely and then run a full system scan

     

     

    http://www.symantec.com/security_response/writeup.jsp?docid=2007-020812-2448-99&tabid=3

     

    Use this link to get more information

    Friday, September 14, 2007 11:07 AM
  • hello brother
    ive been recently using "quick heal"
    according to me it the best one in the bussineess
    u can find it at
    http://www.freedownloadscenter.com/Utilities/Anti-Virus_Utilities/Quick_Heal.html
    Friday, September 14, 2007 11:16 AM


  • U can use avast antivirus (home edition) thats free for every body.
    After installation it will prompt for the boot time scan
    select that option & restart
    perform boot time scan
    it will clean all viruses
    Friday, September 14, 2007 4:35 PM
  • use any antivirus like McAfee or Norton and then repair your Windows using the XP CD and remember REPAIR not INSTALL
    Friday, September 14, 2007 7:46 PM
  •  

    fujack a worm that spreads via network shares and file infection. It can also download and execute arbitrary files and terminate processes and services on the affected system. When executed, Emerleox copies itself to the %System%\drivers directory as "CTMONTv.exe". The worm then modifies the registry so that the main executable runs at each Windows start:

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run\svcshare = "%System%\drivers\CTMONTv.exe"

    These entries are usually recreated regularly.

    Note: '%System%' is a variable location. The malware determines the location of the current System folder by querying the operating system. The default installation location for the System directory for Windows 2000 and NT is C:\Winnt\System32; for 95,98 and ME is C:\Windows\System; and for XP is C:\Windows\System32.
    Saturday, September 15, 2007 5:30 AM
  • start ur computer in safe mode with command prompt.

    selete any *.inf or .exe file in hard drives.

    if u are able to then typr attriv -s -h filename.

     

    delete any exe file from system32 which u see after dir/ah

     

    use process explorer to terminate any unwantd process.

     

    empty startup adn services.

     

    then remove any unwanted exe u dnt aware of.

     

    i m in hurry so writing a little short.

     

    will send u complete steps after some time.

     

    any other query, reply.

    Saturday, September 15, 2007 11:09 AM
  • again i will suggest bullguard for your virus it detects it n will remove it.

     

    Thursday, October 4, 2007 3:29 PM
  • there r many tools available. ex- RRT.exe

     

    But i gave a manual way.

     

    I have uploaded a whitepaer "Removing viruses manually' on studentrockstar.com

    Check it out.

    Sunday, October 14, 2007 4:07 PM
  • 1. Find and delete the virus file.
    2. Restore the system to some previous date. It works..

    The (2) point itself is sufficient normally.
    Sunday, October 14, 2007 5:49 PM
  •  

    install quick heal total secuirity 2007 in different System & update it & make a bootable antivirus CD from it & boot infected system
    Monday, October 15, 2007 10:16 AM

  • try this

    http://www.sophos.com/security/analyses/w32fujacksai.html
    Monday, October 15, 2007 12:18 PM
  • hi dear if u r system files r deleted means then u can't able 2 reback by putting antivirus just u can remove tat virus.. if u just need 2 remove virus means u better go 4 MCAFEE advanced  version through u can remove virus 4m u r system... if u want 2 reback u r system files means u should reinstall u r os again k...

    Wednesday, October 17, 2007 8:11 AM
  •  imran_khan_cc9020 wrote:

    My lab computer is infected by fujak virus.

    whenever i tries to open Regedit,CMD,Msconfig,internet explorer or any other system operation it restart my computer.

    So can anyone tell me how to Remove that virus without reformating my system.

    also is there any way to open registry in this condition..



    Have u notice that ur folder icons have been changed??

    First try by making a new account and open it u will get ur things back if not  then:-

    Try this open dos and type:-

    1)cd\
    2)dir /aTongue Tiedh
    3)if you see any heap41a like folder delete it
    4)if u can't install Tuneup Utilities it has its own regestry editor and process manager.
    5)use them
    6)first stop a svchost process using svchost.exe file in c:\heap41a folder

    7)scan ur system with panda 2008 or norton 2007 fully updated as these some new trojans + viruses aren't detected and removed well by avg ,mc afee etc we have tried many and found these two working well frm them.
    Thursday, October 18, 2007 9:34 PM