+1 for using Dr.Web LiveCD but comodo just wasted 15 mins of your video. Use any portable browser (so any remaining infected plugins dont run through the already installed browsers) and open this webpage (ninite.com/malwarebytes/ninit­e.exe) which will download a silent untraceable (so nothing can block the download or installation) of malwarebytes. After all malicious files and registry entries are deleted reboot and install a proper antivirus like Eset or Kaspersky.

malwarebytes ftw rofl...

Hey...i got a question~~i pc just got virut...and i decided to format!!!should i delete partition or format partition???if i just format the partition..i scared the virut still there!!!

Talking about Bob Ross? Bob Ross mofucka!

I have had sality for years now but it is really starting to become anoying

The method u say is very long and needs it is much quicker to format , but format all your hard drives you can format C: 100 times and reinstall windows but the virus will still show because files in D: are infected

Malwarebytes + Avira KICKS ASS!!!!

I wonder how many people follow to the letter what is said, and remove the network connection whist watching the video! I told my friend who is not good at computers about this video, and phoned me saying the video was not playing!

Alright my friends pc won't let him open anything and it disables the wifi he said he had avast installing(lol) and went to open a game which was a .exe (minecraft lol again) so I wanted to help him but didn't know how and I didn't try this yet

malware expert is different from IT technician...fucking technician...he just covered his ears because of his pride...i can kill this malware...he can't hahahaha...so our office is so doomed everyday...spent so much money...i don't wanna go in front of the line and present myself to our boss coz i just wanna laugh off at his ass

yea, i had sality on my pk 4 years ago. Very agressive virus, but i kill him myself =)

Hi .. What is a SPIKED Media File? Thanks for the tutorial..

Hate Virut!!

Whatching thsese m akes me wanna check my Task Manager.

aw, Snap :))))) =)))) lol

GJ man, for detect

my computer keeps freezing. what can i do?

i just wonder exe files are infected but it doesn't do much at all in a 64 bit environment

google chrome crash:

"aw, snap!"

lol!

66,666 view WOW!

sality balls lol

wow! I think I know your approach but. I have been working on desinfecting my friends and neighbors computers. Sometimes takes me 3 or more hours to desinfect. A clean install with drivers and everything may take me 90 min. I just need to back up the files of my customer. and the confidence doesn't compare with antivirus crap. Sorry! took you 41 min for this video. wonder the time spent cleaning this pc. Thanks anyway. Confidence vs Saving configuration on the PC. mmm CLEAN REINSTALL for ME.

These viruses poisoning ALL hard drive, not only C:\ ... You will do your CLEAN REINSTALL to the end of the world...

you shut down in computer i shut up your ugly mofo

i had a virut as my first virus on PC but my PC survived because ESET smart security 4.0 deleted it!

firefox+ ad block plus+ noscript+ common sense= no viruses :\

but yeah- patching bugs are the WORST

nice video thanks

So you make videos of yourself breaking software licenses- using free for home

use software to make money. The other one is of you using malwarebytes in

the same way. You're wonderfully unscrupulous!

I'm in st Louis, giving YOU the finger.

Ty vm u saved my comp from sality my got ty for this video

If you are an YouTube partner, you can upload such long videos.

@mrizos the man with the fro is Bob Ross always liked to watch the guy was a great painter

in SOVIET RUSSIA, Virus cleans YOU.

@vadimyuryev Soviet russia jokes SUCKS

@vadimyuryev STOP SPAMMING WITH YOUR F*CKING SOVIET RUSSIA.

@gmoiasovghb87fa in soviet russia spam, without stoping, fuck you :D

@Skyarkhangel I just hate spammers , do you have any problem with that?

How can I make a Backup if i have this virus running? I mean what kind of files can I put on a dvd or cd rom

Wow. This is amazing. I would not be typing now if you didn't do a video on this!!!

:-)=====:-)

Ummm, it's called procexp.exe and cacls.exe, you don't need Comodo for that.

42 min WHAT THE FUCK?!

Is the purpose of this video to dissuade people from using Comodo? XP is running the same speed as if it was badly infected

mrizos all ur video is the best in utube:)

format ur pc...scan other drive wit cureit...

the best way to destroy dis fucking sality...

only scan exe not other files....

You should download malwarebytes from original website, and you should deffently uninstal Ask toolbar because of potential pishing and browser exploit. Besides that, maybe your version of virut can get destroyed this way, but most of virut viruses requires full formating, and unpluging computer mannualy to remove virut from memory,

How does does the scan take on average? Does anyone know?

i have 3 boot cd's just incase xD

This is the same fucking virus that molested my pc, fuck the guy who made this he would die a violent death for sure ><

41:58 ?????

The stupid thing is, the Dr.Web scanner just deleted a core .exe of your computer; winlogin.exe.

@TheRokurai it didnt delete it it cured it...there is a difference.

i am so stupid, I disabled internet while watching... T_T

here is the channel and videos that all you must see

THANK YOU!!! I believe you have just saved our server! ^_^

Run a scan find the viruses and shift+delete ,and yes.done

how is the vid this long ?????????????

@bigdaddyct123 he is partner

Always when I start my computer its really annoying becuse internet starts up and its a fucking commercial and when i close it it comes 300 peaces of internet ads and when i close them it comes more.. I'll appreciation some hel :S >:@

Lots of results for ComboFix....otherwise, good video.

hahahaha nice "as long as your not in ST Louis i dont care" nice

awsome vid man! thanks a lot!

WINDOWS ITS UNSAFE always many viruses are being installed by stupid mistakes and you need to pay for everything .start using linux my friend is 100% safe no virus no malware . llinux its free just download the UBUNTU version on your desktop burn the iso file in cd then install the linux version called UBUNTU

Virut and ALL of its variants wil NEVER touch PICTURE files, VIDEO files and MUSIC files.

if you are a pirate, back those up to another harddrive and make sure ONLY MP3s, videos, .txt files and jpg-jpeg-png and such and such files are on that drive. Then format your windows and reinstall. Your media will be safe but your personal stuff will be gone :-\. Got this virus three fucking times so far, I'm furious as fuck!

do i have to delete my exe files...?

tons of exe inside my disk..

urgh...

@TouchInformant just re format your drive and your done for god sake it takes so fast that way

Thank you for this video. It helped me restore my infected computer. I have vista 64bit so I had to make some modifications of my own because Dr. Webs LiveCd isn't compatible with 64bit yet.

man your video deserve 100000000000000000000000000000­00000000 views and all your videos really help me and my friends thanks man u the best

Thanks 4 the recommendation! will try it right now. VIRUT SUX

@Marcotribalwarrior VIRUS SUX* hehe :D

@AirSpeed92 Virut is a virus that is mentioned in the video,

I downloaded the live CD and ran it on a laptop last night. When I woke up, it was STILL scanning (6 hours later). It wasn't frozen - just scanning. This is a laptop with only a 40 gig hard drive! Am I missing something? I even had "fast scan" enabled.

just one question, what is svchost.exe ? i have it in my task manager

@swordofkings343434 The Svchost.exe file is located in the %SystemRoot%\System32 folder. At startup, Svchost.exe checks the services part of the registry to construct a list of services that it must load. Multiple instances of Svchost.exe can run at the same time. Each Svchost.exe session can contain a grouping of services. Therefore, separate services can run, depending on how and where Svchost.exe is started. This grouping of services allows for better control and easier debugging.

@Banjalukagimanazija thank you

I have a problem. Somehow, after cleaning, Virut manages to redownload itself. I thought maybe mapping the Virut IP addresses to localhost in the hosts file would work, but it didn't.

@ShadowRSonic try disabling System Restore!

Nah. It is because the virus connects to an IRC network on connecting to the internet. I fixed this by downloading sygate firewall. Sygate Firewall is a lifesaver. I 100% reccommend it.

I have the same problem, does anybody knows the solution?

I have had the excat same issue

QUERY: I am a big fan of Dr. web. I downloaded and burned the Dr. web Boot CD. It booted the PC perfectly. GUI came up just like in this video.

I did EXACTLY what Matt did in this video.

The scan starts VERY slowly for about a minute and then STOPS! I've tried this several times on 2 PCs. Same thing. Why won't Dr. Web run? Does anybody know?

Big Free AntiMalware resource

cleanbytes . net

Cleaned up my computer and already noticed a performence increase.

@mrizos, does your site offer any malware removal courses? or do you have an official irc channel? im working at a pc repair shop and would love to expand my knowledge in malware removal. thank you so much for this tutorial, it has helped me tremendously.

The Trojan viruses always try and hide in my folder called "critical.exe" is that folder important

64bit is more powerful and stabil

Lol @ pornhistory around 8:43.

lol i saw it too. the internet is such a great place for porn !

why would you unplug your ethernet cord? the video will stop duh i dont even have to do that

some viruses can spread to email contacts, other computers on your network, usb drives and also download more viruses.

UPDATE : I was just informed that a BOOT CD Cannot receive an internet connection if the PC it is in is using WIFI. You MUST have a wired (LAN) connection in order for a boot cd to receive updates. It has to do with the drivers that are in most Boot CDs. They are LINUX based. Finally I now know.

i tried installing the drivers for my wireless on the boot disk and it does NOT work, somehow they thought it would be best to thin this live cd out soooooo much that firefox&update is incapable to be used for some users with a internet connection ONLY to wireless... tough luck then..

@bmw2go11 : WOW! I didn't know they had drivers for wireless. Doesn't surprise me that they didn't work. Those drivers have to be added by the Linux ppl in order for success 2B achieved.

Its cool tho. Those drivers will be added in future updates of Linux.

ya some linux nerds made wireless drivers for some specific usb linksys wifi cards. The drivers work in REAL lunux, just not this version. Ow and the firefox in the live cd is old and crappy id say ~2.4 (i can tell because i help script some things for firefox, no joke! and i have to try the code on all firefox versions before releasing it.)

Where can you buy a bootable disk?

I thought i was good but you are INSANE!!!

btw, im 14 and so far ive fixed quite-a few computers, mostly trojans.

I have a question for you, can the updates downloaded be saved on a flash drive?? That would be great on a pc without access to the internet.

@bmw2go11 : I just did that!! I have MBAM, A2, Dr. Web and Superantispyware on a USB stick!!

It's a little tricky at first, but I figured it out. I update any of the AVs on my PC before I go to a friends house to clean their computer. The main worry is that, if their PC is HIGHLY infected, it could end up infecting YOUR usb stick. Matt's usb stick is always getting infected for just that reason. Its still fun tho.

since then my computer had a tracking virus& it spread all over my portable media (iphone, flash drive, ipod, digi. camera, etc...) and it also managed to high-jack my home server, then it got SERIOUS!! i had to format EVERYTHING!! every computer connected to that server, it got 6 out of the 10 pc's!!! NEVER AGAIN will i download torrents, be safe and just BUY IT!!!

I downloaded the Dr. Web CD. I also downloaded the Bitdefender CD. One thing I can't seem to figure out. How do I get it to UPDATE virus definitions in the Bootable environment? NO internet connection is detected when I'm in that environment. What do I do to get my Internet connection to work when I place a boot cd in? ANYONE KNOW??

Would you be able to download dr. web to put on a cd from a mac, to use on your PC?

@Jeffro303rd ye

i am having major issues with the latest malware PaV ,have renamed files on boot drive and everything cannot get files to run and it keeps cutting me to desktop have wiped everything and still know somethings fukin with me but cant find it ..help dont want to do a complete dump without nailing this fuker...HELP!!

The simplest thing to do is create, or have a friend create a Bitdefender Boot CD. It is the easiest to make and use. It may not remove ALL the viruses, but it will remove many of them. Enuf so that you should be able to boot into normal Windows. It updates auto after its inserted into a PC and then auto starts a scan.

After which you can boot into Windows and then run Superantispyware and Malwarebytes.

I hope things go well.

I need help where do I get the cd? Is there a download from internet? Help!!

google dr web. To turn off sys restore-start/right click on my computer/click properties/ click on system restore tab/check box to turn off sys restore. Also, keep in mind if you use a zip drive or external keyboard the virus will most likely jump on to it so you would need to clean those too.

turn off system restore before running dr web or the virus will come back when you reboot. used avg virut remover that allows you to scan in boot mode which kills virut in memory. Use both Dr. web and avg virut remover. would use super anti spyware in addition to malware bytes and also gmer anti rootkit remover

the painter with the afro Bob Ross, used to say we don't make mistakes we make happy accidents.

speaking of accidents, is it possible for sality to survive a complete format of both partitions? Norton picked up sality and removed it,another scan didn't pick up anything, but since my connection was still slower then normal I formatted both C: and D: using an OS disk.now Task manager doesn't show anything fishy,Norton doesn't pick up anything yet my connection is slower then it used to be, why?

i can' connect to dr. web, and internet explorer won't open, help!

How'd you upload a 41 minute video?

Months ago Matt became a Youtube Partner.

He therefore has special privileges.

@OSDolphin

If you get above 10k views on 3 videos, youtube gives you an extra 10 minutes. That's what I heard anyways.....

@shitbucket17 i only have 11k views all together and i got more than 15 mins now. can upload unlimited timed vids now.

@OSDolphin you have to become a Youtube partner.

Hey man,

working on your process for removing virut right now. Just curious in what you use to record your video.

he uses camtasia look at his video "watch me block virues" he has a camtasia recorder link on desktop and its running in the task bar

I had trojan,now infect to Window32 :(

how many viruses were found on ComboFix?

I HAVE 6 MALWAREEEEEES HELPPP

I had this shit virus

The first one i encounter it I just reformat it cause it pisses me off XD....

but the 2nd one I system restore and now Im running my pc good as new =)

anyway I love this guy he realy helps specialy his video's =)

Hello Matt I know another way..it's working 100% without losing your data , first we need to format only drive C and install new windows..once you finished don't open any partition D,E for example

because if you open other partitions your system will get infected, then go to tools>>folder option >>view>>show hidden files & unhide protected operating system file , the last thing install any anti virus from the internet update it and make full system scan this way you got your system cleaned 100%

i like those svchosts those are usally DDoSer Bots.

How did you get a 45 minute video on you tube?

he is a youtube partner

oh thanks

Awsome video

Keep it up

Thank you :)

i really like your Internet Connection its very fast.......its 353-400kb/s and here in Philippines the average is 40-70kb/sec

Hey So I have been following the vid step by step. Im at the point about 10 min into the video where you talk about getting comodo. Well I guess they change there program because when I downloaded it and installed, it never asked me to scan my comp b4 restarting. So I need to find a free anti virus program that doesnt require me to access the internet to update.

yeah i have used the same usb drive but i formatted it...the virut was hiding in my combat arms exe i had on my external western digital 1tb harddrive...im a wiz at computers im 16 and i know everything about them..i work at geek-squad too

I have this trojan virus. I have tried running Avasti, Spybot and Malware Antibytes. But it comes back. Any suggestions?

C:\WINDOWS\TEMP\nwpa.tmp

Win32:Bredolab-AQ [Trj]

Trojan Horse

I had it..

But i removed it easily

looks like a malicious tracking cookie try adaware

ur way seem better than wt am doin now .. i some of ma system file i guess is damaged alredy and i'm tryin to get the Kaspersky removal to neturalize the files .. i turned of some of the startup files and services bt i dunno maybe the would be deleted ..

@

Kamikaze9393

i had the same exact thing on my laptop...

mine was 20x virut.gen.!O and i couldnt delete no matter what i did...

had to reformat 3 times...i kept getting infected for some reason...but there gone now

i'm havin the same thing as well now .. let me ask u .. when u format ur pc .. did u use any usb which u hav used be4 on ur pc .. bcuz it happens to my labtop abt 4 time .. bcuz of the usb thing .. even thoe i format the usb the viruses was infectin ma labtop weired

If i ever get my hands on the people who made patching viruses I would torture them slowly and kill their whole family

@ZClipze I wish that our technology is advance enough so that way we can track them down and stab them to death ! I want to stab and kill all virus creators out there ! Their love of virus has gone far enough. I will throw them in hell!

I have tried to download the Dr. web live cd but the download sight seam to be down is there anywhere else I can down load it

haha! Viewers: '' What's on today's menu Matt? ''  Matt: '' On today's menu we have Kaspersky 2010 and very infected computer ''.

I notice you never tried opening Firefox again, instead electing to use IExplorer. C'mon, from one tech to another you and I both know that no tech instinctively clicks 'splorer before Firefox.

Something tells me that VM's firefox copy is hosed forever, right? More importantly, were you able to salvage it?

Right on.

i did everything according tothe video but in my case drWeb cures or deletes on a small percentage of the total infected files leaving te majority as "infected with Win32 Virut.56". according to mrizos i should delete what DrWeb does not but there are a ton of thee files and they are all in WINDOWS/system32/ so i'm reluctant to do so since these seem to be critical files. Am I wrong in assuming so, and what should I do instead other than reformat? thanks in advance

can i do that

i want to remove my viruses and also remove all the programs because i have an upgrade disk.

I just wanted to thank you for your video. I followed much of your advice and was able to save my 'puter from a R&R. Dr. Web LiveCD was too buggy for my 'puter so I booted up under UBCD4Windows & used Cureit. I followed with Bitdefender's & Kasperski's boot CDs. I then used Norman Security, AVG, & Symantec Virut removal tools, but they were not necessary. I installed Comodo to make sure all is well. Virut/Virux are the worst trojans I have seen in 25+ years of computing.

i havent even lived for 25 years and i already faced this virus :/

i think i agree with you

41 minutes

i have this strange virus its a antivarius that i never downloded that pops up to my screen and make me download it and i dont know how to remove it help ?

noob

i cannot download any antivirus programs the executable is crupt! so, i cannot debug my pc.. can you help?

Have a friend download one for you and burn it to a disc or make a bootable flash drive.

You generally need a clean pc to create a bootable restoration disc.

thx man i've solved the problem!

i've downloaded the program from a friend and burned from another pc!

thx for the concern really :)

hy... my computer is infected with an unknown virus...

i have reader_s.exe in taskmanager as a process.

the problem is i cannot install bsplayer or nero :( please tell me if the virut virus is the cause! this might be easy to remove:) thx for help pls respond to my comment...

go to c:\windows\system32 and search for files named "*.tmp"

on a clean system there shouldn't be any

but with reader_s on board you probably have proSeses.exe in system32 and loads of tmp files there as well like 1.TMP VRT1.tmp and so on

deleting them won;t help (they are a symptom not the problem) - do what is shown in the video

glhf

resolved the problem with dr web live cd thx again!

Hi, I've followed your advice, but in my case DrWeb cures or delete only some files, leaving the majority as "infected with Win32 Virut.56". Since there are are a lot of files like this, and most of them are in WINDOWS/system32/ i don't want to manually delete them since i doubt my computer will function at all afterward. What should my approach be in this case? Do I have any other choice other than re-formatting? Please let me know, thanks

!!!THANK YOU!!

you saved my laptop :))

greetings from Holland

oh dude can you help me clean my pc my computer acted so fucked up i got scared it couldnt log me in everytime i did it said critical damage is on your pc will restart in 1 minute

How is he supposed to help you?

Sasser worm my friend

same here ;[

ive seen it. i got virut. it was so bad that it infected every single .exe and made them not run

Comodo does not recognize sality virus but will give you this powerfull control panel to prevent more infection untill you get disinfected.With another tool of course...

i got 32 bit vvista 2.20 Ghz processor 2 GB of ram for just 600 bucks and nothing has go into my computer

Propably the most usefull video on youtube right now!

Can i ask how the heck did u update web dr. since you terminated all connections(including internet of course).

I think he said to use another computer for the download of the dr web cd.

you got the same brain as mine. That's also what i've done to my pc. Thumbs up for you.