delete virus using knoppix?

mz.monzter · 01-12-2008, 07:17 PM

Can I delete virus from xp using knoppix

**sobeit** · 01-12-2008, 07:22 PM

Quote:

Originally Posted by mz.monzter

Can I delete virus from xp using knoppix

Yep, if you know what you are doing and know exactly what the virus does and where it is. However, if done improperly, you may not be able to start windows. You really, really need to know what you are doing.

It may be better if you follow this forums five step treatment. See this, follow the steps, post the log in the proper forum and let the experts help

hal8000 · 01-14-2008, 10:55 AM

If you have the network setup on knoppix issue:

sudo apt-get install freshclam
sudo apt-get install avscan

Then from a terminal run avscan.
Alternatively if you know exactly what virus you have e.g. nail.exe from aurora, mount the windows file system, make it writable and delete the infected files, but, as already been said, you need a reasonable working knowledge of both platforms to do this effecetively.

mz.monzter · 01-16-2008, 05:10 AM

I'm not that familiar with linux(knoppix), but I know that if I cant get this virus out of windows I have to format the disk-so I have nothing to lose. I need to know the exact commands to log in on mc as root and to delete this file out of windows. I've tried everything else-theres no way to delete this file while windows is running. File is yaywttt.dll if anyone has been able to eliminate it any other way please tell me. thanx, mz.monzter

Clark76 · 01-16-2008, 11:50 AM

yaywttt.dll has been labeled as Virtumonde. If you would like to try removing it with out a reformat then please follow the instructions in MicroBell's 5 Step Process found here

Then start a new thread here and post the required log(s).

hal8000 · 01-18-2008, 02:42 AM

Quote:

Originally Posted by mz.monzter

I'm not that familiar with linux(knoppix), but I know that if I cant get this virus out of windows I have to format the disk-so I have nothing to lose. I need to know the exact commands to log in on mc as root and to delete this file out of windows. I've tried everything else-theres no way to delete this file while windows is running. File is yaywttt.dll if anyone has been able to eliminate it any other way please tell me. thanx, mz.monzter

You wont need mc, boot with knoppix, clcik on your drive icon to make it writable,
it may be sda1 or hda1 then type as follows:

sudo
find /mnt/hda1 -name yaywttt.dll

(you need to repalce hda1 with your partition) you should see the file in a location
e.g. /mnt/hda1/WINDOWS/System32/yaywttt.dll

If the command successfully finds the file you can remove it with

rm /mnt/hda1/WINDOWS/System32/yaywttt.dll

alternatively you can do it all in one line:

find /mnt/hda1 -name yaywttt.dll -exec rm {} \;

The last way is not recommended as it you mistype then you could delete a system file. I have just completed a script that will remove malicious software, it will be posted shortly on the knoppix forum, and as someone has already said, you need to be careful with linux commands.
HTH

01-12-2008, 07:17 PM	#1 (permalink)
mz.monzter Registered User Join Date: Jan 2008 Posts: 2 OS: XP sp2	delete virus using knoppix? Can I delete virus from xp using knoppix

01-14-2008, 10:55 AM	#3 (permalink)
hal8000 Registered User Join Date: Dec 2006 Location: UK Posts: 229 OS: PCLinux2009/Ubuntu/XP	Re: delete virus using knoppix? If you have the network setup on knoppix issue: sudo apt-get install freshclam sudo apt-get install avscan Then from a terminal run avscan. Alternatively if you know exactly what virus you have e.g. nail.exe from aurora, mount the windows file system, make it writable and delete the infected files, but, as already been said, you need a reasonable working knowledge of both platforms to do this effecetively.

01-16-2008, 05:10 AM	#4 (permalink)
mz.monzter Registered User Join Date: Jan 2008 Posts: 2 OS: XP sp2	Re: delete virus using knoppix? I'm not that familiar with linux(knoppix), but I know that if I cant get this virus out of windows I have to format the disk-so I have nothing to lose. I need to know the exact commands to log in on mc as root and to delete this file out of windows. I've tried everything else-theres no way to delete this file while windows is running. File is yaywttt.dll if anyone has been able to eliminate it any other way please tell me. thanx, mz.monzter

01-16-2008, 11:50 AM	#5 (permalink)
Clark76 Analyst, Security Team ; Rangemaster, TSF Academy Join Date: Jun 2006 Location: Cleveland, Ohio Posts: 1,694 OS: XP Pro, Vista, Ubuntu 8.10	Re: delete virus using knoppix? yaywttt.dll has been labeled as Virtumonde. If you would like to try removing it with out a reformat then please follow the instructions in MicroBell's 5 Step Process found here Then start a new thread here and post the required log(s). __________________ Proud Member of ASAP Proud Member of UNITE If you feel we've helped you, Please Donate to the Forum