Welcome to Virus Way Out

This Blog provides the solution for virus that may or have attack your computer ...

What is virus ...
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. However, the term "virus" is commonly used, albeit erroneously, to refer to many different types of malware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with computer worms and Trojan horses. A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. Both worms and Trojans will cause harm to computers when executed.

Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.

Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.

Source by Wikipedia ...

UDM_StrikesBack or ViRusMaWar

What are the symptoms that shows your computer have been affected by UDM_StrikesBack or ViRusMaWar ::.

1) Task Manager have been disabled
2) Folder Option have been disabled
3) Regedit have been disabled
4) Search have been disabled
5) You can find UDM_StrikesBack.html in your drive
6) Your Internet Explorer browser shows title "VirusMawar menguCapKan SelAmaT TaHun BaRu Cina, Terutama kpd WarGa UDM+++"

What you should do to remove this virus ::.

1) Go to Run then type cmd
2) Paste this line in command window
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3) Again, go to Run type regedit
4) In Registry editor find keyword "disabletaskmgr" then modify it to 0
5) Open your Task Manager and stop all process with name "wscript.exe"
6) Search for keyword "nofolderoption" then modify it to 0
7) You also may found keyword "NoFind" there, do same thing as before, modify it to 0
8) Open your Folder Option and in View tab, check for show hidden files and uncheck hide operating system files
9) Now you can delete the virus with name "ViRusMaWar3.js" which located in location such as "C:\WINDOWS\system32" , and all drive in your computer.
10) You also need to delete files named "Autorun.inf" and UDM_StrikesBack.html file in every drive and removable drive that have been connected with your PC before.
11) Lastly restart your computer and remember to restore back your Folder Option to previous setting.

RavMon or RavMon.exe

What are the symptoms that shows your computer have been affected by RavMon or RavMon.exe ::.

1) You will see some invalid character like some Chinese scripts when you right click on your drive.
2) Your show hidden files and folders not working
3) Your command prompt been disabled
4) Registry Editor been disabled
5) Task manager been disabled

What you should do to remove this virus ::.
It exactly the same way with the solution to remove VirusMawar and the only different is the file name ::.

1) Go to Run then type cmd
2) Paste this line in command window
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
3) Again, go to Run type regedit
4) In Registry editor find keyword "disabletaskmgr" then modify it to 0
5) Open your Task Manager and stop all process with name "RavMon.exe"
6) Search for keyword "nofolderoption" then modify it to 0
7) You also may found keyword "NoFind" there, do same thing as before, modify it to 0
8) Open your Folder Option and in View tab, check for show hidden files and uncheck hide operating system files
9) Now you can delete the virus with name "RavMon.exe" which located in location such as "C:\WINDOWS\system32" , and all drive in your computer.
10) You also need to delete files named "Autorun.inf" in every drive and removable drive that have been connected with your PC before.
11) Lastly restart your computer and remember to restore back your Folder Option to previous setting.