Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Can't remove "noad VarianceTV" malware from Windows 10
Special Forums Windows & DOS: Issues & Discussions Can't remove "noad VarianceTV" malware from Windows 10 Post 302988926 by hicksd8 on Thursday 5th of January 2017 05:53:05 AM
Old 01-05-2017
As everyone in this community is well aware, I'm not a Windows fan, but we all seem to use Windows for something.

You mention that your system has been infected for months which is a pity because my first course of action would be to restore a system to a previous time "restore point". I always find that is the quickest way to get rid.

However, these would be my initial lines of attack. No guarantees given.
  1. Restore the system to a previous point in time - "restore point".
  2. Download Malwarebytes free edition, update and run full scan. (Totally agree with Jim post#2 on that. Great product.)
  3. Download SuperAntiSpyware free edition, update and run full scan. I find Malwarebytes and this product can be run concurrently. Another great product.
  4. If all that fails, or your system has trouble booting, then resort to a Linux based product that allows you to scan and bomb viruses without having to boot Windows. Download BitDefender free edition DVD image on a different system and burn it to DVD. Then boot the infected system with it. It should then find and use your network interface to go to the web and fully update itself. Then do a full scan. BitDefender is just superb. Well it would be, wouldn't it, being Linux based.

I never thought that I'd actually contribute to a Windows thread on this forum!! Ah well, I suppose there's a first time for everything.
Last edited by hicksd8; 01-06-2017 at 10:16 AM..
This User Gave Thanks to hicksd8 For This Post:
rbatte1
 

8 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Explain the line "mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'`"

Hi Friends, Can any of you explain me about the below line of code? mn_code=`env|grep "..mn"|awk -F"=" '{print $2}'` Im not able to understand, what exactly it is doing :confused: Any help would be useful for me. Lokesha (4 Replies)
Discussion started by: Lokesha
4 Replies

2. Windows & DOS: Issues & Discussions

Unix "cut' and "awk" in Windows XP?

Hi, How can I execute Unix's ksh equivalent of "cut' and "awk" in Windows XP? For example, I want to execute ksh commands from Windows command prompt. Is there a place I can download "cut.exe" and "awk.exe" ? Thanks in advance (4 Replies)
Discussion started by: ihot
4 Replies

3. Shell Programming and Scripting

How to remove "New line characters" and "spaces" at a time

Dear friends, following is the output of a script from which I want to remove spaces and new-line characters. Example:- Line1 abcdefghijklmnopqrstuvwxyz Line2 mnopqrstuvwxyzabcdefghijkl Line3 opqrstuvwxyzabcdefdefg Here in above example, at every starting line there is a “tab” &... (4 Replies)
Discussion started by: anushree.a
4 Replies

4. Shell Programming and Scripting

awk command to replace ";" with "|" and ""|" at diferent places in line of file

Hi, I have line in input file as below: 3G_CENTRAL;INDONESIA_(M)_TELKOMSEL;SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL My expected output for line in the file must be : "1-Radon1-cMOC_deg"|"LDIndex"|"3G_CENTRAL|INDONESIA_(M)_TELKOMSEL"|LAST|"SPECIAL_WORLD_GRP_7_FA_2_TELKOMSEL" Can someone... (7 Replies)
Discussion started by: shis100
7 Replies

5. Shell Programming and Scripting

how to use "cut" or "awk" or "sed" to remove a string

logs: "/home/abc/public_html/index.php" "/home/abc/public_html/index.php" "/home/xyz/public_html/index.php" "/home/xyz/public_html/index.php" "/home/xyz/public_html/index.php" how to use "cut" or "awk" or "sed" to get the following result: abc abc xyz xyz xyz (8 Replies)
Discussion started by: timmywong
8 Replies

6. UNIX for Dummies Questions & Answers

Using "mailx" command to read "to" and "cc" email addreses from input file

How to use "mailx" command to do e-mail reading the input file containing email address, where column 1 has name and column 2 containing “To” e-mail address and column 3 contains “cc” e-mail address to include with same email. Sample input file, email.txt Below is an sample code where... (2 Replies)
Discussion started by: asjaiswal
2 Replies

7. Shell Programming and Scripting

Bash script - Print an ascii file using specific font "Latin Modern Mono 12" "regular" "9"

Hello. System : opensuse leap 42.3 I have a bash script that build a text file. I would like the last command doing : print_cmd -o page-left=43 -o page-right=22 -o page-top=28 -o page-bottom=43 -o font=LatinModernMono12:regular:9 some_file.txt where : print_cmd ::= some printing... (1 Reply)
Discussion started by: jcdole
1 Replies

8. AIX

Apache 2.4 directory cannot display "Last modified" "Size" "Description"

Hi 2 all, i have had AIX 7.2 :/# /usr/IBMAHS/bin/apachectl -v Server version: Apache/2.4.12 (Unix) Server built: May 25 2015 04:58:27 :/#:/# /usr/IBMAHS/bin/apachectl -M Loaded Modules: core_module (static) so_module (static) http_module (static) mpm_worker_module (static) ... (3 Replies)
Discussion started by: penchev
3 Replies

LEARN ABOUT DEBIAN

clamscan

clamscan(1)							  Clam AntiVirus						       clamscan(1)

NAME

       clamscan - scan files and directories for viruses

SYNOPSIS

       clamscan [options] [file/directory/-]

DESCRIPTION

       clamscan is a command line anti-virus scanner.

OPTIONS

       Most  of the options are simple switches which enable or disable some features. Options marked with [=yes/no(*)] can be optionally followed
       by =yes/=no; if they get called without the boolean argument the scanner will assume 'yes'. The asterisk marks the default internal setting
       for a given option.

       -h, --help
	      Print help information and exit.

       -V, --version
	      Print version number and exit.

       -v, --verbose
	      Be verbose.

       -a, --archive-verbose
	      Show filenames inside scanned archives

       --debug
	      Display debug messages from libclamav.

       --quiet
	      Be quiet (only print error messages).

       --stdout
	      Write all messages (except for libclamav output) to the standard output (stdout).

       --no-summary
	      Do not display summary at the end of scanning.

       -i, --infected
	      Only print infected files.

       -o, --suppress-ok-results
	      Skip printing OK files

       --bell Sound bell on virus detection.

       --tempdir=DIRECTORY
	      Create temporary files in DIRECTORY. Directory must be writable for the '' user or unprivileged user running clamscan.

       --leave-temps
	      Do not remove temporary files.

       -d FILE/DIR, --database=FILE/DIR
	      Load virus database from FILE or load all virus database files from DIR.

       --official-db-only=[yes/no(*)]
	      Only load the official signatures published by the ClamAV project.

       -l FILE, --log=FILE
	      Save scan report to FILE.

       -r, --recursive
	      Scan directories recursively. All the subdirectories in the given directory will be scanned.

       -z, --allmatch
	      After a match, continue scanning within the file for additional matches.

       --cross-fs=[yes(*)/no]
	      Scan files and directories on other filesystems.

       --follow-dir-symlinks=[0/1(*)/2]
	      Follow  directory  symlinks. There are 3 options: 0 - never follow directory symlinks, 1 (default) - only follow directory symlinks,
	      which are passed as direct arguments to clamscan. 2 - always follow directory symlinks.

       --follow-file-symlinks=[0/1(*)/2]
	      Follow file symlinks. There are 3 options: 0 - never follow file symlinks, 1 (default) - only follow file symlinks, which are passed
	      as direct arguments to clamscan. 2 - always follow file symlinks.

       -f FILE, --file-list=FILE
	      Scan files listed line by line in FILE.

       --remove[=yes/no(*)]
	      Remove infected files. Be careful!

       --move=DIRECTORY
	      Move infected files into DIRECTORY. Directory must be writable for the '' user or unprivileged user running clamscan.

       --copy=DIRECTORY
	      Copy infected files into DIRECTORY. Directory must be writable for the '' user or unprivileged user running clamscan.

       --exclude=REGEX, --exclude-dir=REGEX
	      Don't scan file/directory names matching regular expression. These options can be used multiple times.

       --include=REGEX, --include-dir=REGEX
	      Only scan file/directory matching regular expression. These options can be used multiple times.

       --bytecode[=yes(*)/no]
	      With  this option enabled ClamAV will load bytecode from the database. It is highly recommended you keep this option turned on, oth-
	      erwise you may miss detections for many new viruses.

       --bytecode-unsigned[=yes/no(*)]
	      Allow loading bytecode from outside digitally signed .c[lv]d files.

       --bytecode-timeout=N
	      Set bytecode timeout in milliseconds (default: 60000 = 60s)

       --bytecode-statistics[=yes/no(*)]
	      Collect and print bytecode statistics.

       --detect-pua[=yes/no(*)]
	      Detect Possibly Unwanted Applications.

       --exclude-pua=CATEGORY
	      Exclude a specific PUA category. This option can be used multiple times. See http://www.clamav.net/support/pua for the complete list
	      of PUA

       --include-pua=CATEGORY
	      Only include a specific PUA category. This option can be used multiple times. See http://www.clamav.net/support/pua for the complete
	      list of PUA

       --detect-structured[=yes/no(*)]
	      Use the DLP (Data Loss Prevention) module to detect SSN and Credit Card numbers inside documents/text files.

       --structured-ssn-format=X
	      X=0: search for valid SSNs formatted as xxx-yy-zzzz (normal); X=1: search for valid SSNs formatted  as  xxxyyzzzz  (stripped);  X=2:
	      search for both formats. Default is 0.

       --structured-ssn-count=#n
	      This option sets the lowest number of Social Security Numbers found in a file to generate a detect (default: 3).

       --structured-cc-count=#n
	      This option sets the lowest number of Credit Card numbers found in a file to generate a detect (default: 3).

       --scan-mail[=yes(*)/no]
	      Scan  mail  files.  If  you  turn  off  this  option,  the original files will still be scanned, but without parsing individual mes-
	      sages/attachments.

       --phishing-sigs[=yes(*)/no]
	      Use the signature-based phishing detection.

       --phishing-scan-urls[=yes(*)/no]
	      Use the url-based heuristic phishing detection (Phishing.Heuristics.Email.*)

       --heuristic-scan-precedence[=yes/no(*)]
	      Allow heuristic match to take precedence. When enabled, if a heuristic scan (such as phishingScan) detects a possible virus/phish it
	      will  stop  scan	immediately.  Recommended,  saves  CPU	scan-time.  When disabled, virus/phish detected by heuristic scans will be
	      reported only at the end of a scan. If an archive contains both a heuristically detected	virus/phish, and a real malware, the  real
	      malware  will be reported Keep this disabled if you intend to handle "*.Heuristics.*" viruses  differently from "real" malware. If a
	      non-heuristically-detected virus (signature-based) is found first,  the scan is interrupted immediately, regardless of  this  config
	      option.

       --phishing-ssl[=yes/no(*)]
	      Block SSL mismatches in URLs (might lead to false positives!).

       --phishing-cloak[=yes/no(*)]
	      Block cloaked URLs (might lead to some false positives).

       --partition-intersection[=yes/no(*)]
	      Detect partition intersections in raw disk images using heuristics.

       --algorithmic-detection[=yes(*)/no]
	      In  some	cases  (eg.  complex  malware,	exploits in graphic files, and others), ClamAV uses special algorithms to provide accurate
	      detection. This option can be used to control the algorithmic detection.

       --scan-pe[=yes(*)/no]
	      PE stands for Portable Executable - it's an executable file format used in all 32-bit versions  of  Windows  operating  systems.	By
	      default  ClamAV  performs  deeper  analysis  of  executable files and attempts to decompress popular executable packers such as UPX,
	      Petite, and FSG. If you turn off this option, the original files will still be scanned but without additional processing.

       --scan-elf[=yes(*)/no]
	      Executable and Linking Format is a standard format for UN*X executables. This option controls the ELF support. If you turn  it  off,
	      the original files will still be scanned but without additional processing.

       --scan-ole2[=yes(*)/no]
	      Scan  Microsoft  Office  documents and .msi files. If you turn off this option, the original files will still be scanned but without
	      additional processing.

       --scan-pdf[=yes(*)/no]
	      Scan within PDF files. If you turn off this option, the original files will still be scanned, but without  decoding  and	additional
	      processing.

       --scan-swf[=yes(*)/no]
	      Scan SWF files. If you turn off this option, the original files will still be scanned but without additional processing.

       --scan-html[=yes(*)/no]
	      Detect,  normalize/decrypt  and  scan HTML files and embedded scripts. If you turn off this option, the original files will still be
	      scanned, but without additional processing.

       --scan-archive[=yes(*)/no]
	      Scan archives supported by libclamav. If you turn off this option, the original files will still be scanned, but	without  unpacking
	      and additional processing.

       --detect-broken[=yes/no(*)]
	      Mark broken executables as viruses (Broken.Executable).

       --block-encrypted[=yes/no(*)]
	      Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).

       --max-filesize=#n
	      Extract  and scan at most #n bytes from each archive. You may pass the value in kilobytes in format xK or xk, or megabytes in format
	      xM or xm, where x is a number. This option protects your system against DoS attacks (default: 25 MB, max: <4 GB)

       --max-scansize=#n
	      Extract and scan at most #n bytes from each archive. The size the archive plus the sum of the sizes  of  all  files  within  archive
	      count  toward  the scan size. For example, a 1M uncompressed archive containing a single 1M inner file counts as 2M toward max-scan-
	      size. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x is a number. This option pro-
	      tects your system against DoS attacks (default: 100 MB, max: <4 GB)

       --max-files=#n
	      Extract at most #n files from each scanned file (when this is an archive, a document or another kind of container). This option pro-
	      tects your system against DoS attacks (default: 10000)

       --max-recursion=#n
	      Set archive recursion level limit. This option protects your system against DoS attacks (default: 16).

       --max-dir-recursion=#n
	      Maximum depth directories are scanned at (default: 15).

       --max-embeddedpe=#n
	      Maximum size file to check for embedded PE. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm,
	      where x is a number (default: 10 MB, max: <4 GB).

       --max-htmlnormalize=#n
	      Maximum  size  of  HTML  file to normalize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm,
	      where x is a number (default: 10 MB, max: <4 GB).

       --max-htmlnotags=#n
	      Maximum size of normalized HTML file to scan. You may pass the value in kilobytes in format xK or xk, or megabytes in format  xM	or
	      xm, where x is a number (default: 2 MB, max: <4 GB).

       --max-scriptnormalize=#n
	      Maximum  size  of script file to normalize. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm,
	      where x is a number (default: 5 MB, max: <4 GB).

       --max-ziptypercg=#n
	      Maximum size zip to type reanalyze. You may pass the value in kilobytes in format xK or xk, or megabytes in format xM or xm, where x
	      is a number (default: 1 MB, max: <4 GB).

       --max-partitions=#n
	      This option sets the maximum number of partitions of a raw disk image to be scanned. This must be a positive integer (default: 50).

       --max-iconspe=#n
	      This option sets the maximum number of icons within a PE to be scanned. This must be a positive integer (default: 100).

       --enable-stats
	      This option enables submission of statistical data. (Default: stats submissions disabled)

       --stats-host-id
	      This option sets the HostID, in the form of an UUID, to use when submitting statistical information.

       --disable-pe-stats
	      This  option  disables  the submission of PE section data. (Default: submitting of PE section data enabled if stats submissions as a
	      whole is enabled).

       --stats-timeout=#n
	      This option sets the timeout in seconds to wait for communication back from the stats server. (Default: 10).

EXAMPLES

       (0) Scan a single file:

	      clamscan file

       (1) Scan a current working directory:

	      clamscan

       (2) Scan all files (and subdirectories) in /home:

	      clamscan -r /home

       (3) Load database from a file:

	      clamscan -d /tmp/newclamdb -r /tmp

       (4) Scan a data stream:

	      cat testfile | clamscan -

       (5) Scan a mail spool directory:

	      clamscan -r /var/spool/mail

RETURN CODES

       0 : No virus found.

       1 : Virus(es) found.

       2 : Some error(s) occured.

CREDITS

       Please check the full documentation for credits.

AUTHOR

       Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>

SEE ALSO

       clamdscan(1), freshclam(1), freshclam.conf(5)

ClamAV 0.98.4							 December 4, 2013						       clamscan(1)
All times are GMT -4. The time now is 05:20 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy