win 32 virut

[Ant 1]

plzz guys help me out
some win32/virut ap virus has infected all my .exe files
and nod32 is popping up every now and then asking to delete these files
1st timr it happened i deleted withouut knowing i had deleted files from system 32 .
this time i have left all the files alone
how can i get rid of this virut
is there any way to clean this mess without having to format my pc

[Causes Drowsiness]

The only thing I know to do for this is to disable System Restore (you can look that up online if you don't know how), make sure NOD is up to date and run a full scan of your system in safe mode.

[THE_BAD_BOY]

virut its one of dangers infections on the net .. because ones has infected all your exe files its imposible to remove it

Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

do hou have try scaning on safe mode? trsy that also download and run a system scan with SUPERAntispyware
or get support from eset moderator,s :p

[proactivelover]

Eset Have Added This Virus Signature Since
NOD32 - v.2834 (20080129)
Virus signature database updates:
Win32/Delf.NAM, Win32/Nuwar.Gen, Win32/Rbot, Win32/VB.GW, Win32/VB.H, Win32/VB.IH, Win32/VB.IY (2), Win32/VB.NJA, Win32/VB.NJT, Win32/VB.R, Win32/Virut.AG, Win32/Virut.AP
R U First Install EAV
Or
Update First Time

[proactivelover]

Quote:

Originally Posted by THE_BAD_BOY

virut its one of dangers infections on the net .. because ones has infected all your exe files its imposible to remove it

Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

do hou have try scaning on safe mode? trsy that also download and run a system scan with SUPERAntispyware
or get support from eset moderator,s :p

Ha Ha Ha
This Is Eset Forum Not Superantispyware
And For Your Kind Information Superantispyware Is A Antispyware Not AntiVirus They Did Not Add Viruses In There Database

[ASpace]

@Antichrist

Hello!

You have posted in EAV v3's subforum , you are supposed to be using v3

Restart your computer in Safe Mode and open Start -> Programs -> ESET -> ESET NOD32 Antivirus

A pop-up will ask you if you want to perform a scan . A DOS like windows will appear , this is ESET's command line scanner . It will start cleaning whatever possible. As far as I am aware Virut is a virus/file infector which completely overwrites infected files and I think a complete recovery can never be achieved . However you must try!

[Marcos]

Not all Virut variants can be cleaned, some modify files to such an extent that the original file cannot be recovered. You can zip about 10 infected files, protect the archive with the password "infected" and submit it to samples[at]eset.com with this thread's url in the subject.

[THE_BAD_BOY]

Quote:

Originally Posted by proactivelover

Ha Ha Ha
This Is Eset Forum Not Superantispyware
And For Your Kind Information Superantispyware Is A Antispyware Not AntiVirus They Did Not Add Viruses In There Database

yeah can see you dont know nothing about nothing sas can remove alot of thinks avs av,s just can,t ....

[THE_BAD_BOY]

Quote:

Originally Posted by Marcos

Not all Virut variants can be cleaned, some modify files to such an extent that the original file cannot be recovered. You can zip about 10 infected files, protect the archive with the password "infected" and submit it to samples[at]eset.com with this thread's url in the subject.

yeao you right Marcos the best recomended way to remove Virut its Reformating ... :s Virut its really Hard to remove for every av :p

[Ant 1]

Quote:

Originally Posted by Causes Drowsiness

The only thing I know to do for this is to disable System Restore (you can look that up online if you don't know how), make sure NOD is up to date and run a full scan of your system in safe mode.

how can disabling system restore help to get rid of viruses.
actuyally i have formatted my pc just yesterday(only the c drive)
and the first thing i did was install nod32 and update it
eav dint detect anything till updated
anyways i will try scanning in safe mode
thnks all

[Ant 1]

Quote:

Originally Posted by Marcos

Not all Virut variants can be cleaned, some modify files to such an extent that the original file cannot be recovered. You can zip about 10 infected files, protect the archive with the password "infected" and submit it to samples[at]eset.com with this thread's url in the subject.

how do i do that
i am new so can u plzzzzzzz tell me how its done

[Ant 1]

Quote:

Originally Posted by THE_BAD_BOY

virut its one of dangers infections on the net .. because ones has infected all your exe files its imposible to remove it

Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

do hou have try scaning on safe mode? trsy that also download and run a system scan with SUPERAntispyware
or get support from eset moderator,s :p

i downloaded the super antispyware professional trial
and updated it
but its just not detecting the files as virus which nod had detected as virut

[ASpace]

Quote:

Originally Posted by Antichrist

i downloaded the super antispyware professional trial
and updated it
but its just not detecting the files as virus which nod had detected as virut

Simply because SUPER Antispyware is anti-spyware product , not detecting viruses (file infectors)

[Ant 1]

Quote:

Originally Posted by HiTech_boy

@Antichrist

Hello!

You have posted in EAV v3's subforum , you are supposed to be using v3

Restart your computer in Safe Mode and open Start -> Programs -> ESET -> ESET NOD32 Antivirus

A pop-up will ask you if you want to perform a scan . A DOS like windows will appear , this is ESET's command line scanner . It will start cleaning whatever possible. As far as I am aware Virut is a virus/file infector which completely overwrites infected files and I think a complete recovery can never be achieved . However you must try!

yea you were right
i scanned pc in the safe mode and nod was unable to clean tha files and also
nod wont allow me to log in after i restarted in normal mode
so i had to delete the nod files in safe mode and reinstall it
so my i turn to my last resort that is format
but there is 1 thing more i wud like to know
virut infects only exe files?
cuz i8 dont want to lose my song and pics collection
and wud want to write them on a dvd
will this f**kin virut follow into the dvd
plzz lemme know

[thanatos_theos]

Welcome aboard matey .

Quote:

Originally Posted by Antichrist

how do i do that
i am new so can u plzzzzzzz tell me how its done

1. Using Windows Explorer, locate the first file you want to zip.
2. Right click on the file and select "Send To" and "Compressed (zipped) Folder".
3. Right click any other files you want to compress and select "Copy".
4. Right click on the compressed folder and select "Paste". The copied files will be compressed and pasted in.
5. Right click on the file and select "Explore".
6. In "File" select "Add a Password". Enter the password and confirm the password.

Quote:

Originally Posted by Antichrist

plzz guys help me out

Let's see if the following can remove ("clean") the codes appended by the infector into your files,

http://freedrweb.com/cureit/
http://downloads2.kaspersky-labs.com/devbuilds/AVPTool/ - download latest
http://free.grisoft.com/doc/virus-re...rt/0/ndi/67762
http://www.microsoft.com/security/ma...e/default.mspx
http://www.pandasecurity.com/homeuse...ns/activescan/

Note: Scan in safe mode. Use BootSafe and choose "safe mode with networking".

If they fail, please read this (post at one forum only).

thanatos

[thanatos_theos]

Quote:

Originally Posted by Antichrist

but there is 1 thing more i wud like to know
virut infects only exe files?
cuz i8 dont want to lose my song and pics collection
and wud want to write them on a dvd
will this f**kin virut follow into the dvd
plzz lemme know

AFAIK, Virut only infects *.exe and *.scr files. See this.

thanatos

[Ant 1]

Quote:

Originally Posted by thanatos_theos

Welcome aboard matey .



1. Using Windows Explorer, locate the first file you want to zip.
2. Right click on the file and select "Send To" and "Compressed (zipped) Folder".
3. Right click any other files you want to compress and select "Copy".
4. Right click on the compressed folder and select "Paste". The copied files will be compressed and pasted in.
5. Right click on the file and select "Explore".
6. In "File" select "Add a Password". Enter the password and confirm the password.



Let's see if the following can remove ("clean") the codes appended by the infector into your files,

http://freedrweb.com/cureit/
http://downloads2.kaspersky-labs.com/devbuilds/AVPTool/ - download latest
http://free.grisoft.com/doc/virus-re...rt/0/ndi/67762
http://www.microsoft.com/security/ma...e/default.mspx
http://www.pandasecurity.com/homeuse...ns/activescan/

Note: Scan in safe mode. Use BootSafe and choose "safe mode with networking".

If they fail, please read this (post at one forum only).

thanatos

thnks thanatos but how do i send the files
i cand send thru gmail as they saying gmail can send executables for security reasons

[thanatos_theos]

Quote:

Originally Posted by Antichrist

thnks thanatos but how do i send the files
i cand send thru gmail as they saying gmail can send executables for security reasons

After putting atleast 10 infected files in a password-protected zip archive, attach the zip to your gmail email. Include in the email body the zip password and the link of this thread. Email the zip to samples@eset.com.

thanatos

[Ant 1]

Quote:

Originally Posted by thanatos_theos

After putting atleast 10 infected files in a password-protected zip archive, attach the zip to your gmail email. Include in the email body the zip password and the link of this thread. Email the zip to samples@eset.com.

thanatos

but gmail is not allowing to send the exe files

[thanatos_theos]

Quote:

Originally Posted by Antichrist

but gmail is not allowing to send the exe files

Ok. Upload the password-protected zip here. Email the download link to ESET.

If you are a registered user, use this web form to upload the zip.

thanatos

[Ant 1]

Quote:

Originally Posted by thanatos_theos

Ok. Upload the password-protected zip here. Email the download link to ESET.

If you are a registered user, use this web form to upload the zip.

thanatos

thanks a lot dude

[Ant 1]

Quote:

Originally Posted by thanatos_theos

AFAIK, Virut only infects *.exe and *.scr files. See this.

thanatos

wht does this virut do basically
i mean does it affect the hardware
does it matter if i leave it to live in my pc?
i know this is a stupid question but still does it matter?

[thanatos_theos]

Quote:

Originally Posted by Antichrist

thanks a lot dude

Antichrist, you are most welcome. I'm glad that I could be of help.

Quote:

Originally Posted by Antichrist

wht does this virut do basically
i mean does it affect the hardware
does it matter if i leave it to live in my pc?
i know this is a stupid question but still does it matter?

AFAIK Virut appends codes (appendage is for IRC session) into your files (*.exe and *.scr) and contacts a list of sites. Here is the ongoing Virut saga.

thanatos

[Bubba]

off topic posts concerning SAS removed.

Philippe_FR22,

You are advized to confine your dislike for and trollish type SAS posts to an appropriate thread and this is not one of them.

Bubba

[Philippe_FR22]

Quote:

Originally Posted by Bubba

off topic posts concerning SAS removed.

Philippe_FR22,

You are advized to confine your dislike for and trollish type SAS posts to an appropriate thread and this is not one of them.

Bubba

Ok no problem... It's not a dslike pb... Sorry for posting at the wrong thread
Regards