Infected With Win32/Virut.NBK

Discussion in 'ESET NOD32 Antivirus' started by bservi, Feb 17, 2009.

Thread Status:
Not open for further replies.
  1. bservi

    bservi Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    2
    My son contracted the Win32/Virut.NBK virus on his PC. I have run absolutelty everything to try and purge this trojan and it cannot be cleaned. I have run ESET NOD32 AV complete scans, I have run MalwareBytes anti-malware complete scans, ComboFix, HJT, and others. The virus lives on. Is there a way to purge this without reformatting my harddrive and reinstalling the OS?

    If not, does anyone know if it is safe for me to back up his MP3, movie files, JPGS, Word docs, etc. to an external hard drive and re-install on the "new" system without bringing the virus alogn for the ride?

    Supposedly, it only infects EXE, SCR, and HTML files. But, I'm afraif to go thru all that work and then bring the virus along. But, we don't want to lose all the data files.

    ANy ideas appreciated.
     
  2. Manu7204

    Manu7204 Registered Member

    Joined:
    Jan 15, 2008
    Posts:
    46
    Re: Infected With Win32/virut.NBK.virus

    Restart in safe mode and try to clean it from there.

    Have no idea if NOD can clean the infected exe files, but my experience with this virus and another antivirus product was very bad. In the end, most if not all, affected computers had to be reinstalled. That because the virus could not be removed from executables and they were quarantined/deleted.

    edit: To answer your question, as long you don't backup any exe, scr or html file then it should be safe. Before connecting the drive with the backups to the freshly installed computer make sure you have an updated antivirus running.

    edit2: the death penalty should be reinstated for the individuals like the creator of this virus.
     
  3. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    If the real-time or on-demand scanner doesn't give you an option to clean the files, send approx. 10 infected files in a password protected archive to samples[at]eset.com with something like "Virut - cleaner needed" in the subject.
     
  4. bservi

    bservi Registered Member

    Joined:
    Feb 17, 2009
    Posts:
    2
    Marcos,

    Thanks, I will do that (send some infected files in a password protected archive). NOD32 is unable to clean certain files in the on-demand scan and in the realtime scan.

    Question:
    1.) Will you simply use the infected files to help improve the product and I am still in need of doing a format hard drive, reinstall?
    or
    2.) Do you think you can clean the files and return them for subsitution on the system?

    Thanks.
     
  5. pogipoints_14

    pogipoints_14 Registered Member

    Joined:
    Feb 21, 2009
    Posts:
    1
    Win32/Virut.NBK?? Download the latest cureit.exe (launch.exe) by Dr.Web from the internet..(google it). Run this standalone antivirus in safe mode. Do an express scan first, then do a complete scan...I advice you to clean all your personal usb keys as well using this small utility otherwise the virus will just keep on coming into back.

    This virus is very dangerous...it attacks all files with an .exe extension.

    Hope this helps..
     
  6. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    There's no need to use 3rd party tools if EAV is able to clean infected file. Otherwise follow my advice and send approx. 10 executables in a password protected archive to samples[at]eset.com.
     
  7. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,632
    Location:
    U.S.A. (South)
    ESET is come to my rescue on more then one occasion where my executables were trashed but somehow this AV recovered them. That's been a while ago though, so my advice is for pity's sake ALWAYS KEEP A TRUSTWORTHY PROVEN BACKUP PROGRAM and store away at least 2 good clean images just in case some fool devises such a destructive virus that not even your AV can recover your good files/data. It just makes sense because some virus makers are just desparate enough to add a feather to their cap that they overwhelmed your AV and ruined your time & files.

    It's the very last resort in a situation as this, and you will be glad you did.

    EASTER
     
Thread Status:
Not open for further replies.