win 32 virut

Discussion in 'ESET NOD32 Antivirus' started by Ant 1, Feb 18, 2008.

Thread Status:
Not open for further replies.
  1. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9
    plzz guys help me out
    some win32/virut ap virus has infected all my .exe files
    and nod32 is popping up every now and then asking to delete these files
    1st timr it happened i deleted withouut knowing i had deleted files from system 32 .
    this time i have left all the files alone
    how can i get rid of this virut
    is there any way to clean this mess without having to format my pc
    :(
     
  2. Causes Drowsiness

    Causes Drowsiness Registered Member

    Joined:
    Nov 6, 2006
    Posts:
    12
    Location:
    Behind you...
    The only thing I know to do for this is to disable System Restore (you can look that up online if you don't know how), make sure NOD is up to date and run a full scan of your system in safe mode.
     
  3. THE_BAD_BOY

    THE_BAD_BOY Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    40
    virut its one of dangers infections on the net .. because ones has infected all your exe files its imposible to remove it

    Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

    do hou have try scaning on safe mode? trsy that also download and run a system scan with SUPERAntispyware
    or get support from eset moderator,s :p
     
  4. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    Eset Have Added This Virus Signature Since
    NOD32 - v.2834 (20080129)
    Virus signature database updates:
    Win32/Delf.NAM, Win32/Nuwar.Gen, Win32/Rbot, Win32/VB.GW, Win32/VB.H, Win32/VB.IH, Win32/VB.IY (2), Win32/VB.NJA, Win32/VB.NJT, Win32/VB.R, Win32/Virut.AG, Win32/Virut.AP
    R U First Install EAV
    Or
    Update First Time
     
  5. proactivelover

    proactivelover Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    840
    Location:
    Near Wilders Forums
    Ha Ha Ha
    This Is Eset Forum Not Superantispyware
    And For Your Kind Information Superantispyware Is A Antispyware Not AntiVirus They Did Not Add Viruses In There Database
     
  6. ASpace

    ASpace Guest

    @Antichrist

    Hello!

    You have posted in EAV v3's subforum , you are supposed to be using v3

    Restart your computer in Safe Mode and open Start -> Programs -> ESET -> ESET NOD32 Antivirus

    A pop-up will ask you if you want to perform a scan . A DOS like windows will appear , this is ESET's command line scanner . It will start cleaning whatever possible. As far as I am aware Virut is a virus/file infector which completely overwrites infected files and I think a complete recovery can never be achieved . However you must try! :thumb:
     
  7. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Not all Virut variants can be cleaned, some modify files to such an extent that the original file cannot be recovered. You can zip about 10 infected files, protect the archive with the password "infected" and submit it to samples[at]eset.com with this thread's url in the subject.
     
  8. THE_BAD_BOY

    THE_BAD_BOY Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    40
    yeah can see you dont know nothing about nothing sas can remove alot of thinks avs av,s just can,t .... :p
     
  9. THE_BAD_BOY

    THE_BAD_BOY Registered Member

    Joined:
    Nov 15, 2007
    Posts:
    40
    yeao you right Marcos the best recomended way to remove Virut its Reformating ... :s Virut its really Hard to remove for every av :p
     
  10. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9
    how can disabling system restore help to get rid of viruses.
    actuyally i have formatted my pc just yesterday(only the c drive)
    and the first thing i did was install nod32 and update it
    eav dint detect anything till updated
    anyways i will try scanning in safe mode
    thnks all
     
  11. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9

    how do i do that
    i am new so can u plzzzzzzz tell me how its done
     
  12. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9


    i downloaded the super antispyware professional trial
    and updated it
    but its just not detecting the files as virus which nod had detected as virut
     
  13. ASpace

    ASpace Guest


    Simply because SUPER Antispyware is anti-spyware product , not detecting viruses (file infectors)
     
  14. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9


    yea you were right
    i scanned pc in the safe mode and nod was unable to clean tha files and also
    nod wont allow me to log in after i restarted in normal mode
    so i had to delete the nod files in safe mode and reinstall it
    so my i turn to my last resort that is format
    but there is 1 thing more i wud like to know
    virut infects only exe files?
    cuz i8 dont want to lose my song and pics collection
    and wud want to write them on a dvd
    will this f**kin virut follow into the dvd
    plzz lemme know:'(
     
  15. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Welcome aboard matey :).

    1. Using Windows Explorer, locate the first file you want to zip.
    2. Right click on the file and select "Send To" and "Compressed (zipped) Folder".
    3. Right click any other files you want to compress and select "Copy".
    4. Right click on the compressed folder and select "Paste". The copied files will be compressed and pasted in.
    5. Right click on the file and select "Explore".
    6. In "File" select "Add a Password". Enter the password and confirm the password.

    Let's see if the following can remove ("clean") the codes appended by the infector into your files,

    http://freedrweb.com/cureit/
    http://downloads2.kaspersky-labs.com/devbuilds/AVPTool/ - download latest
    http://free.grisoft.com/doc/virus-removal/us/frt/0/ndi/67762
    http://www.microsoft.com/security/malwareremove/default.mspx
    http://www.pandasecurity.com/homeusers/solutions/activescan/

    Note: Scan in safe mode. Use BootSafe and choose "safe mode with networking".

    If they fail, please read this (post at one forum only).

    thanatos
     
  16. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    AFAIK, Virut only infects *.exe and *.scr files. See this.

    thanatos
     
    Last edited: Feb 19, 2008
  17. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9

    thnks thanatos but how do i send the files
    i cand send thru gmail as they saying gmail can send executables for security reasons
     
  18. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    After putting atleast 10 infected files in a password-protected zip archive, attach the zip to your gmail email. Include in the email body the zip password and the link of this thread. Email the zip to samples@eset.com.

    thanatos
     
  19. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9
    but gmail is not allowing to send the exe files
     
  20. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Ok. Upload the password-protected zip here. Email the download link to ESET.

    If you are a registered user, use this web form to upload the zip.

    thanatos
     
  21. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9

    thanks a lot dude
    :thumb: :)
     
  22. Ant 1

    Ant 1 Registered Member

    Joined:
    Feb 18, 2008
    Posts:
    9
    wht does this virut do basically
    i mean does it affect the hardware
    does it matter if i leave it to live in my pc?
    i know this is a stupid question but still does it matter?
    :D
     
  23. thanatos_theos

    thanatos_theos Registered Member

    Joined:
    Apr 28, 2007
    Posts:
    540
    Antichrist, you are most welcome. I'm glad that I could be of help.

    AFAIK Virut appends codes (appendage is for IRC session) into your files (*.exe and *.scr) and contacts a list of sites. Here is the ongoing Virut saga.

    thanatos
     
    Last edited: Feb 19, 2008
  24. Bubba

    Bubba Updates Team

    Joined:
    Apr 15, 2002
    Posts:
    11,271
    off topic posts concerning SAS removed.

    Philippe_FR22,

    You are advized to confine your dislike for and trollish type SAS posts to an appropriate thread and this is not one of them.

    Bubba
     
  25. Philippe_FR22

    Philippe_FR22 Registered Member

    Joined:
    Sep 6, 2007
    Posts:
    249
    Ok no problem... It's not a dslike pb... Sorry for posting at the wrong thread
    Regards
     
Thread Status:
Not open for further replies.