Win32/Virut.NAE virus

Discussion in 'Other ESET Business Products' started by mmanning, May 1, 2013.

Thread Status:
Not open for further replies.
  1. mmanning

    mmanning Registered Member

    Joined:
    May 1, 2013
    Posts:
    1
    Location:
    United Kingdom
    We're running NOD32 Antivirus 4 business edition on our servers. We're getting constant messages saying a threat has been found which is Win32/Virus.NAE virus (on the servers), it won't clean the message and the only option is 'Delete' or 'No action', therefore it's still doing the rounds. Has anyone got any idea how I can get rid of this? Clearly Eset knows about it but doesn't seem able to remove it!

    Thanks in anticipation! :eek:
     
    mmanning, May 1, 2013
    #1
  2. dwomack

    dwomack Eset Staff Account

    Joined:
    Mar 2, 2011
    Posts:
    588
    My first recommendation would normally be to run through the steps in ESET KB Article SOLN2505 but given that these are servers and not client computers, you may prefer to contact local ESET UK support or call the number on the right side of the contact page.
     
    dwomack, May 1, 2013
    #2
  3. agoretsky

    agoretsky Eset Staff Account

    Joined:
    Apr 4, 2006
    Posts:
    4,033
    Location:
    California
    Hello,

    Win32/Virut is actually something that's comparatively rare these days, an actual file-infecting computer virus. It also exhibits worm-like and bot-like characteristics as well, but the fact that it actually infects executable files means that it gets to be classified as a bona-fide computer virus.

    Unfortunately, one thing about this virus is that in some instances, when infecting executable files, Win32/Virut overwrites part of the file, resulting in a damaged file that no longer works. In these cases, ESET's software will prompt you not to disinfect the file, but rather to delete it. If this occurs during your cleaning, go ahead and reload the files, afterwards. For Windows operating system files, you may be able to use the System File Checker (filename: SFC.EXE) to restore the damaged/missing files, but for other programs, a reinstallation of the software may be required.

    Regards,

    Aryeh Goretsky
     
    agoretsky, May 6, 2013
    #3
  4. er34

    er34 Guest

    @mmanning

    Sorry for dropping-by, just to add to what has already been advised :) Take a note of the location of the detection of this Virut. This is common mistake that some people don't realize. It might appear to be on the server but it actually could be on some share (shared folder) and the AV on the server will pop-up. This mean the AV on server is working fine but the malware "flame" is actually not on the server.

    Contact ESET support.

    Take care!
     
    er34, May 8, 2013
    #4
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...