win32/virut

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by cicaro, Jan 24, 2012.

  1. cicaro

    cicaro Private E-2

    hi!

    recently I got infected with a virus named win32/virut :( I probably received it through an infected Indesign-torrent, as my virus scan prompted me that I had 70 virus infections as soon as I opened Indesign..

    The virus scanner I had at that time was Avira Antivirus, but the virus spread way faster than the scanner, so eventually my whole pc (almost every .exe file) got infected and there was not much more I could do than to reformat my pc. Didn't lose any files because I have a flash drive. After that I used a program from AVG which was specifically designed to destroy win32/virut.

    Well the problem is, my PC SEEMS to be clean, multiple virus scans confirm this. BUT my avira (reinstalled it) keeps giving me prompts sometimes that the win32/virut has infected a file. It doesn't seem to do much, but I want it to be completely removed from my computer. I have an idea of how the virus could have survived the reformatting: I used two small USB-drives during the time my PC got infected so they may have been infected too. Antivirus scans say that they are also clean now.

    But still, my PC keeps giving me prompts sometimes about the win32/virut being detected!! Also, it seems like it is running a bit slower than it used to..

    Can anyone tell me what to do?

    **sorry for the long post and the bad English, it is not my native language :)**
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Virut can spread to every drive connected to your PC. Even if you temporarily just plug in a flash drive, executable files can quickly become infected. And if you take this flash drive ( or your external USB drive ) and plug it into another PC, you can infect this second PC.

    Some forms of Virut are not detected by scanners. And then there are other forms that are detectable but not fixable. The standard recommendation with any PE file infector like Virut is to format and reinstall. This all applies to your external drive since if just one executable file existed on it, it could be infected and you will restart the infection all over again by using the external drive.

    Virut does not just infect .exe files. It can easily infect ( just to name a few )
    .com
    .dll
    .ocx
    ,msi
    .dat
    .pdf

    And even files like .mp3, .avi, .mov, .mpg etc can be infected. Thus you see why Virut is so nasty and requires a complete wipe.
     
  3. cicaro

    cicaro Private E-2

    So you are saying that I should reformat my pc again AND reformat the flas drives I used?
     
  4. cicaro

    cicaro Private E-2

    some extra information:

    I have 2 hard disk drives (C: and D:). I scanned both with a program called rmvirut.exe, made by AVG. Almost all of the .exe files were infected and cleaned by the program. After that I reformatted the C:drive. PC seemed clean.

    But after reformatting I plugged two USB flash drives which I also used during the time my PC was infected (not knowing the flash drives could be infected). I scanned those using multiple virus scanners, some found the virus and cleaned it. Now the flash drives seem clean, but the PC seems infected (but only SOMETIMES). the rmvirut.exe doesn't detect the virus anymore, although it seemed very effective the first time I used this program.

    I would really hate to reformat the D: drive, because all of my files are on that drive, and I can't put them anywhere else because I am afraid they contain the virus. The only valuable files are .doc and .jpg.

    So what to do?
     
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    As stated earlied, Virut and other PE type file infectors are big trouble which is why formatting is necessary. It is extremely difficult to know every file and file type that is getting infected. Anything that can be considered a binary executable ( which is many files types including .doc and .jpg ) can carry infections. Whether your are infected or not, I cannot say for sure. Most frequently, Virut better known to hit .exe, .com, .dll, .dat, .msi, and .ocx type files. Thus your .doc and .jpg files may be okay.

    The problem is that if ANY exectuable type file were on your removal drives, you could have spread the infection everywhere you used it. And if any executable files are still on the drives, they have to be considered infected and MUST be deleted. If you save even one infected file, it will just start all the problems over again.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds