MajorGeeks Support Forums

Go Back   MajorGeeks Support Forums > ----------= PC, Desktop and Laptop Support =---------- > Malware Removal
Register FAQ Members List Calendar Casino Mark Forums Read

Malware Removal Malware removal forum. Please see the READ ME FIRST thread before you post. Forum is staffed by a small number of volunteers, please be patient.


Closed Thread
 
Thread Tools Display Modes
  #1  
Old 01-24-12, 09:02
cicaro cicaro is offline
Private E-2
 
Join Date: Jan 2012
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Exclamation win32/virut

hi!

recently I got infected with a virus named win32/virut I probably received it through an infected Indesign-torrent, as my virus scan prompted me that I had 70 virus infections as soon as I opened Indesign..

The virus scanner I had at that time was Avira Antivirus, but the virus spread way faster than the scanner, so eventually my whole pc (almost every .exe file) got infected and there was not much more I could do than to reformat my pc. Didn't lose any files because I have a flash drive. After that I used a program from AVG which was specifically designed to destroy win32/virut.

Well the problem is, my PC SEEMS to be clean, multiple virus scans confirm this. BUT my avira (reinstalled it) keeps giving me prompts sometimes that the win32/virut has infected a file. It doesn't seem to do much, but I want it to be completely removed from my computer. I have an idea of how the virus could have survived the reformatting: I used two small USB-drives during the time my PC got infected so they may have been infected too. Antivirus scans say that they are also clean now.

But still, my PC keeps giving me prompts sometimes about the win32/virut being detected!! Also, it seems like it is running a bit slower than it used to..

Can anyone tell me what to do?

**sorry for the long post and the bad English, it is not my native language **
Sponsored links
  #2  
Old 01-24-12, 20:11
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,764
Thanks: 62
Thanked 7,830 Times in 4,252 Posts
Default Re: win32/virut

Quote:
Originally Posted by cicaro View Post
Didn't lose any files because I have a flash drive.
Virut can spread to every drive connected to your PC. Even if you temporarily just plug in a flash drive, executable files can quickly become infected. And if you take this flash drive ( or your external USB drive ) and plug it into another PC, you can infect this second PC.

Quote:
Originally Posted by cicaro View Post
BUT my avira (reinstalled it) keeps giving me prompts sometimes that the win32/virut has infected a file. It doesn't seem to do much, but I want it to be completely removed from my computer. I have an idea of how the virus could have survived the reformatting: I used two small USB-drives during the time my PC got infected so they may have been infected too. Antivirus scans say that they are also clean now.
Some forms of Virut are not detected by scanners. And then there are other forms that are detectable but not fixable. The standard recommendation with any PE file infector like Virut is to format and reinstall. This all applies to your external drive since if just one executable file existed on it, it could be infected and you will restart the infection all over again by using the external drive.

Virut does not just infect .exe files. It can easily infect ( just to name a few )
.com
.dll
.ocx
,msi
.dat
.pdf

And even files like .mp3, .avi, .mov, .mpg etc can be infected. Thus you see why Virut is so nasty and requires a complete wipe.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
  #3  
Old 01-25-12, 06:56
cicaro cicaro is offline
Private E-2
 
Join Date: Jan 2012
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: win32/virut

So you are saying that I should reformat my pc again AND reformat the flas drives I used?
  #4  
Old 01-25-12, 07:03
cicaro cicaro is offline
Private E-2
 
Join Date: Jan 2012
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: win32/virut

some extra information:

I have 2 hard disk drives (C: and D. I scanned both with a program called rmvirut.exe, made by AVG. Almost all of the .exe files were infected and cleaned by the program. After that I reformatted the C:drive. PC seemed clean.

But after reformatting I plugged two USB flash drives which I also used during the time my PC was infected (not knowing the flash drives could be infected). I scanned those using multiple virus scanners, some found the virus and cleaned it. Now the flash drives seem clean, but the PC seems infected (but only SOMETIMES). the rmvirut.exe doesn't detect the virus anymore, although it seemed very effective the first time I used this program.

I would really hate to reformat the D: drive, because all of my files are on that drive, and I can't put them anywhere else because I am afraid they contain the virus. The only valuable files are .doc and .jpg.

So what to do?
  #5  
Old 01-26-12, 16:13
chaslang's Avatar
chaslang chaslang is offline
MajorGeeks Admin - Master Malware Expert
 
Join Date: Feb 2004
Location: Northern New Jersey USA
Posts: 80,764
Thanks: 62
Thanked 7,830 Times in 4,252 Posts
Default Re: win32/virut

As stated earlied, Virut and other PE type file infectors are big trouble which is why formatting is necessary. It is extremely difficult to know every file and file type that is getting infected. Anything that can be considered a binary executable ( which is many files types including .doc and .jpg ) can carry infections. Whether your are infected or not, I cannot say for sure. Most frequently, Virut better known to hit .exe, .com, .dll, .dat, .msi, and .ocx type files. Thus your .doc and .jpg files may be okay.

The problem is that if ANY exectuable type file were on your removal drives, you could have spread the infection everywhere you used it. And if any executable files are still on the drives, they have to be considered infected and MUST be deleted. If you save even one infected file, it will just start all the problems over again.
__________________
"There are 10 types of people in this world. Those who understand binary and those who don't."


Support Majorgeeks on Facebook:

Majorgeeks Newsletter
Sponsored links
Closed Thread

Tags
virus, virus malware, virus removal, win32/virut

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need help with Win32/Virut please. Master_Raul Malware Removal 2 07-22-09 16:24
WIN32.Virut.56 Asinine08 Malware Removal 1 07-07-09 01:26
Virus.Win32.Virut.ce/win32.vitro rulybatters Malware Removal 3 05-02-09 00:30
Win32/virut.a J B00gie Malware Removal 1 09-22-07 23:28
Win32/virut.o BILLMCC66 Malware Removal 8 09-20-07 16:48


All times are GMT -5. The time now is 11:21.

MajorGeeks.Com Menu

MajorGeeks.Com \ All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ NEW! PC Games \ System Tools \ Macintosh \ Demonews.Com \ Top Downloads

MajorGeeks.Com \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds


All content Copyright MajorGeeks.com source code Powered by vBulletin® Version 3.8.4
Copyright © 2009 vBulletin Solutions, Inc. All rights reserved.
Ad Management by RedTyger