Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virut trouble >:O


  • Please log in to reply
8 replies to this topic

#1 vipuladusa

vipuladusa

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 May 2009 - 12:53 PM

Hi everyone. Recently I had the coreguard virus, and i removed that. But a couple days ago my computer had pop-ups asking me to buy crap like viagra etc. I ran malewarebytes and it found things, and reported that it deleted them. I restarted the pc and then scanned again, and it found the same items were infected. I can't seem to update malewarebytes because it "Can't connect to database". I scanned with avg internet security 8.5 and it found 87 files infected with win32/virut. Any tips?

BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 23 May 2009 - 01:28 PM

Hello.

I scanned with avg internet security 8.5 and it found 87 files infected with win32/virut. Any tips?

Format the computer is the option to go here.. I have not seen any successful tool that was able to remove virut (file infector) that was installed successfully installed and/or damages windows files.

Posted ImageVirut File Infector Warning

Your system is infected with a polymorphic file infector called Virut and also has IRC bot functionality. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr) and also web pages (.html and .htm). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. In addition, when it infects, sometimes it will destroy the file it tries to latch onto.

For these reasons, you really can't truly fix Virut. You will need to reinstall and format the operating system on this machine. As of now, security experts suggest that a clean Reformat is the only way to clean the infection and it is the only way to return the machine to its normal working state.

Backup all your documents and important items (personal data, work documents, pictures etc..) only. DO NOT backup any executable files (softwares) and screensavers (*.scr) or any web pages (*.html or *.htm). It attempts to infect any accessed .exe or .scr or .html/.htm files by appending itself to the executable.

Also, try to avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

More information on Virut can be found over here and here

With Regards,
Extremeboy

Edited by extremeboy, 23 May 2009 - 01:29 PM.

Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 vipuladusa

vipuladusa
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 May 2009 - 01:29 PM

Oh, and even though AVG finds the virus i can't delete them with it because they are system files that I need. So is there a way i can heal them?

#4 vipuladusa

vipuladusa
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 May 2009 - 01:31 PM

Thanks extremeboy. But i can't copy the files i need >_< For some reason it says "access denied, check if disk is full or read only'. And it isn't even near full nor is it read only. I woulda reformatted a while back if i could only get the files off the pc >_<

#5 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 23 May 2009 - 01:34 PM

Hello.

But i can't copy the files i need >_< For some reason it says "access denied, check if disk is full or read only'

What are these files in question?

~Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#6 vipuladusa

vipuladusa
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 May 2009 - 01:35 PM

word docs, pics things like that

#7 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 23 May 2009 - 01:45 PM

Hello.

Please run this tool first..

Download and Run FlashDisinfector
  • Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives including your mobile phone.
  • Please hold down the Shift Key while inserting them in your computer
  • Please do so and allow the utility to clean up those drives as well.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
Note: Flash_Disinfector will create a hidden file named autorun.inf in each partition and every USB drive plugged in when you ran it. Don't delete this folder. It will help protect your drives from future infection.


Question: Where are you trying to copy these files to? External Hard-drive? Or...?

Please give me the location of some of the files you are trying to copy. At least 3 in your next reply. Give me one or two of the folders they are in as well.

Just to confirm something for me, see if you can copy the files via Safe Mode. If it doesn't work just let me know.

How to Boot into Safe Mode

I suggest you read over the instructions on how to boot into Safe Mode and then print these instructions out or save them in Notepad because you won't have access to this page while in Safe Mode.

Start in Safe Mode Using the F8 method:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until the boot menu appears.
  • Use your arrow keys to navigate and highlight Safe Mode.
  • Hit Enter.
  • You will now be asked to choose your operating system. Again, use the arrow keys to select Microsoft Windows XP.
  • Hit Enter.
Your computer will proceed to booting into Safe Mode. During the boot process, you may see random code go past your screen. Simply wait for it to pass. Your computer should boot like usually, except with Safe Mode written in the corners of your screen. Your screen may also appear to be a different size because the video drivers are not loaded properly in Safe Mode.

After the boot, you will be asked whether you wish to use system restore, or to continue to Safe Mode. Select OK to choose Safe mode.


Additional instructions on booting into Safe Mode can be found here

I need to leave now, so I'll check back here once I come back home again..

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#8 vipuladusa

vipuladusa
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:01:09 PM

Posted 23 May 2009 - 02:37 PM

I can't boot into safe mode. When I try strings of code come up and just stay on the screen. And if i try to copy or move any files it gives me the "access denied" error =\

#9 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:09 PM

Posted 24 May 2009 - 10:38 AM

Hello.

Please show me a screenshot of it.

Question: Where are you trying to copy these files to? External Hard-drive? Or...?

Please give me the location of some of the files you are trying to copy. At least 3 in your next reply. Give me one or two of the folders they are in as well.


I would try backing up your files via a CDBurner and some spare CDs.

~Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users