Welcome guest. Before posting on our computer help forum, you must register. Click here it's easy and free.

Author Topic: is this the end?  (Read 1220 times)

0 Members and 1 Guest are viewing this topic.

mike357

  • Guest
is this the end?
« on: April 01, 2010, 10:14:08 AM »
Two security programs confirmed virut.bn on my system. I've taken steps on my own but i haven't had any real luck getting rid of it.  MS security essentials freezes during the cleanup and malwarebytes hasn't worked for me either. I've read up on the problem enough to know that i'm in serious trouble, but i thought i'd check with an expert before I reformatted and reinstalled from my recovery partition.

I'm currently running AVG's win32/virut remover, but it has yet to turn up anything in my windows folder or anywhere else. Thanks in advance for any help you can give me.

zf490

  • Guest
Re: is this the end?
« Reply #1 on: April 01, 2010, 11:55:50 AM »

evilfantasy

  • Malware Removal Specialist
  • Moderator


  • Genius
  • Calm like a bomb
  • Thanked: 489
  • Experience: Familiar
  • OS: Windows 10
Re: is this the end?
« Reply #2 on: April 02, 2010, 05:31:54 PM »
There is NO safe cure for this. If you see one file infected with Virut immediately disconnect from the Internet, backup and scan any personal files with a clean computer, and start reformatting and reinstall the infected OS.

This is a Virut infection. Unfortunately the only reliable cure is a complete reformat and reinstall. See here for more information. Virut and other File infectors - Throwing in the Towel?

Many of the major antivirus vendors have Virut removal tools but many times Virut is not repairable. The only reliable way to remove Virut is removing the system files it has infected and in turn crippling the system and calling for a reformat/reinstall anyway. Remember it is always spreading so trying to contain it is impossible. See this article on why it is so destructive. Under the Hood: Virut

If you do try to repair this without reformatting then your best chance is using the Avira AntiVir Rescue System CD. (free) And/or the Dr Web LiveCD. (also free)

Backing up files before formatting

If you backup any files they should be scanned from a clean properly protected PC before restoring. Also be careful what scanner is used as some are very poor at detecting and even worse at protecting from this infection. In fact due to the nature of these new infections there are probably no tools that will properly protect you from the infection. Be very selective and only backup files you can not replace like text documents and personal photos.

Do not back up to another machine! It will likely become infected by Virut. Burn to DVD/CD, a flash drive or to an external drive which has nothing else on it and which you can format should it become infected from the backups.

I suggest running at least 3 of the below scanners on the backup files. Run the first scan then reboot before running the second then reboot after the second before running the third.
 
-) Dr.Web CureIt!
-) AVG Win32/Virut Removal Tool
-) Symantwc W32.Virut Removal Tool
-) McAfee Avert Stinger
-) Microsoft Windows Malicious Software Removal Tool

If you do not know how to perform a fresh install, use this website.  WindowsReinstall.com

Very important, do the following immediately or as soon as possible!

If you have done any online transactions, call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts and/or change all of your account numbers.
 
From a clean computer change all of your online passwords including for email, banks, financial accounts, PayPal, eBay, online credit card companies and any online forums or groups you belong to etc.

DO NOT change passwords or do any transactions while using the infected computer. The attacker will get the new passwords and transaction information.