Jump to content
Login new information ×
Login new information

Where the Virus Coming From?

ramiz0

By ramiz0
in Software Chat

 Share

Recommended Posts

ramiz0

ramiz0

Posted
Posted

Hello guys a few days ago i went to my friend,s house to see her PC she is was having problem installing firewall whenever she installs any firewall a bullshit virus appears W32\Virut.Gen [Virus]

zHoQUu6.jpg

This happens only when she installs firewall otherwise system is clean i completely format her PC,s hard drive and installed fresh windows XP and scanned the system again with more than 3 antiviruses now it was clean then i installed firewall (Comodo) and bullshit virus was again there :angry: antivirus firstly detect this virus in this folder

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files

Virus affects the whole system even the real time protection is turned on

then it affects all the system i can,t understand where that virus is coming from :huh:

Any Idea What should i do :mellow:

Link to comment
Share on other sites
  • Replies 23
  • Views 2.1k
  • Created
  • Last Reply

Top Posters In This Topic

  • ramiz0

    5

  • AlexCross

    3

  • STEEL

    2

  • emerglines

    1

Popular Days

Top Posters In This Topic

Popular Days

rudrax

rudrax

Posted
Posted (edited)

This virus has infected the system through a removable drive or while accessing the internet. It may be due to the failure of the AV or user overridden activity or the virus was codded specifically to bypass the AV engine.

Now you have to get rid of this. Install McAfee Stinger and run a full scan. Then try installing the firewall again. AVG has a special virut remover tool - you can try that also.

But a PC after infection never feels good until a reformat.

Edited by rudrax
Link to comment
Share on other sites
SnakeMasteR

SnakeMasteR

Posted
Posted

Virut is commonly spread via USB flash drives / External Hard Drivers. It's often contracted by visiting remote, crack and keygen sites. Torrents also.

Your best option would to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. In many cases the infected files (which could number in the thousands) cannot be deleted.

http://forum.avira.com/wbb/index.php?page=Thread&threadID=128509

You might have a long timespend with that virus, especially when you need to backup many data, forget executables, only backup pictures, music, videos and documents, the rest is lost.

There is no 100% guarantee that you can remove it completely, if you forget to clean a single infected file, all the time you spend previously will be lost and the infection comes back.

Also, if you have bunch of files infected, don't bother try to clean it, the best option is to do a reformat and of course you need to be sure that no other external USB device or HDD is responsible for the infection (it can be a single file actually). Just think about what happens when the system has been reinstalled and the same external USB device or HDD infects the clean system again, it will be a never ending story. :lol:

Link to comment
Share on other sites
ramiz0

ramiz0

Posted
  • Author
Posted

Virut is commonly spread via USB flash drives / External Hard Drivers. It's often contracted by visiting remote, crack and keygen sites. Torrents also.

Your best option would to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. In many cases the infected files (which could number in the thousands) cannot be deleted.

http://forum.avira.com/wbb/index.php?page=Thread&threadID=128509

You might have a long timespend with that virus, especially when you need to backup many data, forget executables, only backup pictures, music, videos and documents, the rest is lost.

There is no 100% guarantee that you can remove it completely, if you forget to clean a single infected file, all the time you spend previously will be lost and the infection comes back.

Also, if you have bunch of files infected, don't bother try to clean it, the best option is to do a reformat and of course you need to be sure that no other external USB device or HDD is responsible for the infection (it can be a single file actually). Just think about what happens when the system has been reinstalled and the same external USB device or HDD infects the clean system again, it will be a never ending story. :lol:

Well i did not use any usb device after complete reinstall just download the firewall and the virus was there again

Link to comment
Share on other sites
ramiz0

ramiz0

Posted
  • Author
Posted (edited)

This virus has infected the system through a removable drive or while accessing the internet. It may be due to the failure of the AV or user overridden activity or the virus was codded specifically to bypass the AV engine.

Now you have to get rid of this. Install McAfee Stinger and run a full scan. Then try installing the firewall again. AVG has a special virut remover tool - you can try that also.

But a PC after infection never feels good until a reformat.

yes if only you are online then the virus will affect the whole system

Edited by ramiz0
Link to comment
Share on other sites
STEEL

STEEL

Posted
Posted

This virus has infected the system through a removable drive or while accessing the internet. It may be due to the failure of the AV or user overridden activity or the virus was codded specifically to bypass the AV engine.

Now you have to get rid of this. Install McAfee Stinger and run a full scan. Then try installing the firewall again. AVG has a special virut remover tool - you can try that also.

But a PC after infection never feels good until a reformat.

yes if only you are online then the virus will affect the whole system

Bro; if U cannot Rid urself of the Virus, better to Low-Level Format the Hard-Drive & then New Install to be safe :rolleyes:

http://www.softpedia.com/get/System/Hard-Disk-Utils/HDD-Low-Level-Format-Tool.shtml

I contacted AVG a while back & they gave me this virut remover tool, but also stated if Virus not removed or if U are not sure, Formatting is the way to go. The FireWall that works best for me and free, is P/Firewall Pro.

Link to comment
Share on other sites
Ambrocious

Ambrocious

Posted
Posted

Try all of these these to help you get rid of the problem:

SUPERAntiSpyware

MalwareBytes

HitmanPro

I would also suggest getting Kaspersky Antivirus or Internet Security for a good paid antivirus or get avast! Free antivirus for a good free antivirus.

Use Firefox with the Add-ons:

AdBlock Plus

DoNotTrackMe

NoScript

Clean your PC regularly with CCleaner. Download TuneUp Utilities and get to know how it works, use it to clean and secure your computer.

Keep your computer free from exploits with Malwarebytes Anti-Exploit 0.09.3.1000.

Use Your Uninstaller! Pro to uninstall programs and it will even help get rid of broken installed programs or programs that are even malicious and normally refuse to uninstall.

Change your web surfing habits, don't fall for simple tricks like clicking on a pop up. New toolbars on your web browsers that seem to have come out of nowhere usually means that you are infected or at least have adware installed on your computer.

Link to comment
Share on other sites
eurobyn

eurobyn

Posted
Posted (edited)

virut virus (take harddisk out the pc and let it scan by another pc ) then when it is cleaned make the backups you need the most and format the drive and re install !

virut is a very nasty virus that even infects after deleting the files.remove one infected file and get 2 more.

i have seen it before , clean one exe file and after cleaning the file is again infected. a virut virus infection infects all exe files.and if you are running from this drive it will keep infected !

and if you do not want this again (use a better antivirus program)

Edited by eurobyn
Link to comment
Share on other sites
ramiz0

ramiz0

Posted
  • Author
Posted

Thanks friends i,ll report back if the problem is not solved thanks for your suggestions

Link to comment
Share on other sites
Ragdd

Ragdd

Posted
Posted

You could clean the computer by adding the harddisk in a clean computer and scan it with a very good antivirus like Kaspersky Antivirus.

Or you could download the Kaspersky resue disk and burn the ISO on a CD(RW) and boot with this CD on the infected computer.

http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso

But I wouldn't trust the computer anymore and would recommend a full format and re-installation of Windows and software.

First I would connect the harddrive to a clean computer with a very good antivirus.

I would then copy all data that have to be saved like pictures, movies, music (no exe-files)

The secure erase the infected harddisk with a program like Ccleaner.

Then re-install the harddive in the computer and start a full format and re-installation.

Install all Windows updates and install a realible good anti-virus.

I don't know the system specs of that PC, but recommend Kaspersky Antivirus on a high end PC of Eset NOD32 antivirus on a more slower PC.

Also as a browser, I would recommend Firefox with some anti-malware addons or Google Chrome.

Link to comment
Share on other sites
AlexCross

AlexCross

Posted
Posted (edited)

Just do a complete format to be sure . If not, you might find yourself in the same situation after you reinstall windows :pos: (PS. I don't think is recomandable anymore XP as a home user), it's jut my opinion.

Edited by AlexCross
Link to comment
Share on other sites
7even

7even

Posted
Posted

Just do a complete format to be sure . If not, you might find yourself in the same situation after you reinstall windows :pos: (PS. I don't think is recomandable anymore XP as a home user), it's jut my opinion.

I guess he had already done that :

"..i completely format her PC,s hard drive and installed fresh windows XP and scanned the system again with more than 3 antiviruses.."

Link to comment
Share on other sites
AlexCross

AlexCross

Posted
Posted (edited)

Just do a complete format to be sure . If not, you might find yourself in the same situation after you reinstall windows :pos: (PS. I don't think is recomandable anymore XP as a home user), it's jut my opinion.

I guess he had already done that :

"..i completely format her PC,s hard drive and installed fresh windows XP and scanned the system again with more than 3 antiviruses.."

Well. I meant to do a proper format, not saving things on DVDs or USBs and then put them back after the windows was reinstalled. If the windows is clean, the pc isn't connected to another computer, and no DVD or USB is inserted after, I don't see how that virus can affect the pc. But i'm not a computer expert, not even by far, so I might be wrong :P ( I saw from his printscreen that he saved files from the period when the pc was infected, this is why I said a proper format)

Edited by AlexCross
Link to comment
Share on other sites
Cyberboom

Cyberboom

Posted
Posted (edited)

I think you have to get rid of this infected folder cause Avira is only blocking access not deleting it .. (use anti-malware programs that mates here advised you)

Then try to install your desired Firewall software :)

Edited by Cyberboom
Link to comment
Share on other sites
uffbros

uffbros

Posted
Posted

Only way I know that after doing a reformat and still having the virus is if it is a boot sector virus. That would survive a reformat. You need to use a program to do a low level format which will wipe the boot sector as well and then reinstall windows.

Link to comment
Share on other sites
LOQUILLO

LOQUILLO

Posted
Posted (edited)

Nah! Ramiz0 don't said if his harddisk have others partitions, In there are the problem, virus is saved in the System Volumen Information folder, then him must delete alls the partitions, completly, after to create it again. To me this is the only way to eliminate this persistent virus.

If don´t wanna delete the partitions, then delete the files into System Volumen Information, RECYCLER and $RECYCLE folders.

Edited by LOQUILLO
Link to comment
Share on other sites
DesiPirate

DesiPirate

Posted
Posted

The image(if its from your PC) posted by you shows the location from E:\ProgramFiles\Downloads...........maybe you are installing some infected exe from there.

I think it will be better to do a complete format by taking backup of only neccessary items.

Link to comment
Share on other sites
emerglines

emerglines

Posted
Posted (edited)

I had been hit by that virus, the solution is to change any software to .com extension if you want to use any software.

second, use a bootable antivirus scanner, and make sure it will be updated. (Recommended) "http://rescuedisk.kaspersky-labs.com/rescuedisk/updatable/kav_rescue_10.iso"

Third i don't want you to do it but you will reformat you computer this is the last choice

In my case Kaspersky clean some of my files but didn't fix them all so i delete most of them and rescan many times to make sure its removed, format the USB driver before you use it again to be not infected a second time.

If you would like to give us more information about the infection do a Combofix scan and send to us the result log file here.

Edited by emerglines
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...