win32/virut - cant remove it

gary the great

Lads i got this virus on my computer...

I cannot get rid. have updated AVG and ran it. Ran Spybot and Adware. Downloaded and ran Win32/Virut remover...but to no avail.

Anyone know how to go about this???

Gone Drinking

Have you tried running these apps in safe mode?

aidan_walsh

Please read the sticky at the head of the forum. Run the applications and post the logs.

ActorSeeksJob

Don't bother, it cant be fixed

You are infected with a polymorphic file infector. This infection can and will infect all the machine's executable files .exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.

Malware experts say that a Complete Reformat and Reinstall is the only way to clean the infection. This includes All Drives that contain .exe, .scr, .rar, .zip, .htm, .html files.

• Backup all your documents and important items only.
• DO NOT backup any executable files (,exe .scr .html or .htm)
• Do Not back up compressed files (zip/cab/rar) files that may contain .exe or .scr files
• Reformat and Reinstall as outlined HERE

I suggest you do the following immediately:

• Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
• From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
• DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

gary the great

ActorSeeksJob wrote: »

Don't bother, it cant be fixed

You are infected with a polymorphic file infector. This infection can and will infect all the machine's executable files .exe, .scr, .rar, .zip, .htm, .html. Because there are a number of bugs in its code, it may create executable files that are corrupted beyond repair resulting in an inoperative machine.

Malware experts say that a Complete Reformat and Reinstall is the only way to clean the infection. This includes All Drives that contain .exe, .scr, .rar, .zip, .htm, .html files.

• Backup all your documents and important items only.
• DO NOT backup any executable files (,exe .scr .html or .htm)
• Do Not back up compressed files (zip/cab/rar) files that may contain .exe or .scr files
• Reformat and Reinstall as outlined HERE

I suggest you do the following immediately:

• Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
• From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
• DO NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passwords and transaction information.

:eek:

Dam. Oh crap.

I logged onto my online banking last night to, ****.
Have just called my bank anyway.

Any idea of how i got this, im well protected? The people who create this stuff are scum of the earth, they really are. Im gonna lose years of stuff due to this

Thanks for the advice.

EDIT* just rang AIB and they didnt really want to know. They said if the Falcon Team notice suspicious activity they will contact me.

Other than that the hacker only has my email password, which tbh theres feck all he can really do with it. I need to use this computer with that email so no point in changing it.

Will log onto any of my other banks or anything on this computer....

ActorSeeksJob

Impossible to say really. Usually virut comes with cracks/keygens/p2p programs


Your passwords may be ok, but its best to err on the side of caution.

Pauley2

gary the great wrote: »

:eek:

Other than that the hacker only has my email password, which tbh theres feck all he can really do with it. I need to use this computer with that email so no point in changing it.

Having your email password IS something to worry about because if that email account was used when you set up any other login accounts, all the thief has to do is log in to your email, change the password so you can't get in any more, then try logging in to your other accounts, where, in many cases a failed login will offer to email the password to the email address used during setup...

Hope that wasn't confusing!

RoadKillTs

Probably one of the nastiest ones out there at them moment.
Good advice from ASJ.
Be very careful of what you back up!