Jump to content

New Viruses popping up for no reason..

Recommended Posts

So a couple of days ago I was surfing the net (no unsafe or risky sites.. I've visited the sites countless times in the past and never had any troubles. Wasn't downloading anything suspicious like warez or whatever either), when AVG popped up with a warning saying it'd found a virus. So I tried deleting the virus and half of them were 'not found', they'd moved themselves or something.

I already had the free version of Malwarebytes installed so I scanned with that and it picked up a few viruses.

Now the strange thing is that after scanning with Malware and leaving the computer, doing ABSOLUTELY NOTHING, I come back later and AVG has found another virus. I scan again with Malware and its found a whole ton more.

This has happened repeatedly. The only virus that has actually done something visible made Internet Explorer pop up with a dozen ads. I think that was prnet.exe, which I closed in Task Manager.

Except that now that virus is back, as well as another 15.

Malware is meant to be an excellent scanner. I've just updated it so perhaps that will fix it but I seriously doubt these are new viruses.

Can anyone help me out? It seems the viruses are hiding themselves, or recreating themselves after being deleted, or something. But I need this computer for work and uni (and it needs to be running at top performance as I do audio and video work) so this is a really big problem for me. I'm not totally clueless with viruses and computers in general but I'm not by any means a 'pro'.

Link to post
Share on other sites

Ok unfortunately I'm fairly sure I've got Virut.

Firstly.. how do I check that I DO have it? I'm just estimating that I have it based on the research I've done.

I don't mind formatting my hard drive (this is basically a clean slate, have to reinstall EVERYTHING if I understand correctly? I got this computer from my Dad so a fresh install would be good to clear off the junk), because all my data is saved on an external HD. How do I know that the HD is not also infected, though? I've disconnected it, and it holds no .exe files, just pure data, I run the programs off the computer's harddrive.

Link to post
Share on other sites

  • Staff


From the log, it does indeed look like you're dealing with Virut :mellow:

In that case, it's unfortunately a lost case - Game over situation and a format and reinstall is the fastest and especially the safest solution.

You may want to read this why:

Virut and other File infectors - Throwing in the Towel?

So, I suggest you to start backup all of your valuable data/documents/pictures/movies/songs/etc.. Do NOT backup any applications/installers and Do NOT backup any .exe/.scr/.htm/.html/.xml/.zip/.rar files...

This because these files may be infected as well. If you back them up and replace them afterwards, it will infect your computer again.

Read here for instructions how to format and reinstall Windows: http://web.mit.edu/ist/products/winxp/adva...all-format.html

You should be fine with the external HD :)

Link to post
Share on other sites

Ok thanks

This hopefully won't be too detrimental as I've been meaning to wipe a clean slate on the computer for months.

Is there a program that can determine whether it definitely IS Virut? None of the scanners have actually picked up 'Virut', just various trojans and stuff.

Link to post
Share on other sites

Sorry for all these double posts, I keep remembering stuff to post after I've hit post and theres no edit button.

How do you think I got Virut? Is it something you can 'catch' just by visiting a dodgy site? (I was using Google Chrome.. so no NoScript running but it does have its own filter which basically warns you. I think I may switch back to Mozilla now, even though its a lot slower). Or is it something that you can get by downloading a bad file? All I've downloaded in the last few weeks have been videos and mp3s..

The most annoying part is that I can't work out how I got it.

Link to post
Share on other sites

Hi! Don't worry about the EDIT button, that comes after your 50th post. I don't think I can tell you how you got Virut, but the BEST advice is the post above by: miekiemoes Follow her post instructions. Read what she posted. good luck. regards, YB

Link to post
Share on other sites

Ok well I've got a Windows Vista which I can reinstall with (using XP before) so this'll at least give me a clean start.

The only thing I'm worried about is..

You say my External HD 'should' be safe. I had all my downloads on there, so it did have some .exe's and stuff. Is the external HD 'immune' to the virus? Or will it just not regenerate after cleaning?

If I plug it into another computer to scan it, and the HD IS infected (dunno if this is possible), will that infect the new computer? If so, is there a way to scan it without the risk of infection?

I don't want to plug it back in to the already infected computer in fear that it will infect the external HD, although it has been plugged in for at least a day while the infection was running.

Thanks so much for your help so far.

Link to post
Share on other sites

  • Root Admin

No DO NOT plug in your external hard drive until the Operating System is fully installed and updated with both a good current Anti-Virus and all of the Microsoft Security updates. Then back up the system. Then plug in the external drive but don't let it autolaunch, you can press and hold the shift key down while it's being plugged in to help stop autolaunch. Then do a FULL SCAN of the drive with your Anti-Virus and delete any Virut stuff found.

Yes, this virus is very capable of infecting other systems.

Link to post
Share on other sites

I'll be installing Vista tonight

But.. I left my computer on, running, all day. Didn't use it. I had the WiFi disconnected (its a laptop), so I couldn't get on the net and no-one could get on.

Did a virus scan this evening and there are no new viruses. Could it be a different virus? Or does Virut only spread when you actually use the applications, in which case its the fact that I didn't use the computer rather than the fact that it had no net that led to me having no new viruses?

Link to post
Share on other sites

  • Staff


From the malwareBytes screenshot I could see that some detections come in 90% with virut (for example the ptidle folder that was found). But the fact that you are on Vista is maybe your luck and because of that, Virut *may not be present.

In anyway, your computer IS still severly infected, that's why you have to do the following..

Scan and post logs - read note at bottom in green

If you're having Malware related issues with your computer that you're unable to resolve.

  1. Please read and follow the instructions provided here: I'm infected - What do I do now?
  2. If needed please post your logs in a NEW topic here: Malware Removal - HijackThis Logs
  3. When posting logs please do not use any Quote, Code, or other tags. Please copy/paste directly into your post and do not attach files unless requested.
  • Please do not post any logs in the General forum. We do not work on any logs posted in the General forum.
  • Please do not install any software or use any removal/scanning tool except for those you're requested to run by the Helper that will assist you.
  • Using these other tools often makes the cleanup task more difficult and time consuming.
  • If you have already submitted for assistance at one of the other support sites on the Internet then you should not post a new log here, you should stay working with the Helper from that site until the issue is resolved.
  • Do not assume you're clean because you don't see something in the logs. Please wait until the person assisting you provides feedback.
  • There are often many others that require asistance as well, so please be patient. If no one has responded within 48 hours then please go ahead and post a request for review
  • NOTE: If for some reason you're unable to run some or any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just proceed and post a NEW topic as shown in the second link describing your issues and someone will assist you as soon as they can.
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.