Help !!! win32:virut-b (win32:bobic-v; rbot-bot;bobax-p...)

Viruses and worms
1

Hi, my Avast find these viruses, and i’ve a lot of problems … ;-((((
After a scan which find them, i can’t repair the destroy files … Someone could indicate me an effective tool, or the best process to delete them ??? Many thanks !!!

2

Well i know Kaspersky can actually desinfect Virut infected files. Not sure about others but i’d expect BitDefender and DrWeb to be capable of doing that too.

3

You may download a free CureIt utility by Dr.Web.

Dr.Web is one of leaders in curing files. Kaspersky’s cleaning module is rather worse. :slight_smile:

4

Why can’t you repair or destroy them, what errors are displayed ?
What was the infected file name, where was it found e.g. (C:\windows\system32\infected-file-name.xxx) ?

Windows in its infinite wisdom protects files in use (even malware) or in system folders, so it is likely that avast! can’t delete or move files in use. So schedule boot-time scan in avast’s menu if you have XP, win2k or NT, otherwise boot into safe mode and run an avast scan. This should ensure that the file isn’t in use and avast should be able to deal with it.

Trojans generally can’t be repaired (either by the VRDB or avast virus cleaner), because the entire content of the file is malware, so it is either move to chest or delete, move to the chest being the best option (first do no harm). When a file is in the chest it can’t do any harm and you can investigate the infected warning.

The VRDB only protects certain files, .exe, dll and other system files, it doesn’t protect data files or all files, it is not a back-up program, so there are going to be many occasions where repair won’t be an option.
Only true virus infection can be repaired, e.g. when a virus infects a file it adds a small part to it, provided that file is one that avast’s VRDB would monitor and you have run the VRDB, then it may be possible to repair the file to its uninfected state.
However, for the most part so called viruses, trojans (adware/spyware/malware, etc.) can’t be repaired because the complete content of the file is malicious.

5

Halio Nick,

The free Dr.Web demand scanner (restricted version without archived & e-mail files checking)?
ftp://ftp.drweb.com/pub/drweb/windows/drwebcureit.zip

& with manually updates:
http://download.drweb.com/bases/

Coimpatible with the resident avast-av solution.

And all their free services, including the innovative DrWeb anti virus hyperlink scanner plug-in for IE, Firefox, Flock, and manually for Opera browsers, from here:
http://download.drweb.com/drweb+antivirus+free+services/
The online scanning is done at DrWeb servers that are very frequently updated, so you always have the latest definitions. Naboj! (forward!)

Damian