Hi Everyone! I’m new to the forum and I admit I just reached this place today when my PC got infected by the win32 vitro thing… Maybe because all is well in my PC until about 9 hours ago…
I downloaded a game for a private server and Google Chrome already detected the file as something that has malicious content or something but I ignored because I got used to it on that game (that game had so many private servers).
Then came the WIN32 VITRO…
I’m a newbie in being infected cause I highly consider taking all precautions with viruses but I think I made the wrong decision of taing the risk of still using the file I downloaded so what I did was, and I am sure everbody will say I did it wrong was to activate the boot scan of AVAST and decided to choose delete on the action. I thought I only got one or two files infected 'coz I did that scan after 10mins from downloading bbut when the boots scan was finished, it deleted 99 files, most of them in win32 folder, and there was one instance when it said one file was not deleted so I tried the rest of the choices (like repair, move to chest, etc) and ended up with “ignore”.
Everyone I really need your help. Can’t afford to lose some important files.
I read in some threads that we got some great experts here so I highly appreciate all your help. Please let me know step by step what I need to do.
I’m using windows 7 32-bit and just a free Avast anti-virus. I don’t know if this information will help you guys figure out what’s the best thing to suggest.
And please, only in layman’s term… Not so techie here.
Thanks Pondus for the quick reply… That’s what I’m thinking of as well but still wanna ask you guys’ help to see if this machine can still be salvaged… Even my notepad.exe was deleted lol…
As I was reading other threads, I noticed that you guys may need the scan logs… where do I find that?
And oh, I’m still searching the internet for a notepad installer if there is…
And yeah, I’m checking if I activated the backup thing 'coz I remember I disabled that before due to huge disk space it consumed…
I now have the Malwarebytes Anti-Malware scanning my machine. So far, it got 52 threats detected (again, after most of my files have been deleted by avast boot scan) and I think this may take a while so I’m gonna have a nap and be back here in 15 minutes, that’s 22:15 GMT
I don’t have good news. Virtu is a shortage of Virtumonde, another alias of Virut - which is a death sentence for a system.
Your confirmation is that legitimate apps/executable files have been quarantined by avast. If so, we can really do nothing here.
The only one advice for you is to reformat/reinstall not only of your system drive, but all disks/partitions. Virus doesn’t care, it infects every file that he’s able to spot.
If you want to backup your personal data, do it only for music, videos, documents, photos… Do not backup any exe, dll, scr, htm, zip and rar files. Any games/apps shouldn’t be backed-up also. All needs to go down.
Very sad to hear about your predicament, always very unfortunate to lose a computer to a vicious file-infection like Virut, designed just simply to ruin operational systems in an unpredictable way and to an unpredictable extent. To avoid such an infection in the future while your computer is been helped to a total re-install to exist a-new, read the following 22 steps http://www.wikihow.com/Avoid-Getting-a-Computer-Virus-or-Worm
I have two HDDs – one for my drives C: and D: , and the other for the drives E: and F: …
Do I have to reformat both? Or can I just leave drives E: and F: since the ones affected were just drives C: (where 99 files were deleted) and D: (which has just one file infected and deleted by Avast boot scan)?
Virut’s first step upon running is injecting the process (winlogon.exe), for this reason firewalls will not identify the virus. The virus will infect files on local and shared drives. It does not depend on usage of these files.
Also completely uninstall your avast! av solution and reinstall anew as the existing av program has been compromised and can no longer be trusted.