Content
W32/Virut.j!C1CE762F
- Type
- Virus
- SubType
- -
- Discovery Date
- 09/23/2008
- Length
- 22016
- Minimum DAT
- 5389 (09/22/2008)
- Updated DAT
- 5389 (09/22/2008)
- Minimum Engine
- N/A
- Description Added
- 09/23/2008
- Description Modified
- 09/23/2008 5:40 AM (PT)
Tab Navigation
Characteristics
| File Property | Property Value |
|---|---|
| FileName | Unavailable |
| McAfee Detection | W32/Virut.j |
| Length | 22,016 bytes |
| CRC | C1CE762F |
| MD5 | DFE2916EF44BFF48584CEAAA1FECE0CF |
| SHA1 | 041E81DD9B0E89652247BBDA5ECE3B9449723955 |
Other Common Detection Aliases
| Company Name | Detection Name |
|---|---|
| avast | Win32:Virtob |
| Dr.Web | Win32.Virut.40 |
| Eset | Win32/Virut.NBF virus |
| FortiNet | Suspicious |
| Kaspersky | Virus.Win32.Virut.bq |
| microsoft | trojan:win32/anomaly.gen!d |
| panda | Suspicious |
| rising | Win32.Agent.cd |
| Symantec | W32.Virut.W |
| Trend Micro | PE_VIRUT.LJ |
| V-Buster | Win32.Virut.Gen.4 |
AvertŪ Labs has observed the following system activities:
| Activity | Risk Level |
|---|---|
| Enumerates open windows |
Medium |
| Enumerates running processes |
Medium |
| Uses shared memory of other processes |
Low |
This sample can be identified by the following symptoms.
System Changes
These are general defaults for typical path variables. (Although they may differ, these examples are common.):
%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows NT/2000)
%SystemDir% = \WINDOWS\SYSTEM (Windows 98/ME), \WINDOWS\SYSTEM32 (Windows XP/Vista), \WINNT\SYSTEM32 (Windows NT/2000)
%ProgramFiles% = \Program Files
Symptoms
This symptoms of this detection are the files, registry, and network communication referenced in the characteristics section.
Method of Infection
Viruses are self-replicating. They are often spread by a network or by transmission to a removable medium such as a removable disk, writable CD, or USB drive. Viruses may also spread by infecting files on a network file system or a file system that is shared by another computer.
Removal
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Variants
Variants
N/A
All Information
Overview -
This is a virus detection. Viruses are programs that self-replicate recursively, meaning that infected systems spread the virus to other systems, which then further propagate the virus. Although many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.
Characteristics
Characteristics -
| File Property | Property Value |
|---|---|
| FileName | Unavailable |
| McAfee Detection | W32/Virut.j |
| Length | 22,016 bytes |
| CRC | C1CE762F |
| MD5 | DFE2916EF44BFF48584CEAAA1FECE0CF |
| SHA1 | 041E81DD9B0E89652247BBDA5ECE3B9449723955 |
Other Common Detection Aliases
| Company Name | Detection Name |
|---|---|
| avast | Win32:Virtob |
| Dr.Web | Win32.Virut.40 |
| Eset | Win32/Virut.NBF virus |
| FortiNet | Suspicious |
| Kaspersky | Virus.Win32.Virut.bq |
| microsoft | trojan:win32/anomaly.gen!d |
| panda | Suspicious |
| rising | Win32.Agent.cd |
| Symantec | W32.Virut.W |
| Trend Micro | PE_VIRUT.LJ |
| V-Buster | Win32.Virut.Gen.4 |
AvertŪ Labs has observed the following system activities:
| Activity | Risk Level |
|---|---|
| Enumerates open windows |
Medium |
| Enumerates running processes |
Medium |
| Uses shared memory of other processes |
Low |
This sample can be identified by the following symptoms.
System Changes
These are general defaults for typical path variables. (Although they may differ, these examples are common.):
%WinDir% = \WINDOWS (Windows 9x/ME/XP/Vista), \WINNT (Windows NT/2000)
%SystemDir% = \WINDOWS\SYSTEM (Windows 98/ME), \WINDOWS\SYSTEM32 (Windows XP/Vista), \WINNT\SYSTEM32 (Windows NT/2000)
%ProgramFiles% = \Program Files
Symptoms
Symptoms -
This symptoms of this detection are the files, registry, and network communication referenced in the characteristics section.
Method of Infection
Method of Infection -
Viruses are self-replicating. They are often spread by a network or by transmission to a removable medium such as a removable disk, writable CD, or USB drive. Viruses may also spread by infecting files on a network file system or a file system that is shared by another computer.
Removal -
Removal -
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
