The Virut Family Of Viruses


Threat Name: .Virut.CF - Also Known As: W32/Virut.n, PE_VIRUX.A.
Threat type: Virus

Situation Summary

The Virut family of viruses has been spreading through infected Web sites – often bypassing traditional firewalls and virus scanners.  Norton™’s products detect this threat and our Browser Protection technology, found in Norton 360™, Norton™ AntiVirus and Norton™ Internet Security, prevents this threat from infecting your system.  


Who is at risk?

Because these viruses infect Web sites, anyone who surfs the internet is at risk. There is no way to know ahead of time if a Web page is infected. However, users of up-to-date Norton products including Norton 360™, Norton™ AntiVirus and Norton™ Internet Security are protected from being infected through our unique Browser Protection technology.

What does this threat do specifically?

This family of viruses infects program files and Web files on your computer – in some case irreparably damaging them. If your computer is also a web server the virus will also attack anyone who visits your Web site. The virus has the ability to silently install new programs onto your system including updated versions of itself and programs that might grant the virus’s author remote control over your computer.

What to do if you are infected?

Because of the extent of the damage some variants of these viruses do to files, if your computer is infected it is best to restore your computer from a clean backup. Detailed removal instructions are available here.

How To Avoid The Threat

  1. Run a great security suite – one with Browser Protection technology. Stand alone virus scanners such as many freeware solutions are not sufficient.
  2. Keep your computer updated with the latest security patches. If you don’t know how to do this, have someone help you set your system to update itself.
  3. Don’t use “free” security scans that pop-up on many Web sites. All too often these are fake, using scare tactics to try to get you to purchase their “full” service. In many cases these are actually infecting you while they run.
  4. Don’t download files from BitTorrent, LimeWire or other peer-to-peer networks. As valuable as those services can be, criminals have learned to use them to distribute viruses, trojans and worms.
  5. Turn off the “autorun” feature that will automatically run programs found on memory sticks and other USB devices.
  6. Have backups of your computer. If you don’t have a backup solution, consider purchasing a hard drive and using Symantec System Recovery 2013.
  7. Be smart with your passwords. Here are tips to secure your passwords:
    • Change your passwords periodically
    • Use complex passwords – no simple names or words, use special characters and numbers
    • Using a separate, longer password for each site that has sensitive personal information or access to your bank accounts or credit cards.
    • Use a passwords management system such as Identity Safe (included in Norton™ Internet Security and Norton 360™) to track your passwords and to fill out forms automatically.
  8. Use an internet browser with strong security such as Firefox, Opera or Internet Explorer 8.0.


Recommended Actions