- Connects to the internet without permission
- Installs itself without permissions
- Slow Computer
- Slow internet connection
VirusWin32Virut.BN is a malicious virus which infects .exe and .SCR Windows files. First released on 6 March 2010, it also creates backdoors to the system which makes it easier for other malicious threats to gain entry to the system. It will also connect to a remote IRC server which allows a remote attack to download and execute arbitrary files onto the infected PC. VirusWin32Virut.BN operates under various other aliases across the Internet, some of which are:
This seemingly ubiquitous infection will go on to completely infect your entire system and will cause severe damage to your PC. It will afford criminal developers complete control of your system, allowing them to use it for seditious purposes such as Denial of Service (DoS) attacks, mass spamming campaigns and other nefarious purposes. Because of its surreptitious infiltration of the system and the fact that it completes all of its actions in the system’s background the user will find it difficult to detect and remove VirusWin32Virut.BN from the system without some help from a powerful security tool.
VirusWin32Virut.BN will disable the Windows System File Protection by injecting its code into the winlogon.exe Windows process. The code will patch the system file sfc_os.dll in memory which will allow the virus to infect files which are protected by Windows System File Protection. It will then go on to infect .exe and .scr files on access. This means actions like viewing or copying files with Explorer will result in files being infected and the virus will spread from one machine to another.
In order to limit the damage this malicious threat will be able to cause your PC you need to destroy VirusWin32Virut.BN with the help of a genuine security tool. This will not only obliterate VirusWin32Virut.BN for good but will also protect your PC against similar attacks in future.