Virus

Virus:Win32/Virut.EPO removal guide

Malware Removal

The Virus:Win32/Virut.EPO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Virus:Win32/Virut.EPO virus can do?

  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Code injection with CreateRemoteThread in a remote process
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Network activity detected but not expressed in API logs

Related domains:

irc.zief.pl
proxim.ircgalaxy.pl

How to determine Virus:Win32/Virut.EPO?



File Info:

crc32: 84B48A97
md5: 0dbef093be62e27bcf325a021f103ae9
name: nop.exe
sha1: e5dddb29dc65e01b413812d1cb7774934cb857da
sha256: c3b6c8d4df705cd7af96962d1468b03c6033bd8d999bef70d2ae7d0734937a5e
sha512: a8230d16b73506e29d086b88e3d85b018819010302880ade2c4c44c24a3ff0b883842fdb6050cbb78439dfeb49122b6184b22aa144fb96eeb96717802c5d925f
ssdeep: 1536:Eujlk8bfAunYCKQEw3dY79jHPjnjKLDJrhZkPcJob29W8ZPWyjse:EugCkwYjHPZbcW8Zuyjl
type: PE32 executable (console) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Virus:Win32/Virut.EPO also known as:

BkavW32.Vetor.PE
MicroWorld-eScanWin32.Virtob.Gen.12
FireEyeGeneric.mg.0dbef093be62e27b
CAT-QuickHealW32.Virut.G
Qihoo-360Win32/Virus.600
McAfeeW32/Virut.ad.gen
CylanceUnsafe
AegisLabVirus.Win32.Virut.n!c
SangforMalware
K7AntiVirusVirus ( f10002001 )
BitDefenderWin32.Virtob.Gen.12
K7GWVirus ( f10002001 )
Cybereasonmalicious.3be62e
TrendMicroPE_VIRUX.E-1
BaiduWin32.Virus.Virut.gen
F-ProtW32/Virut.AI!Generic
TotalDefenseWin32/Virut.17408
APEXMalicious
AvastWin32:Vitro
GDataWin32.Virtob.Gen.12
KasperskyVirus.Win32.Virut.ce
AlibabaVirus:Win32/Virut.ce62b7ea
NANO-AntivirusVirus.Win32.Virut.hpeg
ViRobotWin32.Virut.Gen.C
RisingVirus.Virut!1.A08B (CLOUD)
Endgamemalicious (high confidence)
EmsisoftWin32.Virtob.Gen.12 (B)
ComodoVirus.Win32.Virut.Ce@1fy3nv
F-SecureMalware.W32/Virut.Gen
DrWebWin32.Virut.56
VIPREVirus.Win32.Virut.ce (v)
Invinceaheuristic
McAfee-GW-EditionW32/Virut.ad.gen
Trapminemalicious.moderate.ml.score
SophosW32/Scribble-B
IkarusVirus.Win32.Virut
CyrenW32/Virut.AI!Generic
JiangminWin32/Virut.br
AviraW32/Virut.Gen
MAXmalware (ai score=100)
KingsoftWin32.Virut.mg.53248
MicrosoftVirus:Win32/Virut.EPO
ArcabitWin32.Virtob.Gen.12
ZoneAlarmVirus.Win32.Virut.ce
AhnLab-V3Win32/Virut.E
Acronissuspicious
VBA32Virus.Virut.06
TACHYONVirus/W32.Virut.Gen
Ad-AwareWin32.Virtob.Gen.12
PandaW32/Sality.AO
ESET-NOD32Win32/Virut.NBP
TrendMicro-HouseCallPE_VIRUX.E-1
TencentVirus.Win32.Virut.tu
YandexWin32.Virut.Y.Gen
SentinelOneDFI – Suspicious PE
FortinetW32/Virut.CE
BitDefenderThetaAI:FileInfector.C9457D4313
AVGWin32:Vitro
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureVirus.Virut.CE

How to remove Virus:Win32/Virut.EPO?

Virus:Win32/Virut.EPO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment