Thank you DonNils for giving a hint about the size idea
I got rid of all the unnecessary steps in cleaning Vitro.
Power Unplugging, formatting, partitioning, removing of storage, Internet unplugging etc are all UNNECESSARY. In fact, I reinstalled Windows without deleting my important data in my drive. Some of that data may still be infected but that doesn't matter here's what i did:
1. I fresh installed Windows the same the way I normally installed them when there is no virus. Just delete all hidden files. That also includes [recycler], [system volume information], [Autorun.inf] and [*.ini]
If you feel uneasy thinking that infected files still resides in the disk, just batch delete all EXE and HTM/HTML files. I use "Ultimate Boot CD" so it's just a matter of pressing the search button and delete the results.
2. After installation, I booted Windows. Don't worry the
virus won't trigger unless you execute the infected file. You can view them, transfer, display properties,
but don't run them! The same applies to HTML files.
Good news is that you can still safely run most of the executable installers left in the drive.
Vitro only infects executables lesser than 100KB such as System files. Almost all setup files are above that so we are lucky.
Note to all who are fund of serial keygens and patches. Most of these files are below 100KB so be careful.
Again you can safely delete these small files by simply pressing the search button then specify the size to search then delete the results.
3.
VERY IMPORTANT: I think this the part where everybody falters. That's why many falsely think that Vitro continues to survive after formatting or partitioning but i think it's not the case. It's due to the fact that
NOT ALL INFECTED FILES ARE DETECTED by AVAST! In most cases many backed-up their installer exe files that survived from avast deletion. After fresh Windows Install, they even re-scanned them with AVAST a million times therefore strengthening their confidence that they're clean. So they double-click it! The file runs fine- no warnings-what a relief! Opps the installed program requires a password- No problem there's a keygen in the same directory and it's clean too! So they double-click that 96KB keygen and BANG! feel the punishment for downloading pirated softwares!
Note that I'm very cautious with my trial and error experiment. I scanned the memory for each and every file size that I run and reinstalled the OS in each virus hit! Ouch! So far the smallest file size that i safely run above 100KB is 111KB. and the largest infected file below 100KB is 96KB. So the 100KB i mentioned is just an assumption due to the small margin of possible discrepancy. But feel free to correct me if you discover something else. I hope that helps. thank you.