Again,
We try to offer hope for victims of the latest vitro-virut file infector. The webmaster can cleanse his website easily from the malware frame, for infected users we have to offer no hope - fdisk - format and re-install is the only solution open to them.
We haven't a clue what the purpose of this "buggy" corrupting file infector is, and why it leaves a computer beyond repair. You cannot use it as a zombie in a botnet, you cannot use it for launching spyware. On the other hand the malware is so advanced in nature that it cannot have been developed but by very apt malcreants, it is pure genius in development and a nightmare for the av-vendor and the malware fighter - for the moment they have to throw in the towel - the malware won, we have bitten the dust...
But why it is pure negative, then? It has a random encrypted file infecting routine making it very hard to recover from it, how that is accomplished read here:
http://www.sophos.com/security/blog/2008/05/1436.htmlSo the best protection is prevention (update, patch, use in-browser security, surf with normal user rights). I wonder where the weak side of this malware could be to tackle it, we haven't found that yet. For the moment I reckon for those infected that your luck was in,
this is the latest removal info:
http://www.hm2k.com/posts/win32-virtob-virut-removalAbout throwing in the towel:
http://miekiemoes.blogspot.com/2009/02/virut-and-other-file-infectors-throwing.html#IDComment15344616polonus