Virut removal tool

[polonus]

Hi pondus,

Right question. I have to precise this, off course upon detection you will have to go into SafeMode to make the file infector not rush through all the executables etc. One reboot to do this yes, but then the best routine is to make it one gigantic cleansing session. No intermittent reboots -that is what I meant,

polonus

[essexboy]

For Virut there is only one solution - reformat and reinstall - any time I find it this is what I post

Well, I'm afraid I have bad news for you.

You have been infected with a polymorphic file infector named Virut. This infection will spread to every executable file in your computer, and unfortunately the only cure for it is to Reformat and Reinstall.

Right now, the best thing you can do is to backup, preferably to CD, all your important data, documents, pictures, movies, and songs.

DO NOT backup any applications or installers and DO NOT backup any files with the following extensions:

• .exe
• .scr
• .htm
• .html
• .xml
• .zip
• .rar
• .doc
• .jpg
• .pdf

For more information on Virut, and why you need to reformat, have a read of miekiemoes blog here.

To find out how to carry out an XP  Reformat and Reinstall, please see this page. If you are using Vista, then check this page instead.

Once you have reformatted and reinstalled Windows, have a look at this page for some useful tips on staying clean, along with links to some freeware to help.

To find out more information about how you may have got infected in the first place, you can read this article.

I am sorry I cannot give any better news.

[micky77]

Thats excellent advice Essexboy ( as always ), given the number of people posting about virut/vitro, they should make it a sticky

[YoKenny]

Actually I have read that the FDISK utility is necessary to remove the infected partition then add it back but I can't remember where I read this.

[essexboy]

No a straight forward reformat will cure it - but don't re-introduce it with a dodgy flash drive

[polonus]

Hi pondus,

Off course essexboy is completely and utterly right here, as we have heard from other sources like Miekemoes, with this virus we have to throw in the towel, the file infector if not stopped from infection by protection measures like layered defense and full updates/patches, resident scanning, and script blocking,  HAS WON period. So only solution a total recall, that means fdisk, re-format and re-install and be aware to not getting reinfected from infected files (peripherals, network etc.) so you do not have to repeat these procedures,

polonus

[Pondus]

Polonus i think your reply should start with "Hi essexboy" an not Hi pondus. misprint, I think 

[polonus]

Hi pondus,

If I say it to you or essexboy does not change a thing. These are the facts, down the line virut is beyond cleansing, it is the thorough defeat of Windows file protection, infects the very executables brought out against it, but the specific reason is that it is so buggy and that buggyness became its prime excellence to ruin. It tries to infect each and every file, it infects some randomly to a various extent and does not infect randomly to a various extent so the cleansing cannot be performed and this goes on and on. The only thing this file infector has done lately is create large extensive threads in forums and little in the form of a breakthrough in disinfecting.
Only precaution and prophylaxis may help, if you get infected the end result is "game over",

polonus