Virut

D

Dixie

NSFW
Joined
Jan 23, 2009
Messages
19,387
Reaction score
5,011
Location
East London...
I've run into the beast and I'm at my wits end...formatting seems the only option :eek:

Has anyone beaten it? I'm not interested in Google results, I've tried them all.

If you have conquered this tartar, please let me know how you did it :o
 
Dixie

I completely understand your frustration. Ive come across all and this one is different.

Remove hdd and scan it from another pc using kaspersky and nod32. The kaspersky and bitdefender rescue cds can also work.

Then you nuke is with malware bytes anti malware. spybot search and destroy and any other utility. You will most likely also need to do a sfc /scannow to fix files that are damaged.
 
Thanks Peon!

Oom Ook (The Librarian) also gave me solid advice:

Set up a PC with updated antivirus and removal tools.

Create a limited account (as it's a limited rights user account, virut won't be able to infect the antivirus PC should it get loose).

Put the infected PC's HDD in an HDD enclosure and connect to antivirus PC.

Disable autorun.

Run a full scan.

You should be able to clean out most of the infections.

You might need to reinstall/fix windows if the infection damaged system files.
Click to expand...
 
<sigh>

Ok. A reformat is in order then...

Will backup all personal data and proceed then.

Thank you for your time and effort, Libs.
 
I'm not joking about polymorphs.

http://en.wikipedia.org/wiki/Polymorphic_code

A common and very virulent polymorphic virus is the file infecter Virut. This virus can often require a full reformat of a computer's hard disk drive to get rid of it.
Click to expand...

Seems you've got a nasty polymorph then... probably a new version.

Best strategy and course of action :

Back up only *.doc, *.xls (powerpoint, ms project and other data files).

Executables MUST be discarded as any can contain the polymorph.

To be safe - use Knoppix (or any other live Linux distro) to copy the data files over - but leave executables alone. :)
 
Last edited:
Depends which version you have - they can all be cleaned except one of the versions which corrupts .exe files.

Do a scan in safe mode - if it cleans it fine then you might be in luck.

Polymorphic viruses have been around for a while - difficult to detect, but not impossible. Any decent AV software should be able to pick it up in heuristics mode.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X