Hello All. I have contracted the above virus. I have ESET NOD32 Antivirus (4.0) and it will not get rid of it. It cannot clean it and from what I have read I will have to do a clean install, is this correct? Can I save my emails and pictures safely and reinstall them? Any assistance is greatly appreciated. Budnick
Is it detected as a variant of Virut or as a concrete variant? Do you have advanced heuristics enabled when cleaning the files with the on-demand scanner?
Hi Marcos I may be a little thick here but I do not understand the question correctly? It says I have Virut.NBM, not sure if that is the variant? Budnick
Join the club ! I seem to have contracted this deleted expletive too ! See here for other experiences with this one : http://www.precisesecurity.com/blogs/2009/02/11/viruswin32virutce/ I'm running Vista Home,SP1 with latest updates, Zonealarm Internet Security Suite (latest), Malwarebytes (latest), Spybot S&D (latest), with programme setting for all set to deep scan, on-access scanning etc, and yet somehow I contracted Virut !! It infected Winlogon in \System32 and other a couple of other files, seemingly at random. eg eMule on a different partition which wasn't even linked to from C: or running, so presumably Virut is scanning for "likely" programmes to hijack. Zonealarm detected 3 instances of Virut by itself, and has apparently cleaned them out, although with Virut's reputation, that remains to be seen ! Malwarebytes found nothing, nor did Spybot, probably not surprising as they're spyware/malware proggies... After that, I also ran the stand-alone Kaspersky Virus scan and that also said "clean". I'll scan again tonight in safe mode and also try the AVG removal tool to see what the results are... Fortunately, I do full hot backups every fortnight so if I have to reformat, no great hardship at all..it helps to plan ahead eh ! (saves reinstalling 150 software packages, and around 1 solid weeks work) As for REALLY getting rid of Virut, I'm thinking a BartPE/KAV boot cd/dvd to take the OS right out of the loop when you do a scan, although Virut seems to be polymorphic so even this may not detect or fix it. Anyway, any input from people with experience with this is welcome too ! Especially info as to HOW one gets infected in the first place would be useful.