Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

w32.Virut

Created: 02 Feb 2010 • Updated: 01 Nov 2010 | 3 comments
Cicero Oliveira's picture
I am with w32.Virut in my infra structure, I have approximately 8,000 you scheme. I do not obtain to act in disembarasses mode in the servers due the activity of exactly, As I must proceed for the cleanness.

Comments 3 CommentsJump to latest comment

Vikram Kumar-SAV to SEP's picture

 There is a virut removal tool ( it is very old still ) you can try that
http://www.symantec.com/security_response/writeup.jsp?docid=2009-022016-4444-99

Since it is also a file infector so that makes it more dreadful one.

1. Disable AutoRun ( Autoplay )
2.Delete Internet Cache ( history,file and folders etc ), Delete contents of %temp% and C:\WIndows\Temp
3. Download RapidRelease definitions and run a full scan preferably in Safe Mode and disconnected from network.

Vikram Kumar

Symantec Consultant

The most helpful part of entire Symantec connect is the Search button..do use it.

Grant_Hall's picture

Here is some information about that virus http://www.symantec.com/security_response/writeup.jsp?docid=2009-020411-2802-99

Please check out the 5 Steps of Virus Troubleshooting guide:
http://service1.symantec.com/support/ent-security.nsf/854fa02b4f5013678825731a007d06af/59ced4261979d3e78825725f007bfde5?OpenDocument

Virkrams answer above is exactly where I would start, although I would add that you should disable system restore before you do the full scan in safe mode. 

Hope this helps,
Grant
 

Please don't forget to mark your thread solved with whatever answer helped you : )