Win32/vitru caught by avg but still popups?

May 23, 2011 at 21:34:41
Specs: Windows Vista, 3.2ghz 2mb ddr2
I opened an adobe document with an old adobe version and now AVG keeps giving me a popup warning every minute or so that a virus was found called Win32/Vitru

It says in the lower part of the window that Proces name is C:\Windows\system32\svchost.exe and Proces-ID is 1332

"";"Virus found Win32/Vitru";"Virus blocked"

How do i repair this?? I know when it spreads to other .exe files it's more or less just a forfeit but my programs are still working i just need to get rid of the popup/infected file
I use vista

See More: Win32/vitru caught by avg but still popups?

May 23, 2011 at 21:36:26
I ran the AVG virus remover for win32/virut which didn't find anything

Report •

May 23, 2011 at 22:39:05

Win32/vitro is a member of the Virut family of viruses. It uses polymorphism to hide from anti-virus protection, and infects executable files. File infection makes it very hard to repair a system. W32/Vitro injects code in running processes and hooks functions to transfer control to the virus.

To my knowledge, DrWeb LiveCD has dealt with Virut, but, there are no guarantees. It is up to you whether you want to engage in an attempt to remove this virus.

If you decide you want to give it a shot...

Here is some ’How to’ info:

DrWeb Live CD Instructions: (Emergency Rescue CD)

Step 1: Download the ISO and burn to a CD:
Dr.Web LiveCD ISO image needs to download to a computer that is not infected:
Select: drweb-livecd-600.iso

Save to the Desktop

Make sure the CD burner program used burns ISO images to a CD!
Proceed with burning the ISO image.

InfraRecorder works well for this task:

Install the InfraRecorder program
Insert a blank disk in your CD burner, and open the program
Click: Actions on the top bar
Then click: Burn Image
Locate the DR Web drweb-livecd-600.iso, double click it, and follow the onscreen prompts.

Step 2: Prepare to boot from LiveCD:
Make sure the infected computer can boot from the CD
When the computer starts, pay close attention to the initial screen for the key used to access the BIOS (Setup).
Some of the keys used to grant access to the BIOS set up menu are: F1, F2, F10 or DEL

If, for example, the key is F2, press the key until the BIOS screen shows up.
Go to the Boot tab, and make the appropriate changes to boot from CD
Save the changes!!
Before exiting the BIOS, insert the LiveCD in the appropriate drive.
Exit the BIOS, and the computer starts.

Step 3: DrWeb LiveCD loads...
To launch the Graphic User Interface version of Dr.Web LiveCD, select Dr.
Web-LiveCD (Default).

When you boot Dr.Web LiveCD in default (GUI) mode, Dr.Web Control Center for Linux will be started automatically.

At the Dr.Web Control Center for Linux, select: Scanner

At the main window of the scanner, place a check on the drive(s) to scan.

After selecting the drive(s), press: Start

The process may take a while…

Step 4: Scan Results
Scan results are shown as a table in the bottom of the Scanner main window. There you can find information on infected and suspicious objects found during the scan: their location, their reasons to be included into the current selection and actions performed by the program over these objects.

Below the report field is a row of buttons where you can select the desired action for every object in the list: Cure or Delete. (Delete is NOT recommended!)
The Cure action is not available for archives, containers, and mail files.

To learn more about using Dr.Web LiveCD, consult the program HELP feature.

DrWebLiveCD Manual (English):

Other info:

Report •
Related Solutions

Ask Question