How to remove W32:Vitro (Virut) virus .
Posted by Samuel Turi on 14 February 2012 10:57 AM
How to remove W32:Vitro (Virut) virus
The Virut family of viruses uses polymorphism to hide from all anti-virus protection, it infects executable files. File infection makes it very hard to repair a system that has been infected. W32/Vitro injects code in running processes and hooks the following functions in ntdll.dll which transfers control to the virus every time any of these function calls are made.
We would strongly recommend rebuilding the system from backups.
Windows can be rebuilt as described in the following link or failing this a format of the system will be required.