Type: Trojan
The infected system will be Very slow, and infected computer Shuts down after a couple of minutes when user logged in with a dialog box showing an Red X mark and countdown timer. This Trojan infects or copies its files to *.dll and *.exe windows\system32 folder and to C, D drives.
Some Known files names for Virus. Win32.Virut.ce are perrdlm.exe, klpllsm.exe and more
This trojan makes Startup Registry entries at
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
“cdmmslpo”=”C:\\WINDOWS\\system32\\klpllsm.exe”
“qaswww”=”C:\\WINDOWS\\system32\\perrdlm.exe”
“shccde”=”C:\\WINDOWS\\system32\\ipismd.exe”
If you delete these files and entries, it will restore again after a system restart, Since virus infected on other files. So it is very hard to remove this trojan manually. So here we can use this removal.
you can Download the following two files removal tools :
rmvirut.exe
rmvirut.nt
run the rmvirut.exe file.
Note:
You can also specify the disks (or partitions) to heal as a command parameters.
e.g.: “rmvirut C: D:”. If the command is used without parameters, it heals all disks (partitions) on computer.
For example you want to scan a folder in d drive, folder name is tools
d:\rmvirut.exe D:\tools
this command is executed from
Start – Run, In the run Command Menu box type Full path including rmvirut.exe with path of folder or drive to scan.
type Command, Press Ok to run ( In vista Confirm Allow to continue)
For Successful running of the remover requires administrator rights. For proper functionality of the remover it is necessary to save the rmvirut.nt into the same folder as rmvirut.exe.
No comments:
Post a Comment