Win32 Vitro

  mimosa418 11:42 06 Mar 2009

Windows XP Professional
Avast 4
Zone Alarm

My computer became infected with the Vitro virus and Avast promptly deleted all infected files which resulted in a reformatting of the partitions and installation of a fresh copy of windows. I have been unable to locate the source of this virus.
The problem is that as soon as I connect to the internet Avast immediately locates a file in the temp folder called VTRx.tmp (where x is a number between1 and 9) and soon thereafter the operating system shows signs of reinjection with the virus. Judging from the name of this file I assume that it is associated with the virus.
I connect to the internet using a Three Dongle and initially blamed this for the source of the problem. It has been scanned and is clear and does not create any problems when used with my Vista laptop.
Has anyone experienced similar problems with this virus and found a way of permanently disposing of it.

  gary2112 12:24 06 Mar 2009

hi there does windows have its defolt firewall on .if not swich it on ,as this will stop the atack
next check to see what service pack you have on your pc ,all so it could be the home page its self that as the virus if your not useing google or msn as your home page.

  mimosa418 12:43 06 Mar 2009

Tanks for your comments gary2112.
Windows firewall is off and Zone Alarm acttive.
I have found two programmes with permission in Zone Alarm 'LSA Shell (Export Version)' and 'Windows NT logon Application'which are suspicious and if blocked seems to prevent the downoading of these VRT.tmp files.
The problem remains. How do these get inro a clean machine which has only Widows, ZA and Avast installed.

  birdface 13:26 06 Mar 2009

Looks like a cracker.lots of folk with the same problem.Even a reformat does not help some times.

click here

  mimosa418 11:27 07 Mar 2009

Many thans for your link. I had looked at some others but yours was the most helpful.
Finally everything up and running.
I copied all my data partitions to another PC and gave then a thorough scan with Avast4. Then I formatted all the partitions, once from DOS and also from Paragon Disc manager.(possible overkill)
This time (the fifth try) windows installed without any nasties and all that remains is to install software and data. It would appear that the 'Windoows Logon application' and LSA Shell are trojans which open the firewall to Vitro.

  Virusseeker 23:42 12 Apr 2009

hi there all members of the pc advisor and the world community,
my friend have just reseved the vitro virus, via reading the forums around the world and finding vital infomation about the virus the only way to remove the virus is to NUKE!! and i mean NUKE!! all HDD and make new partions that includes EXternal HDD, you have to lost all info that you have not only the .exe files as it infects all files ( as it like to feed on all infomation that you have). please be warned it is a pain in the $$$ if you dont NUKE all as it will return ( not a joke), and you dont have a word in this matter as 3 system restarts and a external HDD is no fun losing 300GB of infomation

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

InVision Studio takes on Adobe XD and Sketch

iPhone X news: Release date, price, new features & specs

Comment transformer un iPhone en borne Wi-Fi ?