Last week, this malware took out the Houston City court system, Springfield, MO., a university in Idaho, two county school systems in South Carolina, and an unknown number of less visible networks or home systems. I, personally, saw four infected home computers of which two could be rescued and one needed to have the power cycled after deleting all partitions to eradicate it.
Part of its insidiousness is the fact that most of its infections were detected as very old threats which were then ignored by the antivirus and security vendors as "old news".
It should also be noted that there are still thousands of webpages infected with code which launches an iFrame version of the attack. A slight change in the code it downloads and we'll be back at it, again.

I am living in Maryland ( takoma Park) last week we had a pc for cleaning virus, it was infected with virut .cf , I just could save the files, Format and reload the system, then my own pc was infected as well, but after clean the nasty virus from my unit, most of my exe was also deleted! NOW I got another pc for repair today February 24,09 also infected with Virut .cf, please let me know if there is any fix to this virus! Symantec wants to charge me $99 and I am sure they can not fix the problem!

PAY the money naz...I'm telling you, this one is NASTY. I had to have my laptop reformatted last Wednesday due to a Virut.cf infection. They were able to save only a fraction of my files. Insidious thing!

Hi Naz and all I've spent over 3 weeks working this one out. The best cure I've found is to do a fresh install on a clean drive then install AVG 8.5 free (Update) and the trial version of Symantec Endpoint (Update). Shutdown system then attach infected drive. Scan only with AVG; this is because I've found this recognises the Virut.CF infections the best and then makes the active protection of Symantec Endpoint detect the infection. Strangely enough Symantec Endpoint doesn't see all the infected files when scaning you system. I did it this way because Endpoint can clean the infected files once AVG has targeted them, while AVG can not. Dr Web CureIt seems to work well also and has helped me cure some files identified by AVG. In short my advise AVG 8.5 scan the drive and let Endpoint clean them with auto protect. Worked for me I'm typing one my cleaned drive right now!! This drive had 90% of system files infected including taskmanager, explorer logon shutdown etc.., would not Log On and 3,400++ infected files!!!!!!!!!!

Hey stevePlus,
Thanks for the info... been working on this myself and I'll give this a shot! I appreciate it...

Hi Chad, make sure to turn off system restore if it's XP, once you cleaned it as above. Then you need to check if Virut got into the restore points. I suggest scanning with either Malwarebytes or Dr Web CureIt which will force AVG 8.5 to recognise the Infected files. I used Dr Web because you can select the System Volume Information where the restore points hide (system folder) usually on the C drive; right down to the RP (Restore Point) level. My RP13 was choked with Virut. Just turning off system restore did not delete my restore file as some suggest. Then just let the AVG 8.5 Auto protect log them. Next select all the logged infections and then right click and click "Move to Vault". Next go to the vault select all these files from restore and delete. It's a pain but I couldn't find any way to delete them otherwise. Good Luck.

hello my laptop was infected with the junkpoly virut is there any possible way I can save my files by using an external hard drive of some sort then transferring it back to the newly reformatted PC? the virut really is a nasty one and I am looking for a cure which may save the files which are super important for me...

I just lost my computer to this virus. I don't go to any 'bad sites' I frequent news sites and medical sites. I had just switched to Avast from Norton when Vundo attacked. Shortly thereafter the Junkpoly/Virut viruses were attacking my computer. As a result Avast destroyed my OS. We tried everything possible to clean it but to no avail. We've reformatted. This is a bad, bad virus.

Hi Ven the best way I've found is to use more than one tool. I would copy your important files to an extenal HDD and then using a clean system with the following tools installed AVG free 8.5, Symantec Endpoint (trial), Dr web and the AVG remove Virut tool. Install all of these as required on the clean system and then update them. Then follow what I've writen previously. Scan with AVG then allow Endpoint to clean the virus. The reason I recommend this number of tools is that each tool seems to use different methods of detection so to be sure using AVG, Endpoint and Dr Web catches as far as I can tell, to date all versions of the virus. The best way to clean this virus is with Symantec endpoint however I found it seems not to detect it with a scan but only if AVG picks it up. The AVG rmvirut tool is my acid test to check if it's present in memory this will not run if any trace of it is in memory. If it runs under windows virut is not in memory. however it doesn't clean all instances. Dr Web is very good at cleaning as well. You could just try this alone but I would not be confident that the files were really clean. You may try http://virusscan.jotti.org/en to check I found it very interesting.

Don't bother, just get a new HD because it will after infecting every .exe kill your HD..its more like a suicide bomber which attacks your system and dies with it. i have tried and failed.All the AV's will fail because it makes sure they get infected before they even get a chance to start and it kills other cleaners like Combofix as well..it has no cure so if your computer gets infected..kiss it good-bye