Warning: This virus is like no "normal" virus!
It infects all the executables it can find on the C: drive of your computer, and when I said infect I mean that it copies itself to inside each .exe it finds, so no "normal" methods of "Safe boot" or "remove autorun.ini" will work beacuse it's everywhere.
How to Fix:
* Download a copy of Norton (any version I guess, but make sure it is a full version, not a demo, don't bother buying it, you probably will uninstall it later so...);
* Update it using one of the setups in this
webpage
* Left your computer FULLY scanning overnight;
* When you wake up, all that is left to do is scan every external drives you own (this included CDs/DVDs, because the virus might still be there);
* Uninstall Norton (worst AV ever IMO, but does it's job);
My story:
I found that I was infect by this about a year ago when I was "playing around" with Process Explorer (I tend to do this somtimes, beacuse I don't use any antivirus software), when I sudently found a quite funny Handle name CUCU (or KUKU don't remember, also it's not the only handle the virus creates). Well, that turned out not that funny when I found that ALL running processes created the same handle. Still using process explorer I tracked down the virus to a specific filename: vcmgdr32.dll (if I remmember) that sit on system32 folder. Deleting it was no good because all the running processes where infected and recreated the file everytime I deleted it.
So I decided to reinstall windows, copied "my stuff" to a temp folder on C, seleced "keep files" instead of "quick format" and a new Windows Instalation was born. The bad thing was that when I instaled the first program (Daemon Tools
) the virus dll file appeared again on the windows folder, because the daemon setup was previously infected by it. My attemps to clean the virus have failed, for the first time I was unnable to remove a virus "by hand" I really thought I would loose all my data beacuse of the infection.
Until I remmembered that when I bought my computer (far way back) it came with Norton, wich had a "Fix" feature (it first tries to Fix if it fails either it Quarentines the file or Deletes it). So, with my infected computer, I downloaded a Norton version, uploaded to the latest version (using not the auto-update but a complete update package that Symantec updates weekly on its site) and left my computer over night "healing" itself. In the morning after I scanned every external drive, I uninstalled Norton, and up until today I was abble to not need an antivirus again
.