Svchost.exe & TASKMGR.EXE
http://www.virustotal.com/analisis/d...79e8cb071a1978
Antivirus Version Last Update Result
AntiVir 7.9.0.160 2009.05.02 W32/Virut.Gen
Authentium 5.1.2.4 2009.05.02 W32/Virut.AI!Generic
Avast 4.8.1335.0 2009.05.02 Win32:Vitro
AVG 8.5.0.327 2009.05.02 Win32/Virut
BitDefender 7.2 2009.05.02 Win32.Virtob.Gen.12
CAT-QuickHeal 10.00 2009.05.02 W32.Virut.G
DrWeb 4.44.0.09170 2009.05.02 Win32.Virut.56
eTrust-Vet 31.6.6487 2009.05.02 Win32/Virut.17408
F-Prot 4.4.4.56 2009.05.02 W32/Virut.AI!Generic
F-Secure 8.0.14470.0 2009.05.02 Virus.Win32.Virut.ce
Fortinet 3.117.0.0 2009.05.02 W32/Virut.CE
GData 19 2009.05.02 Win32.Virtob.Gen.12
Kaspersky 7.0.0.125 2009.05.02 Virus.Win32.Virut.ce
McAfee 5603 2009.05.02 W32/Virut.n.gen
McAfee+Artemis 5603 2009.05.02 W32/Virut.n.gen
McAfee-GW-Edition 6.7.6 2009.05.02 Win32.Virut.Gen
Microsoft 1.4602 2009.05.02 Virus:Win32/Virut.BM
NOD32 4049 2009.05.01 Win32/Virut.NBP
Rising 21.27.41.00 2009.05.01 Win32.Virut.bm
Sophos 4.41.0 2009.05.02 W32/Scribble-B
Sunbelt 3.2.1858.2 2009.05.02 Virus.Win32.Virut.ce (v)
Symantec 1.4.4.12 2009.05.02 W32.Virut.CF
TheHacker 6.3.4.1.317 2009.05.02 W32/Virut.gen2
TrendMicro 8.950.0.1092 2009.05.01 PE_VIRUX.F-1
ViRobot 2009.5.1.1717 2009.05.01 Win32.Virut.AL
VirusBuster 4.6.5.0 2009.05.02 Win32.Virut.Y.Gen
This machine needs to be formatted.
This system is infected with a polymorphic file infector called Virut. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a format and clean install, or destructive recovery if you have an OEM recovery partition, is the best way to clean the infection and it is the best and safest way to return the machine to its normal working state.
Backup all your documents and important items (personal data, work documents, etc) only. DO NOT backup any executable files (softwares) and screensavers (*.scr). It attempts to infect any accessed .exe or .scr files by appending itself to the executable.
Also, avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.
Recent variants also modify htm, html, asp and php files.
Do not back up to another machine, as it may become compromised. Burn to DVD/CD, or to an external drive which has nothing else on it, and which you can format should it happen to become infected from the backups.
See miekiemoes' blog for similar comments here:
http://miekiemoes.blogspot.com/2009/...-throwing.html