Last Updated on Wednesday, 08 August 2012 18:14 Monday, 28 November 2011 08:51
Files found - view
C:\Program Files\Windows Live\msnmsgr.exe
C:\Program Files\Windows Live\logg.dat
C:\System Volume Information\.
C:\System Volume Information\..
C:\Program Files\Windows Live
A virus win32 Virut is found to create this file cPanelAttacker.exe in the temporary folder and then creates malicious clone of mnsmgr.exe and fake System Volume Information folders.
It can block security programs by modifying firewall settings and by disabling security services, such as Windows Update, Norton Autoprotect, Kaspersky Anti-Virus, etc.It modifies some system executable files
There may be more files created by this virus program. You can find them out. First locate and note down the "date of creation" of cPanelAttacker.exe, and after that, search the hard disk for other files created on that date or onward. See image
Necessary steps required to remove this virus program
- To remove processes created by the virus program from the Task Manager
- To search and delete files created by the virus program from the hard disk. Enable to view "hidden files and folders" before you search. Otherwise files created by the virus program inside the hidden folders will not be found
- To remove obsolete registry keys using CCleaner
Detailed instructions and free Tools
Preventive steps to avoid virus programs
Reprinted with permission from Threatexpert.com
Vocabulary of the technical terms used in this article