Win32/RungBu Remover

	Virus Information
	No comment at this time.
	File
	C:\Recycled\spoolsv.exe C:\Recycled\svchost.exe C:\Recycled\ctfmon.exe C:\Recycled\smss.exe <Temp>\Flu Burung.txt <Program Files>\Microsoft Office\Office\docicon.exe <Dossier en cours>\<original file name >.doc <Dossier en cours>\<original file name >.scr
	Registry
	HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon Shell Explorer.exe "C:\recycled\SVCHOST.exe" The real value is Explorer.exe "C:\Windows\explorer.exe" HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Userinit C:\Recycled\SVCHOST.exe Should be C:\Windows\userinit.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced HideFileExt 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\HideFileExt UncheckedValue 1 The registry entry following are created in order that all hiden files will never been shown HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced ShowSuperHidden 0 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SuperHidden UncheckedValue 0 HKCR\scrfile (default) Microsoft Word Document HKCR\Word.Document.8\DefaultIcon (default) <Program Files>\Microsoft Office\Office\docicon.exe
	WARNING
	This virus runs automatically each time you open or explore a partition, it is preferable to download the patch and unpack it on the desktop, reboot your machine in Safe Mode and run the patch, always in safe mode. Instruction on how to restart your computer in safe mode.

	Link

Latest fixs:

Brastk (Win32/Wantvi.I, Brastk.exe)
Braviax (Win32/Wantvi.I, Braviax.exe)
XP AntiSpyware 2009 (XP_AntiSpyware.exeL, Downloader.Win32.Agent.bs,New Malware.aj)
FlashGuard.exe (DriveGuard.exe,Win32.Worm.Autoit.AL, AUTORUN.TZ)
cradle of filth (cradle_of_filth.vbe, Notre Gates qui est à Seattle)