Services.exe what?

Avast Free Antivirus / Premium Security
1

During memory test when starting up Avast!

File name: c:\windows\system32\config\services.exe
Malware name: Win32:Regrun-M[trj]
Malware type: Trojan horse
VPS version: 080531-1, 2008-05-31

Is this another false alarm or is it the real deal perhaps?

2

Doesn’t sound like a false ararm to me - there certainly shouldn’t be any .exe files in system32\config folder.

3

Damn, if it’s a virus there’s two major questions…
How did I get infected and is it possible to remove the virus?

I have things I want to keep and I can’t afford to back it up.

I have no idea how I got infected either, perhaps is Zone alarm (free) not good enough? :confused:
I haven’t visited any bad sites or anything… I have no idea if it’s possible, but perhaps there is some way to infect computers via uTorrent / PeerGuardian2? o,O

Damn, this is so troublesome… Avast! told me to reboot and let their scanner do some work but it’s going to take like… At least 24 hours. It has been scanning for 20 minutes and it’s still 1% done.

4

ZA will detect Internet connections… but you could have allowed some program to connect and download the virus (for instance, your browser).

PeerGuardian is a security program. But you can have downloaded an infected file from uTorrent.

5

This from your HJT log in your other topic (http://forum.avast.com/index.php?topic=36013.0) on this same issue would appear to be what is putting it into memory ???

F2 - REG:system.ini: Shell=Explorer.exe “C:\WINDOWS\system32\config\services.exe”

6

Hm, is it possible for other people to like, sneak in viruses while using torrents then? Because I’ve downloaded these torrents earlier so they shouldn’t be infected.