Very Careful..... There is more.....
The NTDVM CPU has encountered an illegal instruction for regedit in the run line is also a byproduct of this virus. BUT NORTON COULDN"T FIX IT!!! If you have system32 hidden from view even after you obviously enabled it to be viewed, the files inside need to do so as well.
Go to Run and type in Cmd.exe
(Cmd.exe because a bad cmd.com is in your system32 folder) Then type in:
attirb -a -h -r -s c:\windows\system32\*.*
That will make all the files visible. Why should ANY file be hidden, unless it wants to remain that way. Hmm..... Here is a list of the evil inside I got from Norton.... even though they couldn't find them, until I went and made all visible.
EVIL FILES:
ping.com, netstat.com, regedit.com, tasklist.com, taskkill.com, tracert.com, cmd.com, and ansmtp.dll
Trust me, viruses are getting smarter, so sometimes you have to be smarter than norton. Then again I have 2004 version, but it's updated. Maybe I should buy the new 2006 when it comes out. That is a consideration.
There are a few registry items that came up as well to fix from Norton's article:
http://www.symantec.com/avcenter/venc/data/w32.picrate.a@mm.html
Keep in mind that if regedit.com is still there, type in Regedit.exe.
So much evil in the world, just thought I might make a contribution in the fight against it, so I am posting for the first time.