View Full Version : Virtumonde, umtcdtw.sys
Leopold the Bold
2009-03-08, 05:06
So, my girlfriend's computer just got infected (coincidentally?) after mine just got cleaned. Before she shut down the computer she noticed a suspicious looking file called umtcdtw.sys (Google search says it is a virus) was running. Also, it seems she has Virtumonde (which is what my computer had).
I did not visit any suspicious sites on her computer (which is the shameful way I got my computer infected). She says she hasn't either. However, when my computer was infected, I used her computer to post on this forum and download files, and transferred logs back from my computer to hers in order to post them. Could a virus like Virtumonde link itself to .log/.txt files? Should I be concerned about the possibility of re-infecting my computer? Or is it probably a coincidence that hers followed mine?
I've read the Before You Post procedure, backed up the registry, and also disabled Teatimer (after I made the HJT log).
Here is the HJT log. There are a lot of symptoms, which I'll include at the end in case they may be helpful.
Thank you for any help you can provide!
HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:31:11 PM, on 3/7/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\3361\svchost.exe
C:\WINDOWS\system32\inf\rundll33.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\prunnet.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\DNA\btdna.exe
C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll
O2 - BHO: (no name) - {7a8b98b7-e2cc-4400-934d-6a7cfa934078} - C:\WINDOWS\system32\mevifezu.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: {6d0984cf-c913-6e59-fd84-b2480e6edfb9} - {9bfde6e0-842b-48df-95e6-319cfc4890d6} - C:\WINDOWS\system32\qmzjjc.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [84a8059d] rundll32.exe "C:\WINDOWS\system32\fotajipe.dll",b
O4 - HKLM\..\Run: [CPM879b3601] Rundll32.exe "c:\windows\system32\yadususa.dll",a
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: "C:\Program Files\DNA\btdna.exe"
O4 - HKLM\..\Policies\Explorer\Run: [xccinit] C:\WINDOWS\system32\inf\rundll33.exe C:\WINDOWS\xccdf16_090305a.dll xccd16
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\tawukewa.dll qmzjjc.dll c:\windows\system32\yadususa.dll
O20 - Winlogon Notify: mlJDwVOg - C:\WINDOWS\SYSTEM32\mlJDwVOg.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
--
End of file - 10317 bytes
[B]Computer symptoms:
1. Various odd pop-ups when internet was enabled, advertising scans for spyware and malware (she said no to all of them).
2. Internet Explorer experienced errors and failed to load after the odd behavior began this morning.
3. Multiple prompts from Spybot to allow/disallow registry changes (of course, we're not allowing any of them).
4. Multiple attempts to access internet pages while internet was disabled
5. We attempted to run Spybot in safemode, but any time we started safemode, it caused winlogon.exe to catapult into 99% CPU usage, making the computer too laggy to be functional.
6. Spybot automatically ran upon normal boot, and started searching but suddenly stopped, showed errors, and displayed the message
-"Exception EOutofMemory in modulo SpybotSD.exe at 0000SADS. Out of Memory"
7. We started Ad-Aware and these pop ups happened, but Ad-Aware still ran:
-"The exception Breakpoint. A breakpoint has been reached. (0x80000003) occured in the application at location 0x020d27e7"
-"The application failed to initialize properly (0xc0000076)."
Hello
Welcome to Safer Networking.
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
That said, All advice given by anyone volunteering here, is taken at your own risk.
While best efforts are made to assist in removing infections safely, unexpected stuff can happen.
C:\Program Files\DNA\btdna.exe <-- Read this please as this is most likely how you got infected.
We have noticed that many people seeking help from us are coming with infections contracted from the use of P2P programs.
Because of this, we changed our malware forum's policy on the use of P2P file sharing programs.
If your helper detects the presence of such programs on your computer he/she will ask you to remove them. Help will be withdrawn should you not agree to their removal.
If we clean your computer of infection, and you return to us a short time later with an infection contracted by the use of P2P programs, volunteer analysts will refuse their help.
We do not ask you to do this without reason.
P2P (File Sharing ) programs form a direct conduit onto your computer, their security measures are easily circumvented, and Malware writers are increasingly exploiting them to spread their wares onto your computer. Further to that, if your P2P program is not configured correctly you may be sharing more files than you realize. There have been cases where people's Passwords, Address Books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
Many of the programs come bundled with other unwanted programs, but even the ones free of any bundled software are not safe to use.
This article from InfoWorld illustrates the dangers of a poorly configured P2P program.
http://www.infoworld.com/article/07/09/06/...ID-theft_1.html (http://www.infoworld.com/article/07/09/06/Seattle-man-arrested-for-p-to-p-ID-theft_1.html)
When you use them you are downloading software from an unknown source directly onto your computer, bypassing your Firewall and Anti-Virus software. Hardly surprising then that many of these Downloads are being targeted to carry infections.
Uninstall DNA from your Add Remove Programs and then delete the folder and post a new HJT log please
Leopold the Bold
2009-03-09, 00:20
Sorry about the inconvenience. She actually hasn't used BitTorrent since way back in the day so I didn't think to tell her about removing it. Anyways, she has uninstalled it now. Here is the new HJT log.
HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:07:51 PM, on 3/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\inf\rundll33.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\mlJDwVOg.dll
O2 - BHO: (no name) - {7a8b98b7-e2cc-4400-934d-6a7cfa934078} - C:\WINDOWS\system32\mevifezu.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: {6d0984cf-c913-6e59-fd84-b2480e6edfb9} - {9bfde6e0-842b-48df-95e6-319cfc4890d6} - C:\WINDOWS\system32\qmzjjc.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fikidudara] Rundll32.exe "C:\WINDOWS\system32\namesute.dll",s
O4 - HKLM\..\Run: [84a8059d] rundll32.exe "C:\WINDOWS\system32\fotajipe.dll",b
O4 - HKLM\..\Run: [CPM879b3601] Rundll32.exe "c:\windows\system32\yadususa.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [xccinit] C:\WINDOWS\system32\inf\rundll33.exe C:\WINDOWS\xccdf16_090305a.dll xccd16
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.antimalwareguard.com
O15 - Trusted Zone: *.antimalwareguard.com (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\tawukewa.dll qmzjjc.dll c:\windows\system32\yadususa.dll
O20 - Winlogon Notify: mlJDwVOg - C:\WINDOWS\SYSTEM32\mlJDwVOg.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: sopidkc Service (sopidkc) - Unknown owner - C:\WINDOWS\system32\sopidkc.exe
--
End of file - 9995 bytes
Hello,
Yep, you have a bad case of Vundo
Internet Explorer is needed to run this program properly.
Download: DelDomains (http://mvps.org/winhelp2002/DelDomains.inf) and save it to the desktop.
Close all open windows and your browser
Right Click DelDomains.inf and select > Install
Reboot your computer
Download ComboFix from one of these locations:
Link 1 (http://download.bleepingcomputer.com/sUBs/ComboFix.exe)
Link 2 (http://www.forospyware.com/sUBs/ComboFix.exe)
Link 3 (http://subs.geekstogo.com/ComboFix.exe)
* IMPORTANT !!! Save ComboFix.exe to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
See this Link (http://www.bleepingcomputer.com/forums/topic114351.html) for programs that need to be disabled and instruction on how to disable them.
Remember to re-enable them when we're done.
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
http://i24.photobucket.com/albums/c30/ken545/RcAuto1.gif
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
http://i24.photobucket.com/albums/c30/ken545/whatnext.jpg
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a New Hijackthis log.
*If there is no internet connection when Combofix has completely finished then restart your computer to restore back the connections.
Leopold the Bold
2009-03-09, 03:48
Okay, I downloaded the .inf file, and then ran Combofix with the internet enabled in order to download the Recovery console. When it started the malware scan it displayed this notice, then rebooted and ran as normal.
"ComboFix has detected the presence of rootkit activity and needs to reboot the machine. Kindly note down on paper, the name of each file. We may need it later.
C:\WINDOWS\system32\drivers\senekavcvackaq.sys
C:\WINDOWS\system32\senekajjryoydk.dll
C:\WINDOWS\system32\senekatkvjovqf.dat
C:\WINDOWS\system32\senekaomhhehck.dll
C:\WINDOWS\system32\senekaejrflucu.dll
C:\WINDOWS\system32\senekaelvaknew.dat"
Here are the ComboFix and HJT logs.
Thank you!
ComboFix Log:
ComboFix 09-03-06.02 - Administrator 2009-03-08 20:09:59.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.748 [GMT -5:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\documents and settings\Administrator\Local Settings\Temporary Internet Files\fbk.sts
c:\windows\Install.txt
c:\windows\system32\200933422.dll
c:\windows\system32\3.tmp
c:\windows\system32\afisicx.exe
c:\windows\system32\comsa32.sys
c:\windows\system32\drivers\seneka.sys
c:\windows\system32\drivers\senekavcvackaq.sys
c:\windows\system32\epijatof.ini
c:\windows\system32\inf\rundll33.exe
c:\windows\system32\inf\xccdfb16_090305.dll
c:\windows\system32\inf\xccefb090305.scr
c:\windows\system32\mabidwe.exe
c:\windows\system32\mlJDwVOg.dll
c:\windows\system32\prunnet.exe
c:\windows\system32\qmzjjc.dll
c:\windows\system32\senekaejrflucu.dll
c:\windows\system32\senekaelvaknew.dat
c:\windows\system32\senekajjryoydk.dll
c:\windows\system32\senekaomhhehck.dll
c:\windows\system32\senekatkvjovqf.dat
c:\windows\system32\sopidkc.exe
c:\windows\system32\tawukewa.dll
c:\windows\system32\tpszxyd.sys
c:\windows\system32\w.exe
c:\windows\system32\xcchit32.ini
c:\windows\system32\zitekego.dll
c:\windows\Temp\tmp3.tmp
c:\windows\xccdf16_090305a.dll
c:\windows\xccdf32_090305a.dll
c:\windows\xccwinsys.ini
c:\windows\system32\userinit.exe . . . is infected!!
c:\windows\system32\spoolsv.exe . . . is infected!!
c:\windows\explorer.exe . . . is infected!!
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SENEKA
-------\Legacy_6TO4
-------\Legacy_AFISICX
-------\Legacy_DEFAULTLIB
-------\Legacy_MABIDWE
-------\Legacy_SOFTYINFORWOW1
-------\Legacy_SOPIDKC
-------\Service_6to4
-------\Service_afisicx
-------\Service_defaultlib
-------\Service_mabidwe
-------\Service_softyinforwow1
-------\Service_sopidkc
((((((((((((((((((((((((( Files Created from 2009-02-09 to 2009-03-09 )))))))))))))))))))))))))))))))
.
2009-03-08 19:38 . 2009-03-07 09:51 578,560 --a------ c:\windows\system32\wqcfic
2009-03-08 19:31 . 2009-03-08 19:31 40 --a------ c:\windows\system32\2.tmp
2009-03-07 21:46 . 2009-03-07 21:47 <DIR> d-------- c:\program files\ERUNT
2009-03-07 21:30 . 2009-03-07 21:30 <DIR> d-------- c:\program files\Trend Micro
2009-03-07 17:59 . 2009-03-07 17:59 0 --a------ c:\windows\mqcd.dbt
2009-03-07 09:51 . 2009-03-07 09:51 578,560 --a--c--- c:\windows\system32\dllcache\user32.dll
2009-03-07 09:51 . 2009-03-07 09:51 262,144 --a------ c:\windows\system32\nvtpm32.dll
2009-03-07 09:51 . 2009-03-08 19:43 77,312 --a------ c:\windows\system32\rkoq.pxf
2009-03-07 09:51 . 2009-03-08 19:43 32,768 --a------ c:\windows\system32\odjan.wa
2009-03-07 09:51 . 2009-03-08 19:43 32,768 --a------ c:\windows\system32\kei1w.an
2009-03-07 09:51 . 2009-03-08 19:43 28,672 --a------ c:\windows\system32\kdoqmn.sr
2009-03-07 09:51 . 2009-03-08 19:43 28,672 --a------ c:\windows\system32\doqkm.zt
2009-03-07 09:34 . 2009-03-07 09:34 <DIR> d-------- c:\windows\system32\3361
2009-03-07 09:34 . 2009-03-07 09:34 <DIR> d-------- c:\windows\$ntunistalls
2009-03-07 09:34 . 2009-03-07 09:34 108,336 --a------ c:\windows\system32\MSWINSCK.OCX
2009-03-07 09:33 . 2009-03-07 09:33 <DIR> d-------- c:\documents and settings\Administrator\Application Data\Messenger
2009-03-07 09:33 . 2009-03-07 09:33 77,824 --a------ c:\windows\system32\u8763948.dll
2009-03-07 09:32 . 2009-03-08 20:13 <DIR> d-------- c:\windows\system32\inf
2009-03-07 09:32 . 2009-03-07 09:33 <DIR> d-------- c:\documents and settings\Administrator\Application Data\nidle
2009-03-07 09:32 . 2009-03-07 09:32 155,108 --a------ c:\windows\system\xccef090305.exe
2009-03-07 09:32 . 2009-03-08 19:32 105,984 --a------ c:\windows\system32\azton.mt
2009-03-07 09:32 . 2009-03-07 09:32 105,984 --a------ c:\windows\system32\1DF.tmp
2009-03-07 09:32 . 2009-03-07 09:32 40 --a------ c:\windows\system32\1DE.tmp
2009-03-07 09:32 . 2009-03-07 09:32 0 --a------ c:\windows\system32\1E1.tmp
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-07 14:51 578,560 ----a-w c:\windows\system32\user32.DLL
2009-03-07 14:36 84,992 --sha-w c:\windows\system32\yadususa.dll
2009-03-07 14:36 79,872 --sha-w c:\windows\system32\fotajipe.dll
2009-02-24 03:49 --------- d-----w c:\documents and settings\Administrator\Application Data\AdobeUM
2009-02-16 02:05 --------- d-----w c:\documents and settings\Administrator\Application Data\Move Networks
2009-01-09 20:09 --------- d-----w c:\program files\Google
2008-12-20 23:15 826,368 ----a-w c:\windows\system32\wininet.dll
1601-01-01 00:12 47,616 --sha-w c:\windows\system32\mevifezu.dll
1601-01-01 00:12 47,616 --sha-w c:\windows\system32\namesute.dll
2008-12-04 05:10 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008120320081204\index.dat
.
file copied: c:\windows\system32\user32.dll -> c:\qoobox\Quarantine\C\WINDOWS\system32\user32.dll.vir ( 578560 bytes )
Infected c:\windows\system32\user32.dll hex repaired
------- Sigcheck -------
2008-04-13 19:12 1051136 fc00707cb525060c74b21cee83655b8d c:\windows\explorer.exe
2007-06-13 06:26 1050624 84bddd3839bf77040a97eb7718c5a0e8 c:\windows\$hf_mig$\KB938828\SP2QFE\explorer.exe
2007-06-13 05:23 1050624 7bfb89b35d3f32660d3a282d141ba6ca c:\windows\$NtServicePackUninstall$\explorer.exe
2004-08-04 02:56 1049600 8ff859058388c979a08c45a9e02f2991 c:\windows\$NtUninstallKB938828$\explorer.exe
2008-04-13 19:12 1051136 72762d2ff304898707a6888946c4c807 c:\windows\ServicePackFiles\i386\explorer.exe
2004-08-04 02:56 1049600 ed382aece9a3c1264bb73e0ede56e54a c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe
2004-08-04 02:56 32768 5b6c3f79ab35fb9fe40c2676167b3d8d c:\windows\$NtServicePackUninstall$\ctfmon.exe
2008-04-13 19:12 32768 434e806a298ecf66e1edf9ffd54af1f7 c:\windows\ServicePackFiles\i386\ctfmon.exe
2004-08-04 02:56 32768 82c1d054a7b43ae837e8494d459ee1fe c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ctfmon.exe
2008-04-13 19:12 32768 442b001e54d4b5f048b95f10d55bed26 c:\windows\system32\ctfmon.exe
2005-06-10 18:53 75264 c3618fa12f86af51c9089c382f00f6a9 c:\windows\$hf_mig$\KB896423\SP2GDR\spoolsv.exe
2005-06-10 19:17 75264 50dcce33f836b783cdb6c46eb60da3ee c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
2005-06-10 18:53 75264 a6bdddefde77ccc5c224db8ad6a8c008 c:\windows\$NtServicePackUninstall$\spoolsv.exe
2004-08-04 02:56 75264 cbafd48e7879771aa60e6dee962e9492 c:\windows\$NtUninstallKB896423$\spoolsv.exe
2003-03-31 07:00 68608 cd5a7a4c5ccbd64891302384f8761039 c:\windows\$NtUninstallKB896423_0$\spoolsv.exe
2008-04-13 19:12 75264 a2320dc87e04d48c4550600c8d2c9d8f c:\windows\ServicePackFiles\i386\spoolsv.exe
2004-08-04 02:56 75264 17b3f6c67520b5db17c7ebb657b8d67a c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spoolsv.exe
2008-04-13 19:12 75264 73d05d74490ad9e51735b7f162a41ad5 c:\windows\system32\spoolsv.exe
2004-08-04 02:56 41984 8234a89a058364f1057a0b77a8852d4b c:\windows\$NtServicePackUninstall$\userinit.exe
2008-04-13 19:12 43520 40bbd636c358d04845cca7f3cc971c07 c:\windows\ServicePackFiles\i386\userinit.exe
2004-08-04 02:56 41984 167301c3338f03296fe15b5b1c34b0c5 c:\windows\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\userinit.exe
2008-04-13 19:12 43520 f0e955b402d00938d7f2c9ea4f0650da c:\windows\system32\userinit.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5948A52A-BA3A-49A8-BCAF-D578502BDA9D}]
2009-02-19 19:55 292352 --a------ c:\documents and settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7a8b98b7-e2cc-4400-934d-6a7cfa934078}]
47616 --ahs---- c:\windows\system32\mevifezu.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 32768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TabletTip"="c:\program files\Common Files\microsoft shared\ink\tabtip.exe" [2008-04-13 289280]
"IgfxTray"="c:\windows\System32\igfxtray.exe" [2007-05-18 176128]
"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2007-05-18 139264]
"PRONoMgr.exe"="c:\program files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe" [2003-12-10 106496]
"Gateway Ink Monitor"="c:\program files\Gateway Utilities\GWInkMonitor.exe" [2003-06-24 303180]
"mmtask"="c:\program files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-09-03 73728]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2007-05-18 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-18 512000]
"TabletWizard"="c:\windows\help\SplshWrp.exe" [2008-04-13 33792]
"QUICKCARE"="c:\program files\Qwest\QuickCare\bin\sprtcmd.exe" [2006-11-07 212992]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-06-02 303104]
"LWBMOUSE"="c:\program files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE" [2002-05-24 374784]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 69632]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2008-04-17 185896]
"fikidudara"="c:\windows\system32\namesute.dll" [ 47616]
"84a8059d"="c:\windows\system32\fotajipe.dll" [2009-03-07 79872]
"CPM879b3601"="c:\windows\system32\yadususa.dll" [2009-03-07 84992]
"AGRSMMSG"="AGRSMMSG.exe" [2007-05-18 c:\windows\AGRSMMSG.exe]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"nidle"="c:\documents and settings\Administrator\Application Data\nidle\nidle.exe" [2009-03-07 77824]
c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 278528]
HP Image Zone Fast Start.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 73728]
Microsoft Office OneNote 2003 Quick Launch.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2003-08-06 51776]
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"= "c:\windows\system32\yadususa.dll" [2009-03-07 84992]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL"= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll [2009-03-07 84992]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2008-04-13 19:11 47104 c:\program files\Common Files\Microsoft Shared\Ink\loginkey.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring]
2003-12-16 16:49 110592 c:\windows\system32\LgNotify.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 03:41 11776 c:\windows\system32\tabbtnwl.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2008-04-13 19:12 32256 c:\windows\system32\tpgwlnot.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashDisp.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashserv.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\Antivirus-ashSimpl.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\avesvc.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdmcon.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdnagent.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdss.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\bdswitch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\DefWatch.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\xcommsvr.exe]
"Debugger"=c:\windows\system32\alg.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\windows\system32\tawukewa.dll
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\AIM\\aim.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\WINDOWS\\system32\\3361\\svchost.exe"=
"c:\\WINDOWS\\explorer.exe"=
R3 MSTabBtn;Tablet PC Buttons HID Driver;c:\windows\system32\drivers\MSTabBtn.sys [2007-05-18 9344]
R3 WacomPen;Wacom Serial Pen HID Driver;c:\windows\system32\drivers\wacompen.sys [2007-05-18 14208]
S3 pcistub;pcistub;c:\windows\system32\pcistub.sys [2007-05-18 2304]
.
- - - - ORPHANS REMOVED - - - -
BHO-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\mlJDwVOg.dll
BHO-{9bfde6e0-842b-48df-95e6-319cfc4890d6} - c:\windows\system32\qmzjjc.dll
HKLM-Explorer_Run-xccinit - c:\windows\system32\inf\rundll33.exe
ShellExecuteHooks-{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - c:\windows\system32\mlJDwVOg.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
.
**************************************************************************
catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-08 20:23:50
Windows 5.1.2600 Service Pack 3 NTFS
detected NTDLL code modification:
ZwOpenFile
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
c:\windows\system32\epijatof.ini
scan completed successfully
hidden files: 1
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
- - - - - - - > 'winlogon.exe'(668)
c:\windows\System32\LgNotify.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\S24EvMon.exe
c:\program files\Common Files\Microsoft Shared\Ink\keyboardsurrogate.exe
c:\program files\Lavasoft\Ad-Aware\aawservice.exe
c:\program files\Symantec\LiveUpdate\AluSchedulerSvc.exe
c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\windows\system32\RegSrvc.exe
c:\windows\system32\ZCfgSvc.exe
c:\windows\system32\wisptis.exe
c:\windows\system32\tabbtnu.exe
c:\windows\system32\1XConfig.exe
c:\program files\Common Files\Microsoft Shared\Ink\tcserver.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
.
**************************************************************************
.
Completion time: 2009-03-08 20:30:57 - machine was rebooted [Administrator]
ComboFix-quarantined-files.txt 2009-03-09 01:30:47
Pre-Run: 4,207,919,104 bytes free
Post-Run: 5,364,989,952 bytes free
266 --- E O F --- 2009-02-25 01:50:49
HJT Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:38:36 PM, on 3/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\1XConfig.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MessengerUpdate - {5948A52A-BA3A-49A8-BCAF-D578502BDA9D} - C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll
O2 - BHO: (no name) - {7a8b98b7-e2cc-4400-934d-6a7cfa934078} - C:\WINDOWS\system32\mevifezu.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fikidudara] Rundll32.exe "C:\WINDOWS\system32\namesute.dll",s
O4 - HKLM\..\Run: [84a8059d] rundll32.exe "C:\WINDOWS\system32\fotajipe.dll",b
O4 - HKLM\..\Run: [CPM879b3601] Rundll32.exe "c:\windows\system32\yadususa.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\tawukewa.dll c:\windows\system32\yadususa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
--
End of file - 8914 bytes
Hello,
We may be dealing with a File Infector, not sure yet.
Open HijackThis > Do a System Scan Only, close your browser and all open windows including this one, the only program or window you should have open is HijackThis, check the following entries and click on Fix Checked.
O2 - BHO: (no name) - {7a8b98b7-e2cc-4400-934d-6a7cfa934078} - C:\WINDOWS\system32\mevifezu.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [fikidudara] Rundll32.exe "C:\WINDOWS\system32\namesute.dll",s
O4 - HKLM\..\Run: [84a8059d] rundll32.exe "C:\WINDOWS\system32\fotajipe.dll",b
O4 - HKLM\..\Run: [CPM879b3601] Rundll32.exe "c:\windows\system32\yadususa.dll",a
O4 - HKUS\S-1-5-18\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [nidle] "C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe" 61A847B5BBF728103B9D3B466188719AB689201522886B092CBD44BD8689220221DD3257 (User 'Default user')
O20 - AppInit_DLLs: C:\WINDOWS\system32\tawukewa.dll c:\windows\system32\yadususa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\yadususa.dll
Please download Malwarebytes' Anti-Malware from Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) or Here (http://www.besttechie.net/tools/mbam-setup.exe)
Double Click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.<-- Don't forget this
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and Paste the entire report in your next reply along with a New Hijackthis log.
This free online virus scanner will let me know if your infected with a File Infector virus
Run this free online scan using Internet Explorer:
Kaspersky Online Virus Scanner (http://www.kaspersky.com/virusscanner)
Next Click on Launch Kaspersky Online Scanner
You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make that the following are selected:
Scan using the following Anti-Virus database:
Standard
Scan Options:
Scan Archives
Scan Mail Bases
Click OK
Now under select a target to scan: Select My Computer
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
Now click on the Save as Text button:
Save the file to your desktop.
Post the log along with a New HJT Log into your next reply.
Leopold the Bold
2009-03-09, 07:20
I ran HijackThis and fixed the entries you mentioned. Then I ran the Malwarebytes' program. It found some 81 infected files, and marked about 6 of them to be deleted upon reboot. When I did reboot however, I got no indication that it successfully deleted them – I am not sure if that is normal or not.
To run the Kaspersky scan I had to update Java. I was unable to uninstall the previous version of Java because it said the install pack wasn't where it was supposed to be, so I just installed the Java update on top of it.
Here are the logfiles of Malwarebytes' Anti-Malware and HijackThis (from after the MB's Anti-Malware scan/fix). The Kaspersky log will be split up between a couple of other posts - it found more than 2300 entries and the log is too long to post all at once.
Thank you for your help.
Malwarebyte's Anti-Malware Log:
Malwarebytes' Anti-Malware 1.34
Database version: 1828
Windows 5.1.2600 Service Pack 3
3/8/2009 9:35:32 PM
mbam-log-2009-03-08 (21-35-32).txt
Scan type: Quick Scan
Objects scanned: 64837
Time elapsed: 6 minute(s), 30 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 10
Registry Keys Infected: 32
Registry Values Infected: 6
Registry Data Items Infected: 2
Folders Infected: 3
Files Infected: 27
Memory Processes Infected:
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Failed to unload process.
Memory Modules Infected:
C:\WINDOWS\system32\gowaruke.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nipeduwu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mevifezu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\namesute.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\weleseye.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fotajipe.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\system32\srhuwd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\Aud32\msgasst.dll (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\Aud32\msgutil.dll (Trojan.Agent.M) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5f85f4b8-f91c-4331-b7e0-013d2bb3c6b0} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5f85f4b8-f91c-4331-b7e0-013d2bb3c6b0} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7a8b98b7-e2cc-4400-934d-6a7cfa934078} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7a8b98b7-e2cc-4400-934d-6a7cfa934078} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7a8b98b7-e2cc-4400-934d-6a7cfa934078} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e3a14032-f6fc-426d-a024-bead613d5db3} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbcc290a-5e32-4e54-80db-f0f3f3892444} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5948a52a-ba3a-49a8-bcaf-d578502bda9d} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5f85f4b8-f91c-4331-b7e0-013d2bb3c6b0} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdat.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\messengerupdateproject.messengerupdate (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\c:/windows/downloaded program files/popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c9c5deaf-0a1f-4660-8279-9edfad6fefe1} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4e3e0f8-cd30-4380-8ce9-b96904bdefca} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fe8a736f-4124-4d9c-b4b1-3b12381efabe} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{d8c0508c-e235-4d9e-a27e-c8bb5f527dc9} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\MessengerUpdateProject.DLL (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdss.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcommsvr.exe (Security.Hijack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Applications\nxtepad.exe (Hijack.Notepad) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\84a8059d (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fikidudara (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm879b3601 (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\nipeduwu.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\nipeduwu.dll -> Delete on reboot.
Folders Infected:
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\Aud32 (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Sys (Trojan.Agent.M) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\srhuwd.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\fotajipe.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\epijatof.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\gowaruke.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ekurawog.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\namesute.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nipeduwu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\mevifezu.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\weleseye.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\MsgUpdate.dll (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\Downloaded Program Files\popcaploader.dll (Adware.PopCap) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\conf.sys (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\IgfxSys.dll (Trojan.Agent.M) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\phuninst.dll (Trojan.Agent.M) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\pub.dll (Trojan.Agent.M) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\serial.sys (Trojan.Agent.M) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\Aud32\msgasst.dll (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Drivers\Aud32\msgutil.dll (Trojan.Agent.M) -> Delete on reboot.
C:\Documents and Settings\Administrator\Application Data\Messenger\Sys\mu.dll (Trojan.Agent.M) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\2.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\azton.mt (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\FInstall.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msrstart.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\nxtepad.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\umtcdtw.sys (Backdoor.Bot) -> Quarantined and deleted successfully.
HijackThis Log:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:42:55 PM, on 3/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\1XConfig.exe
C:\WINDOWS\System32\igfxtray.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Gateway Utilities\GWInkMonitor.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\3.tmp
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PRONoMgr.exe] c:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [Gateway Ink Monitor] "C:\Program Files\Gateway Utilities\GWInkMonitor.exe"
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [QUICKCARE] C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe /P QUICKCARE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\tawukewa.dll srhuwd.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
--
End of file - 7512 bytes
Leopold the Bold
2009-03-09, 07:27
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, March 9, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, March 09, 2009 04:09:27
Records in database: 1881630
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
C:\
D:\
F:\
Scan statistics:
Files scanned: 67908
Threat name: 9
Infected objects: 2318
Suspicious objects: 0
Duration of the scan: 01:34:37
File name / Threat name / Threats count
C:\WINDOWS\system32\spoolsv.exe/C:\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ZCfgSvc.exe/C:\WINDOWS\system32\ZCfgSvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SYSTEM32\WISPTIS.EXE/C:\WINDOWS\SYSTEM32\WISPTIS.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\tabbtnu.exe/C:\WINDOWS\System32\tabbtnu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Explorer.EXE/C:\WINDOWS\Explorer.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ctfmon.exe/C:\WINDOWS\system32\ctfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\RegSrvc.exe/C:\WINDOWS\System32\RegSrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe/C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wscntfy.exe/C:\WINDOWS\system32\wscntfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\alg.exe/C:\WINDOWS\System32\alg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\1XConfig.exe/C:\WINDOWS\System32\1XConfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\igfxtray.exe/C:\WINDOWS\System32\igfxtray.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe/C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\System32\hkcmd.exe/C:\WINDOWS\System32\hkcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe/C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe/C:\Program Files\Synaptics\SynTP\SynTPLpr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe/C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe/C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE/C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\MOUSE32A.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe/C:\Program Files\HP\HP Software Update\HPWuSchd2.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe/C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\3.tmp/C:\WINDOWS\system32\3.tmp Infected: Worm.Win32.Pinit.bz 1
C:\CABS\1Gateway\275DAZ\Display\Win2000\hkcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Display\Win2000\igfxcfg.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Display\Win2000\igfxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Display\Win2000\igfxext.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Display\Win2000\igfxtray.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\DOC\Manual.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Intel\Chipset\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Intel\PROCESSR\GV3A.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Modem\agrsmdel.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Modem\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\InstNT.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\SynMood.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\SynTPEnh.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\SynTPLpr.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\SynZMetr.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\Mouse\Tutorial.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\NETWORK\XP\PROSet\PROSet.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\NETWORK\XP\PROUnstl.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\PHLASH\XP\PHLASHXP.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\WIRELESS\Intel2\APPS\PROSet\WINXP32\iSetup.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\WIRELESS\Intel2\APPS\PROSet\WINXP32\PINSTALL.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\275DAZ\WIRELESS\Intel2\PROW2200\WINXP\SetupWLD.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\APPS\ACROBAT\PINSTALL.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\NICDOC\Manual.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\DESKMNG\BOOTER.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\DESKMNG\GWBMPMAN.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\DESKMNG\VIDSET.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\IECUSTM\IEPROJ.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\POWER\XP\SETXP.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\DMA.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\dsktpcln.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\kbclose.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\PINSTALL.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\SETXP.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\MISC\UTILITY\xpHOTFIX\SRCDMARK.EXE Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\WinDVD\3rdPartyApp\DirectX81\dxsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\WinDVD\pinstall.exe Infected: Virus.Win32.Virut.ce 1
C:\CABS\1Gateway\WinDVD\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Application Data\nidle\nidle.exe8o5 Infected: Trojan.Win32.Agent2.ewk 1
C:\Documents and Settings\Administrator\Application Data\U3\temp\cleanup.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Application Data\U3\temp\Launchpad Removal.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Local Settings\temp\ICD1.tmp\jinstall.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Local Settings\temp\jkos-Administrator\binaries\ScanningProcess.exe Infected: Virus.Win32.Virut.ce 1
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\85JBOZIC\nc[1].txt Infected: Worm.Win32.Pinit.bz 1
C:\Documents and Settings\Administrator\My Documents\RyanComputerSick\ATF-Cleaner.exe Infected: Virus.Win32.Virut.ce 1
C:\PINSERT.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\2Wire.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\FirmwareLauncher.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\FullPermiss.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\PCARmDrv.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\SetUpAgent\2WireAgent.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire Wireless Manager\SetUpAgent\2WireWiz.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\2Wire_USB_Drivers\2WireUninstall.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Adobe\Acrobat 6.0\Reader\AdobeUpdateManager.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Adobe\Acrobat 6.0\Reader\plug_ins\Printme\ConsoleApp.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Adobe\Acrobat 6.0\Reader\Updater\acroaum.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AIM\aimauto.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AIM\SendFile.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AIM\ShareFile.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AIM\Sysfiles\AolOnDesktop.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AIM\unwise32.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\AOD\AolAod.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\HP\Memories Disc\2.0\hpodlog3.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\HP\Memories Disc\2.0\hpodrend.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\HP\Memories Disc\2.0\hpodserv.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Java\Update\Base Images\j2re1.4.2-b28\patch-j2re1.4.2-b28\patchjre.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Ink\pipanel.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Ink\tabtip.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Ink\tcserver.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\DVD\DVD Player\WinDVD.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\eauninstall.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\Sims2_uninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\Support\The Sims 2_code.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2\Support\The Sims 2_uninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\eauninstall.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\Sims2EP2_uninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\Support\The Sims 2 Nightlife_code.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\EA GAMES\The Sims 2 Nightlife\Support\The Sims 2 Nightlife_uninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\ERUNT\AUTOBACK.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\ERUNT\ERUNT.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\ERUNT\NTREGOPT.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\BMPMAN\BOOTER.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\BMPMAN\GWBMPMAN.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\BMPMAN\VIDSET.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\Do More\DoMore.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\GWMENU.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\PGWSCRGEN.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\PINSERT.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\pinsertx.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\pinstall.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\PSCRIPT.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\PSHELL.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\UNINSTAL.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\HPA\WININSTA.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Gateway\IECustom\IEPROJ.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Hewlett-Packard\Diagnostics\HPSysDig.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\DestTest.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpocpy08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpokpy08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hposid01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpospd08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpostl08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hposvc08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqacdse.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqanon.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqaol08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqatalb.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqclpbd.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqcopy.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqcsaha.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqdcico.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqdstcp.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqEmlsz.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqgrcpy.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqimvac.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqirs08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqisc09.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqiscfg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqisiex.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqisrps.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqpanos.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqpprop.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqprntw.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqptc08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqselsk.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqtax08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqvwr08.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpsjrreg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\HPXMLPDF.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\ppcue.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\bin\svtf.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\DocProc\DocProc.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Help\cuetour\fscommand\director.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Help\cuetour\fscommand\help_home.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Help\cuetour\fscommand\image_zone.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\uninstall\hpzmsi01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Unload\HpqApkil.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Unload\HpqPSmon.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Unload\HpqUnApl.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\Unload\HpqUnSet.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpzcfg12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpzeng12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpzpre12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpzstc12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpzstw12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpztbu12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\common\drivers\com_os\hpztbx12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\hpzglu12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpoapd01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzcdl01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzgat01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzmsi01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpznop01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzpsl01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzwrp01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\util\aio\hpopdi05.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\util\aio\hpopin05.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\util\common\hpqisc09.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\util\common\hpzghl12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Digital Imaging\{342C7C88-D335-4bc2-8CF1-281857629CE2}\util\common\hpzpin12.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\HP Software Update\HPWUCli.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\HP Software Update\SelfUpdate.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Product Assistant\bin\hprblog.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Product Assistant\bin\hprbui.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Product Assistant\bin\hprbUpdate.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Temp\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzmsi01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Temp\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzrcv01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\HP\Temp\{342C7C88-D335-4bc2-8CF1-281857629CE2}\setup\hpzscr01.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\InstallShield Installation Information\{45EBDA59-D33B-433A-956E-B2F236468B56}\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\InstallShield Installation Information\{7C21EEE0-E6FD-11D4-BD19-00D0B702AEC0}\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\InstallShield Installation Information\{9692FD03-6662-4E62-B08C-30DFF51651E1}\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Intel\PROSetWireless\NCS\PROSet\PRONoMgr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Internet Explorer\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Java\j2re1.4.2\javaws\javaws.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Messenger\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\Mouse32A.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Micro Innovations\Optical Mouse Ice\Ver.5.3\unins000.EXE Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Movie Maker\moviemk.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MSNCoreFiles\copymar.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MSNCoreFiles\msn.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MSNCoreFiles\pisynctw.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MSNCoreFiles\Setup\msnunin.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MSNCoreFiles\update.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MsnInstaller\msniadm.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MsnInstaller\msninst.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MSN\MsnInstaller\msniusr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMFWLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjb.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMJBBurn.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMJBLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMJBPortables.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMJBPortablesLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmjbrun.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_director.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_server.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\ti.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\unmatch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\DLM\MMUpdateMgr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\DLM\MMUpdateMgrSetup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mmdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\MMFWLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mmjb.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\MMJBBurn.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\MMJBLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\MMJBPortables.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\MMJBPortablesLaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mmjbrun.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mmtask.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mm_director.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mm_server.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\mm_tray.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\Setup.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\StopPhilipsRemote.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\ti.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMJB\unmatch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\MUSICMATCH\MUSICMATCH Update\MMUpdateMgr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\NetMeeting\cb32.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\NetMeeting\conf.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\NetMeeting\wb32.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Outlook Express\msimn.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Outlook Express\oemig50.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Outlook Express\setup50.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Outlook Express\wab.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Outlook Express\wabmig.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Phoenix Technologies Ltd\WinPhlash\WinPhlash.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\PowerToys for Tablet PC\My Font Tool for Tablet PC\My Font Tool for Tablet PC.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\QuickTime\PictureViewer.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\QuickTime\QTInfo.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\QuickTime\QTSystem\ExportController.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\QuickTime\QTSystem\QuickTimeUpdateHelper.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\QuickTime\qttask.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\agentui\quickcare.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\dialogwaiter.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\sdckillw.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\sprtcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\tgshell.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\togglekeylock.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Qwest\QuickCare\bin\wificfg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Real\RealPlayer\fixrjb.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Real\RealPlayer\realjbox.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Real\RealPlayer\rphelperapp.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Spybot - Search & Destroy\SDDelFile.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\InstNT.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynMood.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\SynZMetr.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Synaptics\SynTP\Tutorial.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Viewpoint\Viewpoint Media Player\MtsAxInstaller.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Winamp\winamp.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Winamp\winampa.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Journal\journal.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Journal\pDialog.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Connect 2\wmccds.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Connect 2\WMCCFG.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\dlimport.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\migrate.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmdbexport.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmlaunch.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmpenc.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmpnetwk.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmpnscfg.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmpshare.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows Media Player\wmsetsdk.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows NT\Accessories\wordpad.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows NT\dialer.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows NT\hypertrm.exe Infected: Virus.Win32.Virut.ce 1
C:\Program Files\Windows NT\Pinball\pinball.exe Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\explorer.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\200933422.dll.vir Infected: Trojan-GameThief.Win32.WOW.fwm 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\3.tmp.vir Infected: Worm.Win32.Pinit.bz 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\afisicx.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\inf\rundll33.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\inf\xccefb090305.scr.vir Infected: Trojan.Win32.Buzus.aoqt 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\mabidwe.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\senekaejrflucu.dll.vir Infected: Packed.Win32.Tdss.c 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\senekajjryoydk.dll.vir Infected: Packed.Win32.Tdss.c 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\senekaomhhehck.dll.vir Infected: Packed.Win32.Tdss.c 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\sopidkc.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\spoolsv.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\user32.dll.vir Infected: Trojan.Win32.Patched.dr 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\userinit.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\w.exe.vir Infected: Virus.Win32.Virut.ce 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\_mlJDwVOg_.dll.zip Infected: Trojan.Win32.Monderb.ahfk 1
C:\Qoobox\Quarantine\C\WINDOWS\system32\_user32_.dll.zip Infected: Trojan.Win32.Patched.dr 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057624.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057627.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057642.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057648.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057667.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057676.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP379\A0057685.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058786.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058800.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058829.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058856.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058859.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058861.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058872.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058880.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058882.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058883.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058884.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP384\A0058885.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP386\A0058952.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP386\A0058955.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP393\A0062960.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP393\A0062961.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP398\A0064972.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP428\A0071076.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP428\A0071082.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP428\A0071103.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP428\A0071112.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076330.dll Infected: Packed.Win32.Tdss.c 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076331.dll Infected: Packed.Win32.Tdss.c 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076332.dll Infected: Packed.Win32.Tdss.c 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076337.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076338.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076341.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076347.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076349.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076351.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076356.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076358.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076360.scr Infected: Trojan.Win32.Buzus.aoqt 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076361.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076364.dll Infected: Trojan-GameThief.Win32.WOW.fwm 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076369.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076370.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076371.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076372.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076373.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076374.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076375.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076376.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076377.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076378.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076379.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076380.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076398.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076409.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076416.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076429.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076448.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076451.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076454.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076456.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076457.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076458.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076459.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076460.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076461.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076462.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076463.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076464.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076465.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076466.scr Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076467.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076468.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076469.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076470.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076471.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076472.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076473.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076474.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076475.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076476.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076477.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076478.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076505.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP446\A0076506.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076516.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076517.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076518.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076519.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076520.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076521.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076522.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076523.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076524.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076525.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076526.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076527.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076528.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076529.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076530.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076531.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076532.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076533.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076534.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076535.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076536.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076537.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076538.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076539.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076540.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076541.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076542.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076543.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076544.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076545.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076546.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076547.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076548.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076549.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076550.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076551.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076552.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076553.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076554.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076555.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076556.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076557.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076558.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076559.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076560.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076561.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076562.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076563.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076564.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076565.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076566.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076567.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076568.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076569.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076570.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076571.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076572.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076573.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076574.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076575.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076576.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076577.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076578.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076579.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076580.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076581.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076582.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076583.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076584.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076585.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076586.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076587.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076588.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076589.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076590.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076591.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076592.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076593.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076594.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076595.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076596.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076597.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076598.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076599.EXE Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076600.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076601.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076602.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076603.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076604.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076605.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076606.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076607.exe Infected: Virus.Win32.Virut.ce 1
Leopold the Bold
2009-03-09, 07:28
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076608.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076609.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076610.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076611.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076612.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076613.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076614.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076615.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076616.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076617.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076618.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076619.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076620.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076621.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076622.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076623.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076624.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076625.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076626.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076627.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076628.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076629.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076630.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076631.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076632.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076633.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076634.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076635.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076636.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076637.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076638.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076639.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076640.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076641.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076642.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076643.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076644.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076645.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076646.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076647.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076648.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076649.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076650.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076651.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076652.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076653.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076654.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076655.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076656.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076657.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076658.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076659.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076660.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076661.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076662.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076663.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076664.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076665.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076666.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076667.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076668.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076669.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076670.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076671.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076672.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076673.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076674.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076675.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076676.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076677.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076678.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076679.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076680.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076681.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076682.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076683.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076684.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076685.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076686.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076687.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076688.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076689.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076690.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076691.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076692.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076693.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076694.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076695.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076696.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076697.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076698.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076699.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076700.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076701.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076702.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076703.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076704.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076705.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076706.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076707.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076708.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076709.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076710.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076711.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076712.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076713.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076714.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076715.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076716.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076717.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076718.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076719.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076720.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076721.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076722.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076723.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076724.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076725.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076726.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076727.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076728.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076729.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076730.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076731.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076732.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076733.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076734.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076735.exe Infected: Virus.Win32.Virut.ce 1
C:\System Volume Information\_restore{9CA9BABD-891E-4E98-996C-9CEAD8FF1EB4}\RP447\A0076736.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB873339\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB885835\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB885836\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB886185\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB887472\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB888302\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB891781\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896358\SP2GDR\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896423\SP2GDR\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896428\SP2GDR\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB902400\SP2GDR\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB908531\SP2GDR\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB931768-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB933360\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB933566-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB937143-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB955839\SP3QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ahui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\alg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\aspnet_state.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\asr_fmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\asr_pfu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\at.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\atmadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\attrib.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\blastcln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\bootcfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cacls.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cipher.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cliconfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cmdl32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cmstp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\comrereg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\comsdupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\conf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\conime.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ctfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\davcdata.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\defrag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dialer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\diantz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dlimport.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dmadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dpnsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\driverquery.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\drvqry.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\dxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\eudcedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\evcreate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\eventcreate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\eventtriggers.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\evntcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\evtrig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\extrac32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\faxpatch.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\findstr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fontview.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\forcedos.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fsquirt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fxsclnt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\getmac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\gpresult.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\gprslt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\help.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\helpctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\icwconn1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ieexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\iexpress.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\iisrstas.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\imapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\inetin51.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\inkball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ipconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\irftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\journal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\kbdsur.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\keyboardsurrogate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\locator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\logman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\logon.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\logonui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\lsass.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\magnify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\makecab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\migload.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\migrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mqbkup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mqsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mqtgsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msimn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mstinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mstsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\mtstocom.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\muisetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\narrator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\net.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\net1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\netdde.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\netsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\netstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\notepad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\nppagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\nslookup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ntbackup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\oobewrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\openfiles.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\opnfiles.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\osk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\packager.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\pinball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\pipanel.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\progman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\proquota.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\proxycfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rcimlby.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rcp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rdpclip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\reg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\regedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\regsvr32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rsnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rstrui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\runonce.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\savedump.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\schtasks.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sctasks.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sdbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\secedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\services.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sethc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\setregni.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\setup50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\skeys.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\smbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\smi2smir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\smlogsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sndrec32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\snmp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\snmptrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\softkbd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sort.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spdwnwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spider.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spiisupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\splshwrp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\spupdwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssbezier.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\stikynot.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\stimon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sysinfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\systeminfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tabcal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tabtip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\taskkill.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tasklist.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\taskmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tcserver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tlntadmn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tlntsess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tlntsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\togac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tp4mon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tracerpt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tracert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\uploadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\ups.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\userinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\utilman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\vssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wabmig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wextract.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\winhlp32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\winver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wisptis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wmic.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wpabaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wuauclt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB833407$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB873339_0$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB885835_0$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB885836_0$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB885836_0$\wordpad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB887472$\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB887998$\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB887998$\setregni.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB887998$\togac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB888302_0$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB891781_0$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896358$\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896358_0$\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896423_0$\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896428$\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB896428_0$\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB902400_0$\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB908531$\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\msimn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\oemig50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\wab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB911567-OE6SP1-20060316.165634$\wabmig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB914388_0$\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB914388_0$\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB922819$\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB922819$\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB930494$\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB930494$\ieexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB930494$\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB930494$\setregni.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB930494$\togac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB933360$\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB951072-v2$\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB951978$\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB951978$\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallKB955839$\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallWMFDist11$\uwdf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallWMFDist11$\wdfmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallWMFDist11$\wmsetsdk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\agrsmdel.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Cache\Adobe Reader 6\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ERDNT\3-7-2009\ERDNT.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ERDNT\subs\ERDNT.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\GTRemove.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Help\oobewrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Help\splshwrp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7\spuninst\ieResetIcons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB931768-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB931768-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB931768-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB933566-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB933566-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB933566-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB937143-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB937143-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB937143-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB939653-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB939653-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB947864-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB947864-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB958215-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB958215-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB961260-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ie7updates\KB961260-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ieuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\inf\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{17293791-C82E-476C-9997-9A0FF234A19B}\NewShortcut1_17293791C82E476C99979A0FF234A19B.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}\NewShortcut1.A6CC6977_F7B4_4C0B_9510_BCD847D4BDB2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{5380063E-2909-4d72-BFA3-625881F2E78B}\PROSet.56285FC4_11A9_11D6_8473_00902745D287.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{5BFC0621-0C2D-42E5-8809-BCCE9A36267F}\NewShortcut5_606B50C2D7824A96AEDE24F444A04841.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{64FC0C98-B035-4530-B15D-3D30610B6DF1}\HPSUShortcut2_936C42D08CEE4BDFB8CEC4BDC93C6CF8_1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91A10409-6000-11D3-8CFE-0150048383C9}\joticon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91A10409-6000-11D3-8CFE-0150048383C9}\misc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\misc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\outicon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pptico.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\pubs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\wordicon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{91CA0409-6000-11D3-8CFE-0150048383C9}\xlicons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B5}\IconCD95F66110.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Installer\{F10082FE-BACB-4E58-A423-DAD6BFC8B3A2}\NewShortcut1_F10082FEBACB4E58A423DAD6BFC8B3A2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\IsUninst.exe Infected: Virus.Win32.Virut.ce 1
Leopold the Bold
2009-03-09, 07:29
C:\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_state.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\caspol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ConfigWizards.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\Copy2Gac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\csc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\cvtres.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\gacutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\IEExec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ilasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\installutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\jsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\ngen.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\regsvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\vbc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\msagent\agentsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\mui\muisetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\network diagnostic\xpnetdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\NIRCMD.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\notepad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\HelpHost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\helpsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\hscupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\notiflag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\PCHEALTH\UploadLB\Binaries\uploadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\Q330994.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\regedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpnsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{44BBA855-CC51-11CF-AAFA-00AA00B6015C}\dxdllreg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{60BFF50D-FB2C-4498-A577-C9548C390BB9}\moviemk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\sed.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\accwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\actmovie.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ahui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\alg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\aspnet_state.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\asr_fmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\asr_pfu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\at.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\atmadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\attrib.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\auditusr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\blastcln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\bootcfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cacls.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\caspol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cipher.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cisvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cmstp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\comrepl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\comrereg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\comsdupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\conf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\conime.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\csc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ctfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\davcdata.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ddeshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\defrag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dialer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\diantz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\diskpart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dlimport.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dllhost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dmremote.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dpnsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\drvqry.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dumprep.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dwwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\evcreate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\evntcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\evntwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\evtrig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\extrac32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\findstr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fontview.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\forcedos.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fsquirt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fxscover.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\getmac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\gprslt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\grpconv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\help.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\helpctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\hscupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\icwconn1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\icwrmind.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ieexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\iexpress.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\iisrstas.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ilasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\imapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\inetin51.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\installutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\irftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\jsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lang\tintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\locator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\logman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\logon.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\logonui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\lsass.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\magnify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\makecab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migload.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migwiza.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\migwiz_a.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mobsync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mofcomp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\moviemk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mplay32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mqbkup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mqsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mqtgsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msdtc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msiexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msimn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msiregmv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\msoobe.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mspaint.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mstinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mstsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\muisetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\napstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\narrator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\net.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\net1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\netdde.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\netsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\netstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ngen.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\notepad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\nppagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\nslookup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ntbackup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\odbcad32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\oemig50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\oobebaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\opnfiles.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\osk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\packager.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\perfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\pinball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\powercfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\progman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\proquota.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\qprocess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rasphone.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rcp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rdshost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\reg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\regasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\regedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\regsvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\regsvr32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rsnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rstrui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rtcshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\rundll32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\runonce.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\savedump.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\scrcons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sctasks.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\secedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\services.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sethc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\setup50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\setupn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\shmgrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\shrpubw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\shutdown.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sigverif.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\skeys.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\smbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\smi2smir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\snmp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\snmptrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sort.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spdwnwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spider.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spiisupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\spupdwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssbezier.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssmarque.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssmypics.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sspipes.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ssstars.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\stimon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\svchost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sysinfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\taskkill.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tasklist.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tlntadmn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tlntsess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tlntsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tracerpt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tracert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tscupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\uploadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\ups.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\userinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\utilman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\vbc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\vssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wabmig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wextract.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\winlogon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\winver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wmic.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wordpad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wpabaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\xcopy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\accwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\actmovie.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\agentsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ahui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\alg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\aspnet_wp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\asr_fmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\at.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\atmadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\auditusr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\blastcln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\caspol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cipher.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cisvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cliconfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\clipbrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\clipsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cmdl32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cmmon32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cmstp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\comrepl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\conf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\conime.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\csc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ctfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\davcdata.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ddeshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\defrag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dialer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\diantz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\diskpart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dlimport.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dllhost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dmadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dmremote.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dpnsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dumprep.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dwwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\dxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\eudcedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\evcreate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\evntcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\evntwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\explorer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\extrac32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\faxpatch.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\findstr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fontview.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fsquirt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fxsclnt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fxscover.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\fxssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\gprslt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\grpconv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\helpctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\helpsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\hh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\hscupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\icwconn1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\icwconn2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\icwrmind.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ieexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\iexplore.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\iexpress.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\iisrstas.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ilasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\imapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\inetin51.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\inetwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\installutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip\asr_pfu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip\comsdupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip\secedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ip\spiisupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ipconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ipxroute.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\irftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\jsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lang\cintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lang\imscinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lang\pintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lang\tintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lang\tintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\locator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\logman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\logon.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\logonui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\lsass.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\magnify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\makecab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\migload.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\migrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\migregdb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\migwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\migwiz_a.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mobsync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mofcomp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\moviemk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mplay32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mqbkup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mqsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mqtgsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msdtc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msiexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msimn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msiregmv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\msmsgs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mspaint.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mstinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\mstsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\muisetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\narrator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\nddeapir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\net.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\net1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netdde.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\netstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ngen.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\notepad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\nppagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\nslookup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntbackup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ntvdm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\odbcad32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\odbcconf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\oemig50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\oobebaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\opnfiles.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\osk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\packager.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\perfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\pinball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\powercfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\progman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\proquota.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\proxycfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\qprocess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rasphone.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rcimlby.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rcp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rdpclip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rdshost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\reg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regasm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regsvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\regsvr32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\mediactr\i386\gacutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\inkball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\journal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\kbdsur.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\oobewrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\pipanel.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\softkbd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\splshwrp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\stikynot.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\tabtip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\tcserver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\root\cmpnents\tabletpc\i386\wisptis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rsnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rstrui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rtcshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\rundll32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\runonce.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\savedump.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\scardsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\scrcons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\scrnsave.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sctasks.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sdbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\services.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sessmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sethc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\setregni.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\setup50.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\shmgrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\shrpubw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\shutdown.exe Infected: Virus.Win32.Virut.ce 1
Leopold the Bold
2009-03-09, 07:29
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sigverif.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\skeys.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\smbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\smi2smir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\smlogsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sndrec32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\snmp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\snmptrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spdwnwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spider.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spupdsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\spupdwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssbezier.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssmarque.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssmypics.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssmyst.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sspipes.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ssstars.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sstext3d.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\stimon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\svchost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\taskmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tlntadmn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tlntsess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tlntsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\togac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tourstrt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tp4mon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tracerpt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tracert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\tscupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\update\fixccs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\update\nv4prep.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\update\spnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\update\update.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\uploadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\upnpcont.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\ups.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\userinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\utilman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\vbc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\vssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wabmig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wbemtest.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wextract.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winhlp32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winlogon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\winver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wmiadap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wmic.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wordpad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wpabaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wscntfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wuauclt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\16b2c96a0c41f4dfdb4d3cc228a4f819\xcopy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\e7315ae76f5adc7c9afda4e7adacef1d\SP2GDR\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SoftwareDistribution\Download\e7315ae76f5adc7c9afda4e7adacef1d\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SWREG.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SWSC.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\SWXCACLS.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system\xccef090305.exe Infected: Trojan.Win32.Buzus.aoqt 1
C:\WINDOWS\system32\1DF.tmp Infected: Worm.Win32.Pinit.bz 1
C:\WINDOWS\system32\1XConfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\3.tmp Infected: Worm.Win32.Pinit.bz 1
C:\WINDOWS\system32\3361\SVCHOST.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\accwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\actmovie.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\AdHocWiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ahui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\alg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\arp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\asr_fmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\asr_ldm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\asr_pfu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\at.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\atmadm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\attrib.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\auditusr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\azton.mt Infected: Worm.Win32.Pinit.bz 1
C:\WINDOWS\system32\blastcln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\bootcfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\bootok.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\bootvrfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cacls.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\calc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\charmap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\chkdsk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\chkntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cidaemon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cipher.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cisvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ckcnv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cliconfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\clipbrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\clipsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cmdl32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cmmon32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cmstp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Com\comrepl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Com\comrereg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\comp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\compact.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\comsdupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\conime.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\control.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\convert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ctfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ddeshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\defrag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\diantz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\diskpart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\diskperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\arp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\asr_ldm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\bootok.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\bootvrfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\calc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\cb32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\change.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\charmap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\chglogon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\chgport.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\chgusr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\chkdsk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\chkntfs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\cidaemon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\cintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ckcnv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\comp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\compact.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\control.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\convert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\convlog.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\cprofile.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\cscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\diskperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\dlimport.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\dllhst3g.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\doskey.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\drwtsn32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\esentutl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\eventvwr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\expand.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\fc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\find.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\finger.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\fixmapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\flattemp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\freecell.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\fsutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\fxssend.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\gpupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\helphost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\hostname.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\icwtutor.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\iedw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\iisreset.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\iissync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\imekrmig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\imkrinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\imscinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\inetmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ipsec6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\isignup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\journal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\kbdsur.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\label.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\lights.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\lnkstub.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\lodctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\logoff.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\lpq.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\lpr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\migisol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\migrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mountvol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mplay32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mpnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mrinfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\msg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mshearts.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\msinfo32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\msswchx.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\nbtstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\notiflag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ntsd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\nwscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\oobewrap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\osuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\pathping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\pdialog.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\pentnt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\ping6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\pintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\pipanel.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\print.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\qappsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\query.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\quser.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\qwinsta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rasautou.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rasdial.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\recover.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\regedt32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\regini.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\register.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\regwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\relog.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\replace.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\reset.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\route.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\routemon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rsm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rsmsink.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rsmui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rsopprov.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rsvp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\runas.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\rwinsta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\sapisvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\sc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\setup_wm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\sfc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\shadow.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\sndvol32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\softkbd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\sol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\splshwrp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\srdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\stikynot.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\subst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\syncapp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\syskey.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\systray.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tabbtnu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tabcal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tabtip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\taskman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tcmsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tcpsvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tcserver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tintsetp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tracert6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tscon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tsdiscon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tskill.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tsprof.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\tsshutdn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\twunk_32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\typeperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\unlodctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\unregmp2.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\unsecapp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\verifier.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\vssadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\w32tm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wb32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\winhstb.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\winmgmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\winmine.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\winmsd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wisptis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wmplayer.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wmpstub.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\write.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllcache\wupdmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllhost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dllhst3g.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dmadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dmremote.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\doskey.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dpnsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\driverquery.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\drmupgds.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\drwtsn32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dumprep.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dvdplay.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dwwin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\dxdllreg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\esentutl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\eudcedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\eventcreate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\eventtriggers.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\eventvwr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\expand.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\extrac32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\faxpatch.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\find.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\findstr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\finger.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fixmapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fltmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fontview.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\forcedos.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\freecell.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fsquirt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\fsutil.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\getmac.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\gpresult.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\gpupdate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\grpconv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\help.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\hkcmd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\hostname.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\HPZinw12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\HPZipm12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ieudinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\iexpress.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\igfxcfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\igfxdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\igfxext.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\igfxtray.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\imapi.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\IME\CINTLGNT\CINTSETP.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\IME\PINTLGNT\IMSCINST.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\IME\PINTLGNT\pintlphr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\IME\TINTLGNT\TINTLPHR.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\inkball.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ipconfig.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ipsec6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ipv6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ipxroute.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\label.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\lights.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\lnkstub.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\locator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\lodctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\logagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\logman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\logoff.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\logon.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\logonui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\lpq.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\lpr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Macromed\Flash\genuinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\magnify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\makecab.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\migpwd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mmc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mmcperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mobsync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mountvol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mplay32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mpnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mqbkup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mqsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mqtgsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mrinfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msdtc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msfeedssync.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mshearts.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mshta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msiexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msnphoto.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mspaint.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\msswchx.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mstinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\mstsc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\napstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\narrator.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\nbtstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\nddeapir.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\net.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\net1.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\netdde.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\netsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\netsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\netstat.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\notepad.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\npp\nppagent.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\nslookup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ntbackup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ntsd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ntvdm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\nwscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\odbcad32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\odbcconf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\oobe\msoobe.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\oobe\oobebaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\openfiles.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\osk.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\osuninst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\packager.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\pathping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\pentnt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\perfmon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\PfWizard.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ping.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ping6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\powercfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\print.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\progman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\proquota.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Prounstl.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\proxycfg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\qappsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\qprocess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\qwinsta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rasautou.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rasdial.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rasphone.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rcimlby.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rcp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rdpclip.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rdshost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\recover.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\reg.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\regedt32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\regini.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\RegSrvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\regsvr32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\regwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\relog.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\replace.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\reset.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Restore\rstrui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\Restore\srdiag.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rexec.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\route.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\routemon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsh.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsmsink.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsmui.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsnotify.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsopprov.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rsvp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rtcshare.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\runas.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rundll32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\runonce.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\rwinsta.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\savedump.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\SbrngSvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\scardsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\schtasks.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\scrnsave.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sdbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\secedit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sessmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sethc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\setup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\setupn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sfc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\shadow.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\shmgrate.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\shrpubw.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\shutdown.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sigverif.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\skeys.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\smbinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\smlogsvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sndrec32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sndvol32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\softkbd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sol.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sort.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spdwnwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spider.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spiisupd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzcfg12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzeng12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzpre12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstc12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpzstw12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbu12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztbx12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpzcfg12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpzeng12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpzpre12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpzstc12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpzstw12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpztbu12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spool\drivers\w32x86\hppsc_1600_seriese878\hpztbx12.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\spupdwxp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssbezier.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssmarque.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssmypics.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssmyst.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sspipes.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ssstars.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sstext3d.scr Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\stikynot.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\stimon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\subst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\syncapp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\syskey.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\systeminfo.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\systray.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tabbtnu.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tabcal.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tabsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\taskkill.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tasklist.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\taskman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\taskmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tcmsetup.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tcpsvcs.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\telnet.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tftp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tlntadmn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tlntsess.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tlntsvr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tourstart.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tracerpt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tracert.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tracert6.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tscon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tscupgrd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tsdiscon.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tskill.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tsshutdn.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\typeperf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\tzchange.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\u8763948.dll Infected: Trojan-GameThief.Win32.OnLineGames.bkvv 1
C:\WINDOWS\system32\unlodctr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\upnpcont.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ups.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\URTTemp\regtlib.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\userinit.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\usmt\migload.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\usmt\migwiz.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\usmt\migwiza.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\usmt\migwiz_a.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\utilman.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\uwdf.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\verclsid.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\verifier.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\vssadmin.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\vssvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\w32tm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\mofcomp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\scrcons.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\unsecapp.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\wbemtest.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\winmgmt.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\wmiadap.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\wmic.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wbem\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wdfmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wextract.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\WinFXDocObj.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\winhlp32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\winmine.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\winmsd.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\winver.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wisptis.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wmpstub.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wpabaln.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wpdshextautoplay.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wqcfic Infected: Trojan.Win32.Patched.dr 1
C:\WINDOWS\system32\write.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wscntfy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wscript.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\WudfHost.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\wupdmgr.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\xcopy.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\xpsp1hfm.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\system32\ZCfgSvc.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\TASKMAN.EXE Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\twunk_32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\VFIND.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\winhlp32.exe Infected: Virus.Win32.Virut.ce 1
C:\WINDOWS\zip.exe Infected: Virus.Win32.Virut.ce 1
D:\SecurDataStorRM\Files\CopyFile.exe Infected: Virus.Win32.Virut.ce 1
The selected area was scanned.
Good Morning,
I am afraid I have bad news for you, you are infected with the File Infector Virus. If you look through your Kaspersky log, you will see many entries for Virut, what this virus has done is to infect every .exe file on your system, even the files in System Restore and the i386 backup folder. This computer is now what we consider compromised, another words it is not to be trusted in the future. If you have done online shopping or banking it has most likely stolen your account numbers and passwords. You should go to a known clean computer and change all your passwords. The best thing you can do to be safe on the computer is to do a complete reformat and a clean install of windows . There has been some luck cleaning this with this next program if your willing to try it.
First lets clean out System Restore
System Restore makes regular backups of all your settings, if you ever had to use this program to restore your system to a previous date, you will be infected all over again so we need to clean out the previous Restore Points
Turn off System Restore.
Right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore on all Drives.
Click Apply, and then click OK.
Reboot your computer
Turn ON System Restore.
Right-click My Computer.
ClickProperties.
Click the System Restore tab.
UN-Check Turn off System Restore on all Drives.
Click Apply, and then click OK.
Create a new Restore Point <-- Very Important
Go to Start> All Programs> Assesories> System Tools> System Restore and create a New Restore Point
System Restore Tutorial (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- If you need it
Download Dr.Web CureIt to the desktop:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
Doubleclick the drweb-cureit.exe file and Allow to run the express scan
This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
Once the short scan has finished, mark the drives that you want to scan.
Select all drives. A red dot shows which drives have been chosen.
Click the green arrow at the right, and the scan will start.
Click 'Yes to all' if it asks if you want to cure/move the file.
When the scan has finished, look if you can click next icon next to the files found: http://users.telenet.be/bluepatchy/miekiemoes/images/check.gif
If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
http://users.telenet.be/bluepatchy/miekiemoes/images/move.gif
This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
Save the report to your desktop. The report will be called DrWeb.csv
Close Dr.Web Cureit.
Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.
After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.
Then run Kaspersky again and post a new Kaspersky log
Leopold the Bold
2009-03-09, 20:07
I have a couple of questions.
1) What are the options available for saving the non .exe files on the computer? Are they uninfected/safe to transport to an off-computer storage drive? (Perhaps only certain filetypes are safe?) If any are safe to move, should I do that before the fix you've recommended?
2) You said it has probably stolen account numbers/passwords. Is this true if the computer has generally ever been used for online banking, or do you mean more specifically if it has been used for online banking after the infection? I will definitely have her change her passwords either way just to be sure. I just want an idea of how concerned we should be about her bank accounts, etc. As far as I know she didn't check them any time after (or right before) the infection.
3) I did use a flash drive to transfer install files from my computer to hers, and to transfer the log files of the scans back to my computer. Is it possible my computer may have gotten infected? Should I consider the flash drive compromised and get a new one?
As for the rest, my girlfriend is at work right now and I'll have to see whether she wants to try fixing it, or if she would prefer to just reformat and clean install Windows. I am guessing it will probably depend on how many (and which) files can be saved.
Hi,
You can save your Photos and documents with no problem.
What I meant about passwords and such, this virus has the ability to steal your account numbers and passwords for any site you visit that requires a user name and password to enter, it can also capture any sensitive info like account numbers, credit card numbers and the like, whether it has done so we won't know, its best to be on the safeside and change them all.
Your flash drive may be infected also, there cheap, throw it away.
My self, if this was me I would just do a format and reinstall windows and be done with it, then you will know your machine is nice and healthy again. You cant do a system repair or you will just be copying files over the older infected ones, it needs a complete reformat.
Been at this for many years and never had to recommend a format and reinstall of windows , this one has just cropped up and I recommended a reformat to 4 other people in the past month.
Years ago when Win 95 came out and you caught a virus, it made your screen wobble or some other stupid thing, not any more, this is big business to cyber thieves, they will steal anything they can.
Leopold the Bold
2009-03-10, 03:54
Hello,
I asked her and she doesn't mind reformatting and reinstalling Windows as long as she can save all her files. So, just to ensure that I'll be doing this safely in a way that won't reinfect her computer or potentially infect mine, I'll describe what I would plan to do and hopefully see if that can save everything without risking any infections.
1. Go on her computer, move all non .exe files into a folder, consisting of image files (.jpg, .gif, etc.), document files (.doc, .txt., .rtf, etc.), movie files (.mpg, .mov, etc.), music files (.mp3, etc).
2. Once all files we want to save are in one location, transfer it to off computer storage: for me that is a Western Digital "My Little Black Book" storage unit (first result if you google: WD "My Little Black Book"). I think on the unit it has .exe files that control how the drive interfaces with the computer (displaying files, etc). Would those .exe files be safe if I don't run them (as much as possible)?
I already have some files in storage on the drive, so I want to minimize risk to to those files as well. Is there any safer way to do this? (For instance, would burning the files onto CDs work as well?)
Thank you!
Good Morning,
I am glad your taking the reformat route, its the safest way.
Any files with an .exe extension are infected, this is just an example from your system of some of the infection, all your critical windows files that make windows run are also infected.
C:\Program Files\2Wire Wireless Manager
C:\Program Files\EA GAMES\The Sims 2
C:\Program Files\HP\Digital Imaging
C:\Program Files\Micro Innovations\Optical Mouse Ice
I am assuming that D is your burner, it looks like its infected also
D:\SecurDataStorRM\Files\CopyFile.exe Infected: Virus.Win32.Virut.ce 1
So this is a tough call on how to save them. I would hate for you to go through a reinstall , only to put back infected files on the new system.
Let me look around at some of the other infected people and see how they went about it with help from my peers.
Do you know how to format and reinstall windows or do you need help?
Hang on and I will be back in a bit.
Ken
Leopold the Bold
2009-03-10, 17:59
Yes, some help with the reformatting would be great. We're a little shaky on how to do it. Hopefully we can find a way to save the files without spreading the infection.
Thank you! We'll check back later!
Hi,
Sorry you have to go through all this. :sad:
I am going to link you to a couple of windows support sites that deal with this on a regular basis, there more in tune to doing this than I am. Be sure to tell them that you where infected with Virut and that a complete reformat and clean install of windows was recommended, not a system repair.
Windows Helpnet (http://www.windowsbbs.com/) <-- Excellent XP Forum
PcPitStop (http://pcpitstop.com/) <-- You can take your system in for a checkup here.
When your done and up and running, post back and I will link you to some free programs to install that can help block most of this garbage from installing.
Good Luck,
Ken:)
Leopold the Bold
2009-03-10, 21:05
Okay, I'll post at WindowsBBS and let you know how it goes. Thank you very much for your help. If it weren't for volunteer forums like these, we'd be completely on our own.
I'll post back when it's (hopefully) fixed.
Thanks again!
~Leopold
Leo,
I found out that even though the files from your burner are infected, as long as it works you can back up your files to a CD safely.
.exe, .scr or .html <---You just cant back up any files with these extensions. So go ahead and back up any photos, word docs and such and you should be ok
Leopold the Bold
2009-03-15, 01:26
Hello,
Just writing back to let you know I completed the clean reformat and install of Windows. We backed up all her important files, scanned them with Kaspersky, and then moved them over to the offline storage. All that is left to do now is move them back and see what happens.
We have installed Avast Anti-Virus, Online Armor Firewall, Spybot S&D, and Ad-Aware. You said before that you had some other programs that can prevent some of this stuff from installing itself. Any others besides the ones I've listed that will add protection without slowing the computer?
Thanks for all your help! These forums are the best.
~Leopold
Leopold
Thanks so much for posting back and keeping me up to date. You will be so much better off with the clean install of windows.
How did I get infected in the first place ? Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster and Spyware Guard, they will conflict with the TeaTimer in Spybot , you can still install Spybot Search and Destroy but do not enable the TeaTimer .
Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
Spybot Search and Destroy 1.6 (http://www.safer-networking.org/en/download/)
Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
Spyware Blaster (http://www.javacoolsoftware.com/spywareblaster.html) It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
Spyware Guard (http://www.javacoolsoftware.com/spywareguard.html) It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
IE-Spyad (http://www.pcworld.com/downloads/file/fid,23332-order,1-page,1-c,antispywaretools/description.html)
IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
Firefox 3 (http://www.mozilla.org/products/firefox/) It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
Any other questions, please post back, I would try in explain anything to you that I can.
Safe Surfn
Ken
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.