Jump to content

userinit.exe and explorer.exe trojan infected, explorer.exe doesn't load.


Antony

Recommended Posts

Hey. I used a different guide on the forum to get rid of viruses I had and that all worked, so thanks for that. My anti virus (AVG Internet security) keeps saying userinit.exe, explorer.exe. winlogon.exe and alg.exe and infected with trojans, yet I can't seem to disinfect them. I'm guessing the infection is the reason explorer.exe and my welcome screen/user logon doesn't automatically load. My background loads then I have to press ctrl alt del and run explorer.exe as a task to get it loaded.

Here are my logs:

Malwarebytes' Anti-Malware 1.34

Database version: 1802

Windows 5.1.2600 Service Pack 3

26/02/2009 10:44:41

mbam-log-2009-02-26 (10-44-41).txt

Scan type: Quick Scan

Objects scanned: 65781

Time elapsed: 5 minute(s), 44 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

=============================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:45:53, on 26/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgfws8.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\explorer.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\PROGRA~1\AVG\AVG8\aAvgApi.exe

C:\WINDOWS\system32\notepad.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isohunt.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R3 - URLSearchHook: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\explorer.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194776829765

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: EasyHideIP - Unknown owner - C:\Program Files\Easy-Hide-IP\services\EasyHideIp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--

End of file - 8570 bytes

Link to post
Share on other sites

  • Root Admin

See if you can run one of these. You may have a file infecting virus.

Please download to your Desktop: Dr.Web CureIt

  • After the file has downloaded, disable your current Anti-Virus and disconnect from the Internet
  • Doubleclick the drweb-cureit.exe file, then click the Start button, then the OK button to perform an Express Scan.
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it.
  • Once the short scan has finished, Click on the Complete scan radio button.
  • Then click on the Settings menu on top, the select Change Settings or press the F9 key. You can also change the Language
  • Choose the Scanning tab and I recomend leaving the Heuristic analysis enabled (this can lead to False Positives though)
  • On the File types tab ensure you select All files
  • Click on the Actions tab and set the following:
    • Objects Infected objects = Cure, Incurable objects = Move, Suspicious objects = Report
    • Infected packages Archive = Move, E-mails = Report, Containers = Move
    • Malware Adware = Move, Dialers = Move, Jokes = Move, Riskware = Move, Hacktools = Move
    • Do not change the Rename extension - default is: #??
    • Leave the default save path for Moved files here: %USERPROFILE%\DoctorWeb\Quarantine\
    • Leave prompt on Action checked

    [*]On the Log file tab leave the Log to file checked.

    [*]Leave the log file path alone: %USERPROFILE%\DoctorWeb\CureIt.log

    [*]Log mode = Append

    [*]Encoding = ANSI

    [*]Details Leave Names of file packers and Statistics checked.

    [*]Limit log file size = 2048 KB and leave the check mark on the Maximum log file size.

    [*]On the General tab leave the Scan Priority on High

    [*]Click the Apply button at the bottom, and then the OK button.

    [*]On the right side under the Dr Web Anti-Virus Logo you will see 3 little buttons. Click the left VCR style Start button.

    [*]In this mode it will scan Boot sectors of all disks, All removable media, and all local drives

    [*]The more files and folders you have the longer the scan will take. On large drives it can take hours to complete.

    [*]When the Cure option is selected, an additional context menu will open. Select the necessary action of the program, if the curing fails.

    [*]Click 'Yes to all' if it asks if you want to cure/move the files.

    [*]This will move it to the %USERPROFILE%\DoctorWeb\Quarantine\ folder if it can't be cured. (in this case we need samples)

    [*]After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list

    [*]Save the report to your Desktop. The report will be called DrWeb.csv

    [*]Close Dr.Web Cureit.

    [*]Reboot your computer!! Because it could be possible that files in use will be moved/deleted during reboot.

    [*]After reboot, post the contents of the log from Dr.Web you saved previously to your Desktop in your next reply with a new hijackthis log.

    drweb.jpg

OR if you can't run that, then try this.

Avira AntiVir Rescue System

Requires access to a working computer with a CD/DVD burner to create a bootable CD.

  • Download the
    Avira AntiVir Rescue System
    from
    here
  • Place a blank CD in your burner and double-click on the downloaded file.

  • The program will automatically burn the CD for you.

  • Place the burned CD into the affected computer and start the computer from this CD.

  • On the bottom left side of the screen there are 2 flags. Using your mouse click on the British flag to use English.

  • Click on the
    Configuration
    button.

    • Select
      Scan all files
    • Select
      Try to repair infected files
      and
      Rename files, if they cannot be removed

    • Select
      Scan for dialers

    • Select
      Scan for joke programs (Jokes)

    • Select
      Scan for games

    • Select
      Scan for spyware (SPR)

    [*]
    Click on
    Virus scanner

    [*]
    Click on
    Start scanner
    at the bottom of the screen

    [*]
    Currently the program does not support saving a log. Write down the amount of items for Records, Suspect files, and Warnings

The Avira AntiVir Rescue System is a Linux-based application that allows accessing computers that cannot be booted anymore and is updated several times a day so that the most recent security updates are always available.

Screen resolution problems

Please see the post
here
if you're unable to view the entire screen of Avira.
Link to post
Share on other sites

Right did it, sorry it took so long. Here are the logs :rolleyes:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:28:20, on 26/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgfws8.exe

C:\Program Files\Easy-Hide-IP\services\EasyHideIp.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Easy-Hide-IP\services\EasyHideIP-Server2\Easy-Hide-IPS2.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Easy-Hide-IP\services\EasyHideIP-Server2\EasyHideIP-Server2.exe

C:\Program Files\Easy-Hide-IP\services\EasyHideIP-Server1\EasyHideIP-Server1.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Microsoft Office\Office10\EXCEL.EXE

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\PROGRA~1\AVG\AVG8\aAvgApi.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.isohunt.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

R3 - URLSearchHook: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

F2 - REG:system.ini: UserInit=C:\WINDOWS\explorer.exe,

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files\isoHunt\tbiso1.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194776829765

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: EasyHideIP - Unknown owner - C:\Program Files\Easy-Hide-IP\services\EasyHideIp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--

End of file - 9090 bytes

==============================

ComboFix.exe/data002\32788R22FWJFW\c.bat;C:\Documents and Settings\cashgen1\Desktop\ComboFix.exe/data002;Probably BATCH.Virus;;

ComboFix.exe/data002\32788R22FWJFW\psexec.cfexe;C:\Documents and Settings\cashgen1\Desktop\ComboFix.exe/data002;Program.PsExec.171;;

data002;C:\Documents and Settings\cashgen1\Desktop;Archive contains infected objects;;

ComboFix.exe;C:\Documents and Settings\cashgen1\Desktop;Container contains infected objects;Moved.;

WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000\sprtsync.dll;C:\Program Files\Common Files\Wise Installation Wizard\WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000;Probably DLOADER.Trojan;;

WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000\modem_common.js;C:\Program Files\Common Files\Wise Installation Wizard\WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000;Probably SCRIPT.Virus;;

WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000\sma_common.js;C:\Program Files\Common Files\Wise Installation Wizard\WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000;Probably SCRIPT.Virus;;

WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000\sprtupdate.dll;C:\Program Files\Common Files\Wise Installation Wizard\WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI/stream000;Probably DLOADER.Trojan;;

stream000;C:\Program Files\Common Files\Wise Installation Wizard;Archive contains infected objects;;

WISD084B1A9153B409DAEBFC40FCEF925EA_2_0_12.MSI;C:\Program Files\Common Files\Wise Installation Wizard;Archive contains infected objects;Moved.;

isignup.exe;C:\Program Files\Internet Explorer\Connection Wizard;Trojan.Packed.140;Deleted.;

modem_common.js;C:\Program Files\TalkTalk\agentcommon\inc;Probably SCRIPT.Virus;;

sma_common.js;C:\Program Files\TalkTalk\agentui\snapins\preferences;Probably SCRIPT.Virus;;

sprtsync.dll;C:\Program Files\TalkTalk\bin;Probably DLOADER.Trojan;;

sprtupdate.dll;C:\Program Files\TalkTalk\bin;Probably DLOADER.Trojan;;

xccdfb16_090131.dll.vir;C:\Qoobox\Quarantine\C\WINDOWS\system32\INF;Trojan.Hitpop.1898;Deleted.;

A0000051.bat;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP1;Probably BATCH.Virus;;

A0000120.bat;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2;Probably BATCH.Virus;;

A0000176.MSI/stream000\sprtsync.dll;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2\A0000176.MSI/stream000;Probably DLOADER.Trojan;;

A0000176.MSI/stream000\modem_common.js;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2\A0000176.MSI/stream000;Probably SCRIPT.Virus;;

A0000176.MSI/stream000\sma_common.js;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2\A0000176.MSI/stream000;Probably SCRIPT.Virus;;

A0000176.MSI/stream000\sprtupdate.dll;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2\A0000176.MSI/stream000;Probably DLOADER.Trojan;;

stream000;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2;Archive contains infected objects;;

A0000176.MSI;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2;Archive contains infected objects;Moved.;

A0000177.exe;C:\System Volume Information\_restore{35BD6E88-AA22-4215-BF41-928064C5F3FE}\RP2;Trojan.Packed.140;Deleted.;

stub_fpsrvadm.exe;C:\WINDOWS\ServicePackFiles\i386;Probably Trojan.Packed.189;;

FrostWire.exe;U:\Applications\FrostWire;Trojan.Packed.140;Deleted.;

FPSRVADM.EXE;U:\Antony\office\cd1\FILES\PFILES\FP98\VER3\BIN;Probably Trojan.Packed.189;;

Link to post
Share on other sites

  • Root Admin

Disable and Enable System Restore-WINDOWS XP

This is a good time to clear your existing system restore points and establish a new clean restore point:

Turn off System Restore

  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply, and then click OK.
  • Reboot.

Turn ON System Restore

  • On the Desktop, right-click My Computer.
  • Click Properties.
  • Click the System Restore tab.
  • UN-Check *Turn off System Restore*.
  • Click Apply, and then click OK.

This will remove all restore points except the new one you just created.

Then do an online AV scan.

Run Kaspersky Online AV Scanner

Using Internet Explorer Go to http://www.kaspersky.com/kos/eng/partner/d...kavwebscan.html and click the Accept button at the end of the page.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

  • Read the Requirements and limitations before you click Accept.
  • Allow the ActiveX download if necessary.
  • Once the database has downloaded, click Next.
  • Click Scan Settings and change the "Scan using the following antivirus database" from standard to extended and then click OK.
  • Click on "My Computer" and then put the kettle on!
  • When the scan has completed, click Save Report As...
  • Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
  • Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Copy and paste the report into your next reply along with a fresh HJT log and a description of how your PC is behaving.

Link to post
Share on other sites

Right, when I turn the comp on and it loads, usually there's the blue welcome screen where you click which account you'd like to go on, that doesn't appear (I've checked and it's enabled) instead a windows box comes up with username and password spaces, the standard one. I type my username and click to logon, it loads my background but that's all, if I press ctrl alt del all the normal services are running except for 'explorer.exe'. I have to click start task and then type explorer.exe to actually load anything. Once I type that everything loads as normal, but AVG keeps popping up 'threat detected' and a trojan of some sort, it changes the file infected between userinit.exe explorer.exe and winlogon.exe. Also half the time when it loads explorer DEP shuts down a program called 'Run a DLL as an app', butI've no idea what that is exactly..

Here are my logs:

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7 REPORT

Friday, February 27, 2009

Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)

Kaspersky Online Scanner 7 version: 7.0.25.0

Program database last update: Friday, February 27, 2009 12:44:12

Records in database: 1852156

--------------------------------------------------------------------------------

Scan settings:

Scan using the following database: extended

Scan archives: yes

Scan mail databases: yes

Scan area - My Computer:

C:\

D:\

E:\

F:\

Scan statistics:

Files scanned: 78894

Threat name: 3

Infected objects: 1088

Suspicious objects: 0

Duration of the scan: 01:48:27

File name / Threat name / Threats count

C:\HP\KBD\KBD.EXE/C:\HP\KBD\KBD.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\hkcmd.exe/C:\WINDOWS\system32\hkcmd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ALCWZRD.EXE/C:\WINDOWS\ALCWZRD.EXE Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Local Settings\temp\jkos-cashgen1\binaries\ScanningProcess.exe/C:\Documents and Settings\cashgen1\Local Settings\temp\jkos-cashgen1\binaries\ScanningProcess.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Application Data\U3\temp\Launchpad Removal.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Desktop\Junk\fs101\FinalSun.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Desktop\Junk\fs101\smuninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Desktop\Junk\MagicISO Maker v5.5 (Build 265) [bRAiGHTLiNG Crack][h33t][matt14]\MagicISO.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Local Settings\temp\jkos-cashgen1\binaries\ScanningProcess.exe Infected: Virus.Win32.Virut.ce 1

C:\Documents and Settings\cashgen1\Local Settings\temp\SSUPDATE.EXE Infected: Virus.Win32.Virut.ce 1

C:\hp\drivers\display\AddDevicePath.exe Infected: Virus.Win32.Virut.ce 1

C:\hp\drivers\keyboard\PS2.EXE Infected: Virus.Win32.Virut.ce 1

C:\hp\drivers\tvtuner\AddDevicePath.exe Infected: Virus.Win32.Virut.ce 1

C:\hp\KBD\RunReg.exe Infected: Virus.Win32.Virut.ce 1

C:\hp\KBD\static\Common\hpkey.exe Infected: Virus.Win32.Virut.ce 1

C:\KBDSW\pav_ps2\PS2.EXE Infected: Virus.Win32.Virut.ce 1

C:\KBDSW\pre_ps2\PS2.EXE Infected: Virus.Win32.Virut.ce 1

C:\KBDSW\Setup\setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Adobe AIR\Versions\1.0\template.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Driver\7\Intel 32\IDriver.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_02.b06\launcher.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_02.b06\zipper.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\launcher.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\zipper.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\launcher.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_05.b13\zipper.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\launcher.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_07.b06\zipper.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Microsoft Shared\MSInfo\OFFPRV10.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\SrchAdmStp.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Motive\InstallHelper.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\PCSuite\Services\NclBTHandler.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\System\Mapi\1033\SCANPST.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Teleca Shared\Generic.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Common Files\Teleca Shared\SequentialStarter.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\CyberLink\Common\UpdateIPR.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\CyberLink\PowerDVD\cltest.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\CyberLink\PowerDVD\dvdrgn.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\CyberLink\PowerDVD\PowerDVD.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\DAEMON Tools Lite\daemon.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\DivX\DivX Codec\config.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\C&C3\# readme #\DVD Mini-Image\YASU.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2\Sims2_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2\Support\The Sims 2_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2\Support\The Sims 2_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Bon Voyage\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Bon Voyage\Support\The Sims 2 Bon Voyage_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Bon Voyage\Support\The Sims 2 Bon Voyage_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Bon Voyage\TSBin\TS2UPD.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Celebration! Stuff\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Celebration! Stuff\Support\The Sims 2 Celebration Stuff_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Family Fun Stuff\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Family Fun Stuff\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Family Fun Stuff\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Family Fun Stuff\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Family Fun Stuff\Support\The Sims 2 Family Fun Stuff_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Nightlife\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Nightlife\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Nightlife\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Nightlife\Support\The Sims 2 Nightlife_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Nightlife\Support\The Sims 2 Nightlife_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\Sims2EP4_Uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Pets\TSBin\TS2UPD.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Seasons\Sims2EP5_Uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Seasons\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Seasons\Support\The Sims 2 Seasons_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Seasons\Support\The Sims 2 Seasons_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Seasons\TSBin\TS2UPD.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Teen Style Stuff\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Teen Style Stuff\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Teen Style Stuff\Sims2SP6_Uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 Teen Style Stuff\Support\The Sims 2 Teen Style Stuff_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\CSBin\TS2BodyShop.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\eauninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\Sims2EP1_uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\Support\EasyInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\Support\EReg.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\Support\go_ez.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\EA Games\The Sims 2 University\Support\The Sims 2 University_code.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Electronic Arts\SPORE\Sporebin\SporeApp.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\GameSpy Arcade\Aphex.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\GameSpy Arcade\fpupdate.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\GameSpy Arcade\UNWISE.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Hasbro\Monopoly by Parker Brothers\MonopolyPB.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Hasbro\Monopoly by Parker Brothers\UNWISE.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Hide IP NG\guardian.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\InstallShield Installation Information\{8E1DCD15-C9F1-49CE-807B-198C8241EB6B}\Setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\1.02.0000\setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\InstallShield Installation Information\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}\setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\InstallShield Installation Information\{D41FAAA9-8048-4906-86B2-9AADEA1FA0B7}\Setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\java-rmi.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\javacpl.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\keytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\klist.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\orbd.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\policytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\rmiregistry.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\servertool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\tnameserv.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_02\bin\unpack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\java-rmi.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\java.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\javacpl.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\javaws.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\klist.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\ktab.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\pack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\policytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\rmid.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\rmiregistry.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\servertool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\tnameserv.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_03\bin\unpack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\java.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\javacpl.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\javaws.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\keytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\kinit.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\klist.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\orbd.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\policytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\rmiregistry.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\servertool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\tnameserv.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_05\bin\unpack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\java-rmi.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\keytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\klist.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\ktab.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\pack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\policytool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\rmid.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\rmiregistry.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\servertool.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\tnameserv.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Java\jre1.6.0_07\bin\unpack200.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\K-Lite Codec Pack\Filters\ac3config.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\K-Lite Codec Pack\Filters\Haali\gdsmux.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\K-Lite Codec Pack\Tools\graphedit.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\K-Lite Codec Pack\Tools\StatsReader.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\CleanupDS9\CleanupDS9.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\CleanupQC10\CleanupQC10_64.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\CleanupQCam9\CleanupQC9.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\HWTools\lvcomt.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\IS6Engine\knlwrap.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\IS6Engine\Setup.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\LvAudInfo.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\MiscTools\CleanINF.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\MiscTools\ShutDown.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Labtec\WebCamWebInstall\techsupt\RemoveAEC\RemoveAEC32.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MagicDisc\MagicDisc.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MagicISO\MagicISO.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Messenger\msmsgs.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Microsoft Office\Office10\MCDLC.EXE Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Movie Maker\moviemk.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\MSN Gaming Zone\Windows\zClientm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Nokia\Connectivity Cable Driver\setupext.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Outlook Express\msimn.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Outlook Express\oemig50.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Outlook Express\setup50.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Outlook Express\wab.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Outlook Express\wabmig.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Plato Video To 3GP Converter\videoto3gp.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sierra\FEAR\Config.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sierra\FEAR\FEARMP.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sierra\FEAR\FEARServer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\File Manager\dmassist.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\File Manager\FMObexServer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Networking Wizard\mnadmin.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Networking Wizard\mngui.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\caleditatl.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\catcheventatl.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\closedbgout.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\dbgout.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\setregsecurity.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\ToshibaBTServer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Notifier\Notifier.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\DXP Pim.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\DXP SyncML.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\SyncController.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\SyncEngineApp.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\SyncIndicator.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\SyncMLDesktopServer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Sync Manager\SyncStarter.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Telecalib\Log Settings\LogSettings.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Sony Ericsson\Mobile2\Tools\SyncDebug.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\SUPERAntiSpyware\BootSafe.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\SUPERAntiSpyware\SSUpdate.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\SupportSoft\bin\cont.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\SupportSoft\bin\tgfix.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\TalkTalk\agentui\bcont.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\TalkTalk\bin\sdckillw.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\TalkTalk\bin\sprtcmd.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\TalkTalk\bin\tgshell.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Thomson\SpeedTouch USB\tools\regutil.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Journal Viewer\jntview.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Connect 2\wmccds.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Connect 2\WMCCFG.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\migrate.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\mplayer2.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmdbexport.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmlaunch.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmpenc.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmplayer.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmpnetwk.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmpnscfg.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmpshare.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows Media Player\wmsetsdk.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows NT\Accessories\wordpad.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows NT\hypertrm.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Windows NT\Pinball\pinball.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\WinRAR\Rar.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\WinRAR\RarExtLoader.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Zoom\Adsl\DslStatus.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Zoom\Adsl\GsiInst.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Zoom\Adsl\uninstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Program Files\Zoom\Install\ZoomInstall.exe Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\afisicx.exe.vir Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\alg.exe.vir Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\INF\rundll33.exe.vir Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\mabidwe.exe.vir Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\soxpeca.exe.vir Infected: Virus.Win32.Virut.ce 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\tpszxyd.sys.vir Infected: Trojan.Win32.Agent.bsln 1

C:\Qoobox\Quarantine\C\WINDOWS\system32\udxfytw.sys.vir Infected: Trojan-Clicker.Win32.VB.ctj 1

C:\WESTWOOD\Internet\UninstAP.exe Infected: Virus.Win32.Virut.ce 1

C:\WESTWOOD\Internet\UnstllAP.exe Infected: Virus.Win32.Virut.ce 1

C:\WESTWOOD\PLANETWW\REGISTER.EXE Infected: Virus.Win32.Virut.ce 1

C:\WESTWOOD\PLANETWW\WUPDATE.EXE Infected: Virus.Win32.Virut.ce 1

C:\WESTWOOD\SUN\UNINST.EXE Infected: Virus.Win32.Virut.ce 1

C:\WESTWOOD\SUN\Uninstll.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB885835\update\update.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB885836\update\update.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB886185\update\update.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB887472\update\update.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB888302\update\update.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB939653-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB942615-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB944533-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB947864-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB950759-IE7\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB951978\SP3QFE\cscript.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB953838-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB955839\SP3QFE\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB956390-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB958215-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$hf_mig$\KB961260-IE7\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\accwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\actmovie.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\admin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ahui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\alg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\at.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\attrib.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\auditusr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\author.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cacls.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cisvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\clipbrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\clipsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cmd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cmmon32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\comrepl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\conime.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\cscript.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ddeshare.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dialer.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\diskpart.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dllhost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dmremote.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dumprep.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\dwwin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\evntwin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\findstr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fontview.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fp98swin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fpcount.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fpremadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ftp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fxscover.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\fxssvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\grpconv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\help.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\helpsvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\hh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\hscupd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\icwconn2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\icwrmind.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\imapi.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\inetwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ipv6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ipxroute.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\logman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\logonui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\lsass.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\magnify.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\makecab.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\migregdb.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\migwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mobsync.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mofcomp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\moviemk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mplay32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mplayer2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\msdtc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\msiexec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\msimn.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\msiregmv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\msoobe.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\mspaint.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\narrator.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\nddeapir.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\net.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\netsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\netstat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ntvdm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\odbcad32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\odbcconf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\oemig50.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\oobebaln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\perfmon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\pinball.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ping.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\pintlphr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\powercfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\proquota.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\qprocess.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rasphone.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rcp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rdshost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\reg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rexec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rtcshare.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\rundll32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\runonce.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\savedump.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\scardsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\scrcons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\scrnsave.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\services.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sessmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sethc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\setup50.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\shmgrate.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\shrpubw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\shutdown.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sigverif.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\skeys.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\spoolsv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ssmarque.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ssmypics.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ssmyst.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sspipes.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ssstars.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sstext3d.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\svchost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\tcptest.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\telnet.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\tourstart.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\tourstrt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\tracert.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\upnpcont.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\ups.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\userinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\utilman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\verclsid.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wbemtest.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wextract.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\winver.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wmiadap.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wordpad.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wscntfy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wscript.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\xcopy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtServicePackUninstall$\xpnetdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB887472$\msmsgs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB896428$\telnet.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB938828$\explorer.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB939653$\iedw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB951072-v2$\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB951978$\cscript.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB952069_WM9$\logagent.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallKB955839$\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallWMFDist11$\logagent.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ALCFDRTM.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ALCMTR.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ALCWZRD.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Drivers\Motorola\remove.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Drivers\Old Drivers\WebSTAR\undpxall.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Drivers\WebSTAR\UNDPX2K.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ERDNT\Hiv-backup\ERDNT.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\fdsv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\grep.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\hh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7\iedw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7\mshta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7\spuninst\ieResetIcons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB939653-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB944533-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB944533-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB944533-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB947864-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB956390-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB956390-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB956390-IE7\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB958215-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB961260-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ie7updates\KB961260-IE7\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\inf\unregmp2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{43DCF766-6838-4F9A-8C91-D92DA586DFA8}\_C68C351F090F4EF39AFB6B7B54014C9E.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}\icon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\fpicon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\outicon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\wordicon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\xlicons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\IsUninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\MicCal.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_regsql.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CasPol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\dfsvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\IEExec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\InstallUtil.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\jsc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\RegAsm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\msagent\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\NIRCMD.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\notepad.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\pchealth\helpctr\binaries\HelpHost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\pchealth\helpctr\binaries\notiflag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\RTHDCPL.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\RTLCPL.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\RtlUpd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\sed.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\actmovie.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\admin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\alg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\at.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\atmadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\auditusr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\author.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\blastcln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cacls.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cfgwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cisvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cleanmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cliconfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\clipbrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\clipsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cmd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cmdl32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cmmon32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\cmstp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\comrepl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\conf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\conime.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\diantz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\diskpart.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dmadmin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dumprep.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dwwin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\dxdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\eudcedit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\evntwin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\faxpatch.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fltmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fontview.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fp98swin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fpadmcgi.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fpremadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fpsrvadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ftp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fxsclnt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fxscover.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\fxssvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\grpconv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\help.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\helpctr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\helpsvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\hh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\hscupd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\icwconn2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\iedw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\iexpress.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\imapi.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\inetwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ipconfig.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ipv6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ipxroute.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\irftp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\cintsetp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\cplexe.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjpdct.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjpdsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjpinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjpmig.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjprw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imjputy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\imscinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\pintlphr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lang\tintsetp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lhmstsc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\lsass.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\magnify.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\makecab.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\migregdb.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\migwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\migwiza.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\mmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\mmcperf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\moviemk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\mshta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\msiexec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\msmsgs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\msoobe.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\mspaint.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\mtstocom.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\muisetup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\napstat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\nddeapir.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\net.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\net1.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\notepad.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\nppagent.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\nslookup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ntvdm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\odbcconf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\osk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\packager.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\perfmon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\pinball.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\progman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\proxycfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\qprocess.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\rcimlby.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\rcp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\rdpclip.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\reg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\regedit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\rsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\rundll32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\runonce.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\savedump.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\scardsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\scrcons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\scrnsave.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sdbinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\services.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sessmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sethc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\setup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\setup50.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\setupn.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\shutdown.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\skeys.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\slserv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\smlogsvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sndrec32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\spider.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\spnpinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\spoolsv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ssflwbox.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\ssmyst.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sspipes.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sstext3d.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\stimon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\svchost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\sysocmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\taskmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\tcptest.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\telnet.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\tourstrt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\tp4mon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\tracert.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\upnpcont.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\vssvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wab.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wabmig.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wbemtest.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wextract.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\winhlp32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wmiadap.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wordpad.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wscntfy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wuauclt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\xcopy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\i386\xpnetdg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\ServicePackFiles\ServicePackCache\i386\msmsgs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\setdebug.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SoftwareDistribution\Download\0eda838ef8ec599d822155030a70ecac\SP2GDR\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SoftwareDistribution\Download\0eda838ef8ec599d822155030a70ecac\SP2GDR\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SoftwareDistribution\Download\0eda838ef8ec599d822155030a70ecac\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SoftwareDistribution\Download\0eda838ef8ec599d822155030a70ecac\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SOUNDMAN.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SWSC.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\SWXCACLS.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\accwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ahui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ALIEHCI\CheckDev.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\arp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\atmadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\attrib.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\auditusr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\blastcln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\cacls.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\calc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\charmap.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\chkdsk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ckcnv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\cmmon32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Com\comrepl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Com\comrereg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\compact.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\convert.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ddeshare.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dfrgntfs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\diantz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\diskpart.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\diskperf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\DivXsm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\actmovie.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\agentsvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ahui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\at.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\atmadm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\auditusr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\bckgzm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\bootvrfy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\cacls.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\calc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\cb32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\change.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\chglogon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\chkdsk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\chkntfs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\chkrzm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\cidaemon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\cintsetp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ckcnv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\clipbrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\comp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\comrepl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\conime.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\control.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\convert.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\cprofile.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dcomcnfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dfrgfat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\diantz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\diskpart.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\diskperf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dmremote.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\doskey.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dplaysvr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\drwtsn32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dvdplay.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\dxdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\esentutl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\eudcedit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\eventvwr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\expand.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\extrac32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\fc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\find.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\findstr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\finger.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\fixmapi.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\freecell.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\fsquirt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\fsutil.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ftp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\fxssend.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\grpconv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\help.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\helphost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\hostname.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\hrtzzm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\hscupd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ie4uinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\iedw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\imepadsv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\imjpdct.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\imkrinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ipconfig.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ipsec6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ipv6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ipxroute.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\isignup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\logman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\lpq.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\lpr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\makecab.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\migisol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\migload.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\migrate.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\migwiza.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\migwiz_a.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\mmcperf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\mountvol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\mplayer2.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\msg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\mshearts.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\msswchx.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\mstinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\napstat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\net.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\netsetup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\notiflag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\nppagent.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ntsd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\odbcconf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\oobebaln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\pathping.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\ping.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\powercfg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\qappsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\query.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\qwinsta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rasautou.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rasdial.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rcimlby.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rcp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\recover.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\reg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\route.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\routemon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rsm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rsmui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rsvp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\runas.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\rwinsta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\scrcons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\sdbinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\setup_wm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\shadow.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\shrpubw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\shutdown.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\shvlzm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\skeys.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\slrundll.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\slserv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\sol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\sort.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\spnpinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\stimon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\subst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\syskey.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\systray.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\taskman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tcpsvcs.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\telnet.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tracert.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tscon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tsdiscon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tsprof.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\tsshutdn.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\twunk_32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\unlodctr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\unsecapp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\upnpcont.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\usrmlnka.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\usrprbda.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\usrshuta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\utilman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\verifier.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\vssadmin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\w32tm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wb32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wbemtest.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\winmgmt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\winmine.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wmplayer.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wpabaln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wuauclt1.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\wupdmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\xcopy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dllcache\zclientm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dpvsetup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\drmupgds.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\drwtsn32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dumprep.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dvdupgrd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dwwin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dxdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\dxdllreg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\esentutl.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\eudcedit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\find.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\findstr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fixmapi.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fltmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fontview.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\forcedos.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\freecell.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fsquirt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\fsutil.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\GkSui20.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\grpconv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\help.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\hkcmd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\hostname.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ieudinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\igfxdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\igfxext.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ipv6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\jdbgmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\jview.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\lodctr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\logagent.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\logman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\lpq.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\lpr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\makecab.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\MAPISRVR.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mmc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mmcperf.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mnmsrvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mobsync.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mplay32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mpnotify.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\msdtc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\msg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mshearts.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mshta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\msiexec.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\msswchx.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mstinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\mstsc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\napstat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\narrator.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\nbtstat.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\nddeapir.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\net.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\net1.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\netdde.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\netsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\notepad.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\nslookup.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ntsd.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ntvdm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\odbcad32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\oobe\msoobe.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\osk.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\osuninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\pentnt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ping6.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\print.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\proquota.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ps2.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\qappsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\qprocess.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\qwinsta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rasdial.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rasphone.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rcp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rdpclip.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rdsaddin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rdshost.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\recover.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\reg.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\regedt32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\regini.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\replace.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\reset.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Restore\rstrui.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Restore\srdiag.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rmusb20.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\route.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\routemon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rsh.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rsm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rsmsink.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rsvp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rtcshare.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rundll32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\runonce.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\rwinsta.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\savedump.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sdbinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sessmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\setupn.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sfc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\shadow.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\shrpubw.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sigverif.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\skeys.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\slrundll.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\slserv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sol.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sort.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\spider.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\spupdwxp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ss3dfo.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ssbezier.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ssmarque.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ssmyst.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sspipes.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ssstars.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\sstext3d.scr Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\subst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\systray.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\taskman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\taskmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\tftp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\tscon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\tsdiscon.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\tsshutdn.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\tzchange.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\unlodctr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\Unusb20.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\upnpcont.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\ups.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\URTTEMP\regtlib.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\userinit.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\usmt\migload.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\usmt\migwiz.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\usmt\migwiz_a.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\usrprbda.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\utilman.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\vssadmin.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\vssvc.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\w32tm.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\scrcons.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\unsecapp.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\winmgmt.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\wmiadap.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wbem\wmiprvse.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wiaacmgr.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\WinFXDocObj.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\winhlp32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\winmine.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wisptis.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wjview.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wpabaln.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wpdshextautoplay.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wpnpinst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\write.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\wscntfy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\system32\xcopy.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\TASKMAN.EXE Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\twunk_32.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\uninst.exe Infected: Virus.Win32.Virut.ce 1

C:\WINDOWS\zip.exe Infected: Virus.Win32.Virut.ce 1

The selected area was scanned.

===============================================================

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:09:40, on 27/02/2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16791)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgfws8.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\Program Files\AVG\AVG8\avgcsrvx.exe

C:\WINDOWS\explorer.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\PROGRA~1\AVG\AVG8\aAvgApi.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = socks=

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab

O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/Facebo...toUploader3.cab

O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/inst...ctDetection.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1194776829765

O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe

--

End of file - 8128 bytes

Link to post
Share on other sites

  • Root Admin

Hello.

The Virut virus is a file infector infection. Most experts suggest a format/reinstall.

Virut File Infector Warning

Your system is infected with the Win32.Virut virus.
Virus:Win32 VIRUT

Your system is infected with a polymorphic file infector called Virut. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr) and also web pages (.html and .htm). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. As of now, security experts suggest that a clean reformat is the only way to clean the infection and it is the only way to return the machine to its normal working state.

Backup all your documents and important items (personal data, work documents, etc) only.
DO NOT
backup any executable files (softwares) and screensavers (*.scr) or any web pages (*.html or *.htm). It attempts to infect any accessed .exe or .scr or .html/.htm files by appending itself to the executable.

Also, try to avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

Disconnect it from any Network and do not share external USB drives or similar devices with any other computer as it can easily infect them as well if they're not protected from this Virus.
Link to post
Share on other sites

  • Root Admin

Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.