Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virtumundo, Browser Hijacks, Adware, Lot More


  • This topic is locked This topic is locked
15 replies to this topic

#1 Equal

Equal

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 05 June 2008 - 04:27 PM

Experiencing a slow computer, viruses that keep coming back and browser hijacks.

Deckard's System Scanner v20071014.68
Run by kasutaja on 2008-06-06 00:18:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------

System Drive C: has 0.31 GiB (less than 15%) free.


-- HijackThis (run as kasutaja.exe) --------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:21, on 2008-06-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe
D:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\kasutaja\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\kasutaja.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O1 - Hosts: 66.232.107.194 update.nprotect.com
O1 - Hosts: 66.232.107.194 update.nprotect.net
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: (no name) - {073E49FF-82C0-4504-AAE9-D374FD54E583} - C:\WINDOWS\system32\aWOedBSL.dll (file missing)
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - (no file)
O2 - BHO: (no name) - {25BFD0EA-D83E-43DD-A075-DC38FC37FE10} - C:\WINDOWS\system32\byXPFUKe.dll (file missing)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
O2 - BHO: (no name) - {7399564A-5534-4B7A-8CB0-6F76A68427FD} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8AE9E66D-2B59-4B43-8936-B4520EE28E7D} - C:\WINDOWS\system32\vtUMDTNd.dll (file missing)
O2 - BHO: (no name) - {9258AF6C-9CFC-42EC-BA0C-CC727B7C66A0} - C:\WINDOWS\system32\yayaXrqO.dll (file missing)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [Spybot - Search & Destroy] "D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKLM\..\RunOnce: [SpybotDeletingA4810] command /c del "C:\WINDOWS\system32\kximsxxj.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC5685] cmd /c del "C:\WINDOWS\system32\kximsxxj.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA5671] command /c del "C:\WINDOWS\system32\pvtvjcll.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3072] cmd /c del "C:\WINDOWS\system32\pvtvjcll.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA4142] command /c del "C:\WINDOWS\system32\vtUMDTNd.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC3582] cmd /c del "C:\WINDOWS\system32\vtUMDTNd.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA3135] command /c del "C:\WINDOWS\system32\yayaXrqO.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4138] cmd /c del "C:\WINDOWS\system32\yayaXrqO.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-606747145-838170752-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe
O8 - Extra context menu item: &Download All with FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: TrioBet Poker - {019BB34E-96AC-4aa7-A5DE-3CC7442D4E38} - C:\Microgaming\Poker\TriobetMPP\MPPoker.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\kasutaja\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - D:\Program Files\CarbonPoker\Poker.exe (file missing) (HKCU)
O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914008796
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914002562
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} - http://file.netmarble.jp/Control/NMJTransX.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/TrioBet/FlashAX.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - D:\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - D:\Abyss.exe (file missing)
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 13203 bytes

-- Files created between 2008-05-06 and 2008-06-06 -----------------------------

2008-06-06 00:19:17 0 d-------- C:\Program Files\Trend Micro
2008-06-05 22:48:29 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-06-05 20:50:48 0 d-------- C:\Program Files\Realtek AC97
2008-06-05 13:57:30 12352 --a------ C:\WINDOWS\system32\dfnrquhm.exe
2008-06-04 11:23:34 1669462 --ahs---- C:\WINDOWS\system32\fdrmkudf.ini2
2008-06-04 11:23:24 11840 --a------ C:\WINDOWS\system32\usiiiroi.exe
2008-06-04 11:18:47 0 dr-h----- C:\Documents and Settings\kasutaja\Recent
2008-06-04 11:12:57 0 d-------- C:\WINDOWS\Prefetch
2008-06-04 10:37:24 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-03 15:58:40 0 d--hs---- C:\$RECYCLE.BIN
2008-05-28 14:08:17 412536 --ahs---- C:\WINDOWS\system32\OqrXayay.ini2
2008-05-28 13:11:46 12352 --a------ C:\WINDOWS\system32\pyoxjeci.exe
2008-05-27 12:34:03 279262 --ahs---- C:\WINDOWS\system32\dNTDMUtv.ini2
2008-05-27 08:38:15 12352 --a------ C:\WINDOWS\system32\akfvirtq.exe
2008-05-26 20:34:12 814 --a------ C:\WINDOWS\system32\dsldpugr.dll
2008-05-26 20:33:16 296389 --ahs---- C:\WINDOWS\system32\eKUFPXyb.ini2
2008-05-25 18:14:44 0 d-------- C:\Program Files\Common Files\SourceTec
2008-05-25 15:04:07 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Command & Conquer 3 Kane's Wrath
2008-05-22 18:28:38 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Orbit
2008-05-20 22:18:29 0 d-------- C:\spoolerlogs
2008-05-19 13:21:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-12 19:56:12 0 d-------- C:\Documents and Settings\All Users\Application Data\foldit
2008-05-08 20:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-05-08 20:32:54 0 d-------- C:\Documents and Settings\kasutaja\Application Data\DAEMON Tools Pro


-- Find3M Report ---------------------------------------------------------------

2008-06-05 22:58:42 0 --a------ C:\WINDOWS\TempFile
2008-06-04 11:25:54 0 d-------- C:\Program Files\Java
2008-06-04 10:43:14 0 d-------- C:\Program Files\Movie Maker
2008-06-04 10:42:48 0 d-------- C:\Program Files\Windows NT
2008-06-04 10:37:58 23348 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-05-27 10:12:01 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Mozilla
2008-05-25 18:14:44 0 d-------- C:\Program Files\Common Files
2008-05-20 18:41:38 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Microgaming
2008-05-20 17:49:24 0 d-------- C:\Program Files\mozilla.org
2008-05-19 15:55:29 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Adobe
2008-05-19 13:20:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-07 17:31:44 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Nokia
2008-05-07 17:31:44 21424 --a------ C:\Documents and Settings\kasutaja\Application Data\NMM-MetaData.db
2008-05-05 17:45:40 0 d-------- C:\Program Files\Toribash-3.1
2008-05-04 16:09:28 0 d-------- C:\Documents and Settings\kasutaja\Application Data\Azureus
2008-05-04 11:56:22 100864 --a------ C:\WINDOWS\system32\VT100.EXE
2008-04-28 19:56:28 0 d-------- C:\Documents and Settings\kasutaja\Application Data\LimeWire
2008-04-17 10:28:04 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-04-17 10:27:28 0 d--h----- C:\Documents and Settings\kasutaja\Application Data\ijjigame
2008-04-16 11:35:02 335 --a------ C:\WINDOWS\mozregistry.dat
2008-04-13 22:11:05 0 d-------- C:\Documents and Settings\kasutaja\Application Data\gtk-2.0
2008-04-13 21:26:18 0 d-------- C:\Documents and Settings\kasutaja\Application Data\RadiantSettings
2008-04-12 12:38:15 0 d-------- C:\Program Files\Common Files\InstallShield
2008-04-11 23:12:20 217088 --a------ C:\WINDOWS\system32\NMJ_Util.exe <Not Verified; Netmarble; NMJ_UTIL>
2008-04-11 23:12:20 454656 --a------ C:\WINDOWS\NMWizardJP5.exe <Not Verified; Netmarble Japan; Netmarble Starter>
2008-04-11 23:12:19 77824 --a------ C:\WINDOWS\NMUninstJ.exe <Not Verified; CJI Japan; NM uninstaller>
2008-04-11 23:09:24 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe <Not Verified; Ahead Software Gmbh; Ahead Software Gmbh NeroCheck>
2008-04-08 21:00:58 0 d-------- C:\Documents and Settings\kasutaja\Application Data\PC Suite
2008-04-08 20:39:23 0 d-------- C:\Program Files\Common Files\PCSuite
2008-04-08 20:39:23 0 d-------- C:\Program Files\Common Files\Nokia
2008-04-08 15:25:04 3951 --a------ C:\Start_.cmd
2008-03-21 12:37:43 256 --a------ C:\Documents and Settings\kasutaja\Application Data\urlredir.cfg
2008-03-20 23:31:39 94 --a------ C:\start


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{073E49FF-82C0-4504-AAE9-D374FD54E583}]
C:\WINDOWS\system32\aWOedBSL.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1D8282E6-BC4F-469B-AAED-7E4FF077AD93}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25BFD0EA-D83E-43DD-A075-DC38FC37FE10}]
C:\WINDOWS\system32\byXPFUKe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7399564A-5534-4B7A-8CB0-6F76A68427FD}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8AE9E66D-2B59-4B43-8936-B4520EE28E7D}]
C:\WINDOWS\system32\vtUMDTNd.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9258AF6C-9CFC-42EC-BA0C-CC727B7C66A0}]
C:\WINDOWS\system32\yayaXrqO.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 02:07]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [2008-04-11 23:09]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-12 11:00]
"nwiz"="nwiz.exe" [2007-09-17 02:07 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2008-04-12 11:00]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-05-05 14:54]
"Flashget"="D:\Program Files\FlashGet\flashget.exe" [2008-05-05 14:54]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 02:07]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 C:\WINDOWS\soundman.exe]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-04 00:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56]
"msnmsgr"="D:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"Spybot - Search & Destroy"="D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
"SpybotDeletingA4810"=command /c del "C:\WINDOWS\system32\kximsxxj.dll_old"
"SpybotDeletingC5685"=cmd /c del "C:\WINDOWS\system32\kximsxxj.dll_old"
"SpybotDeletingA5671"=command /c del "C:\WINDOWS\system32\pvtvjcll.dll_old"
"SpybotDeletingC3072"=cmd /c del "C:\WINDOWS\system32\pvtvjcll.dll_old"
"SpybotDeletingA4142"=command /c del "C:\WINDOWS\system32\vtUMDTNd.dll_old"
"SpybotDeletingC3582"=cmd /c del "C:\WINDOWS\system32\vtUMDTNd.dll_old"
"SpybotDeletingA3135"=command /c del "C:\WINDOWS\system32\yayaXrqO.dll_old"
"SpybotDeletingC4138"=cmd /c del "C:\WINDOWS\system32\yayaXrqO.dll_old"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
"tscuninstall"=%systemroot%\system32\tscupgrd.exe

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Nokia.PCSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-21 17:40:08]
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Service Manager.lnk - D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe [2007-08-30 19:44:36]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"disableregistrytools"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-09-28 12:22 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2006-10-19 10:12 258048 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\yayaXrqO

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCSSvc]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
backup=C:\WINDOWS\pss\Monitor Apache Servers.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^IMVU.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
"D:\Program Files\DAEMON Tools Pro\DTProAgent.exe" -autorun

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
D:\Program Files\FlashGet\flashget.exe /min

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
"D:\Program Files\IGN\Download Manager\DLM.exe" /windowsstart /startifwork

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
"D:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
D:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"D:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
"D:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
"D:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VT100 Emulator]
C:\WINDOWS\TEMP\VT100.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
D:\Program Files\Winamp\winampa.exe


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeed-af8a-11da-a396-806d6172696f}]
AutoRun\command- E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeee-af8a-11da-a396-806d6172696f}]
AutoRun\command- F:\setup.exe




-- End of Deckard's System Scanner: finished at 2008-06-06 00:22:23 ------------

EDIT: Added extra.txt

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon™ 64 Processor 3000+
Percentage of Memory in Use: 48%
Physical Memory (total/avail): 1022.42 MiB / 531.24 MiB
Pagefile Memory (total/avail): 2455.88 MiB / 2110.47 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1926.41 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 19.53 GiB total, 0.34 GiB free.
D: is Fixed (NTFS) - 92.22 GiB total, 2.43 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is CDROM (No Media)
H: is CDROM (No Media)
I: is CDROM (No Media)
J: is CDROM (No Media)
P: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - WDC WD1200JD-75GBB0 - 111.76 GiB - 2 partitions
\PARTITION0 - Extended w/Extended Int 13 - 19.53 GiB - C:
\PARTITION1 (bootable) - Installable File System - 92.22 GiB - D:



-- Security Center -------------------------------------------------------------

AUOptions is disabled.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.

AV: Kaspersky Anti-Virus v7.0.0.125 (Kaspersky Lab) Disabled Outdated
AV: ESET NOD32 Antivirus 3.0 v3.0 (ESET, spol. s r. o.) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\\Program Files\\MSN Messenger\\msnmsgr.exe"="D:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Messenger"
"D:\\Program Files\\Morpheus\\Morpheus.exe"="D:\\Program Files\\Morpheus\\Morpheus.exe:*:Enabled:M5Shell"
"D:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="D:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"D:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.6\\cnc3game.dat"="D:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.6\\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars"
"D:\\Steam\\SteamApps\\s4w\\counter-strike source\\hl2.exe"="D:\\Steam\\SteamApps\\s4w\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"D:\\Program Files\\mIRC\\mirc.exe"="D:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"D:\\Program Files\\The All-Seeing Eye\\eye.exe"="D:\\Program Files\\The All-Seeing Eye\\eye.exe:*:Enabled:Yahoo! All-Seeing Eye"
"D:\\PhoenixMU Reloaded\\bin\\ds1.exe"="D:\\PhoenixMU Reloaded\\bin\\ds1.exe:*:Enabled:Dataserver ?? ????"
"D:\\PhoenixMU Reloaded\\bin\\ds2.exe"="D:\\PhoenixMU Reloaded\\bin\\ds2.exe:*:Enabled:Dataserver ?? ????"
"D:\\PhoenixMU Reloaded\\bin\\exdb.exe"="D:\\PhoenixMU Reloaded\\bin\\exdb.exe:*:Enabled:Exdb MFC ?? ????"
"D:\\PhoenixMU Reloaded\\bin\\chat.exe"="D:\\PhoenixMU Reloaded\\bin\\chat.exe:*:Enabled:ChatServer MFC ?? ????"
"D:\\PhoenixMU Reloaded\\bin\\ranking.exe"="D:\\PhoenixMU Reloaded\\bin\\ranking.exe:*:Enabled:ranking"
"D:\\PhoenixMU Reloaded\\bin\\event.exe"="D:\\PhoenixMU Reloaded\\bin\\event.exe:*:Enabled:event"
"D:\\PhoenixMU Reloaded\\bin\\cs.exe"="D:\\PhoenixMU Reloaded\\bin\\cs.exe:*:Enabled:ConnectServer"
"D:\\PhoenixMU Reloaded\\bin\\joinserver.exe"="D:\\PhoenixMU Reloaded\\bin\\joinserver.exe:*:Enabled:JoinServer"
"D:\\PhoenixMU Reloaded\\gameserver\\gameserver.exe"="D:\\PhoenixMU Reloaded\\gameserver\\gameserver.exe:*:Enabled:gameserver"
"D:\\Program Files\\IDA\\idag.exe"="D:\\Program Files\\IDA\\idag.exe:*:Enabled:Interactive Disassembler (32-bit)"
"D:\\Program Files\\IDA\\idag64.exe"="D:\\Program Files\\IDA\\idag64.exe:*:Enabled:Interactive Disassembler (64-bit)"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"D:\\Abyss Web Server\\abyssws.exe"="D:\\Abyss Web Server\\abyssws.exe:*:Enabled:Abyss Web Server X1"
"D:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe"="D:\\Program Files\\TrackMania Nations ESWC\\TmNationsESWC.exe:*:Enabled:TmNationsESWC"
"D:\\Program Files\\DriftCity\\DriftCity.exe"="D:\\Program Files\\DriftCity\\DriftCity.exe:*:Enabled:DriftCity"
"D:\\Steam\\SteamApps\\s4w\\day of defeat source\\hl2.exe"="D:\\Steam\\SteamApps\\s4w\\day of defeat source\\hl2.exe:*:Enabled:hl2"
"D:\\Steam\\SteamApps\\uhhitsfuzzy\\day of defeat source\\hl2.exe"="D:\\Steam\\SteamApps\\uhhitsfuzzy\\day of defeat source\\hl2.exe:*:Enabled:hl2"
"D:\\MixMaster\\server\\MTAgent.exe"="D:\\MixMaster\\server\\MTAgent.exe:*:Enabled:MTAgent"
"D:\\TankyOnline\\qtank\\LogInServer.exe"="D:\\TankyOnline\\qtank\\LogInServer.exe:*:Enabled:LogInServer"
"D:\\TankyOnline\\qtank\\QTankSvr.exe"="D:\\TankyOnline\\qtank\\QTankSvr.exe:*:Enabled:QTankSvr"
"D:\\Steam\\SteamApps\\tacphoenix\\counter-strike\\hl.exe"="D:\\Steam\\SteamApps\\tacphoenix\\counter-strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\RaGEZONE GunZ Final Beta Client\\update4.mrs"="D:\\RaGEZONE GunZ Final Beta Client\\update4.mrs:*:Enabled:Gunz"
"C:\\WINDOWS\\system32\\pnkbstra.exe"="C:\\WINDOWS\\system32\\pnkbstra.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"D:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqw.exe"="D:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqw.exe:*:Enabled:Enemy Territory - QUAKE Wars™ Demo"
"D:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqwded.exe"="D:\\Program Files\\id Software\\Enemy Territory - QUAKE Wars Demo\\etqwded.exe:*:Enabled:etqwded.exe"
"C:\\Documents and Settings\\kasutaja\\Local Settings\\Application Data\\Temporary Projects\\Server\\bin\\Debug\\Server.vshost.exe"="C:\\Documents and Settings\\kasutaja\\Local Settings\\Application Data\\Temporary Projects\\Server\\bin\\Debug\\Server.vshost.exe:*:Enabled:vshost.exe"
"D:\\ijji\\ENGLISH\\Gunz\\Gunz.exe"="D:\\ijji\\ENGLISH\\Gunz\\Gunz.exe:*:Enabled:Gunz"
"D:\\Program Files\\LimeWire\\LimeWire.exe"="D:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"D:\\Program Files\\Electronic Arts\\Crytek\\Crysis MP Beta\\Bin32\\Crysis.exe"="D:\\Program Files\\Electronic Arts\\Crytek\\Crysis MP Beta\\Bin32\\Crysis.exe:*:Enabled:Crysis_32_mp_beta"
"D:\\Steam\\Steam.exe"="D:\\Steam\\Steam.exe:*:Enabled:Steam"
"C:\\WINDOWS\\system32\\java.exe"="C:\\WINDOWS\\system32\\java.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"
"D:\\BM\\PatchServer\\FileServe.exe"="D:\\BM\\PatchServer\\FileServe.exe:*:Enabled:FileServe"
"D:\\Program Files\\Pando Networks\\Pando\\pando.exe"="D:\\Program Files\\Pando Networks\\Pando\\pando.exe:*:Enabled:pando"
"D:\\Program Files\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE"="D:\\Program Files\\Worms 4 Mayhem\\WORMS 4 MAYHEM.EXE:*:Enabled:Worms 4 Mayhem"
"C:\\Program Files\\GMOD10\\hl2.exe"="C:\\Program Files\\GMOD10\\hl2.exe:*:Enabled:hl2"
"D:\\PhX MU\\MuServer\\DataServer\\Dataserver.exe"="D:\\PhX MU\\MuServer\\DataServer\\Dataserver.exe:*:Enabled:Dataserver"
"D:\\PhX MU\\MuServer\\DataServer1\\Dataserver.exe"="D:\\PhX MU\\MuServer\\DataServer1\\Dataserver.exe:*:Enabled:Dataserver"
"D:\\PhX MU\\MuServer\\ConnectServer\\Cs.exe"="D:\\PhX MU\\MuServer\\ConnectServer\\Cs.exe:*:Enabled:Cs"
"D:\\PhX MU\\MuServer\\ExDB\\Exdb.exe"="D:\\PhX MU\\MuServer\\ExDB\\Exdb.exe:*:Enabled:Exdb MFC ?? ????"
"D:\\PhX MU\\MuServer\\ChatServer\\ChatServer.exe"="D:\\PhX MU\\MuServer\\ChatServer\\ChatServer.exe:*:Enabled:ChatServer MFC ?? ????"
"D:\\PhX MU\\MuServer\\JoinServer\\JoinServer.exe"="D:\\PhX MU\\MuServer\\JoinServer\\JoinServer.exe:*:Enabled:JoinServer"
"D:\\PhX MU\\MuServer\\RankingServer\\MU_RANKING_DB_SERVER.EXE"="D:\\PhX MU\\MuServer\\RankingServer\\MU_RANKING_DB_SERVER.EXE:*:Enabled:MU_RANKING_DB_SERVER"
"D:\\PhX MU\\MuServer\\EventServer\\WZ_MU2003_EVENT_SERVER.exe"="D:\\PhX MU\\MuServer\\EventServer\\WZ_MU2003_EVENT_SERVER.exe:*:Enabled:WZ_MU2003_EVENT_SERVER"
"D:\\PhX MU\\MuServer\\GameServer\\GameServer.exe"="D:\\PhX MU\\MuServer\\GameServer\\GameServer.exe:*:Enabled:GameServer"
"D:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"="D:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe:*:Enabled:Java™ Platform SE binary"
"C:\\GunboundWC\\GunBound.gme"="C:\\GunboundWC\\GunBound.gme:*:Enabled:GunBound"
"D:\\Program Files\\Codemasters\\RF Online\\RF.exe"="D:\\Program Files\\Codemasters\\RF Online\\RF.exe:*:Enabled:RFLauncher"
"D:\\Program Files\\Java\\jre1.5.0_03\\bin\\java.exe"="D:\\Program Files\\Java\\jre1.5.0_03\\bin\\java.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"
"D:\\Program Files\\Briggs Softworks\\Poker Mavens\\PMServer.exe"="D:\\Program Files\\Briggs Softworks\\Poker Mavens\\PMServer.exe:*:Enabled:PMServer"
"D:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"="D:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe:*:Enabled:Jedi Academy MultiPlayer"
"D:\\Program Files\\Hamachi\\hamachi.exe"="D:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client"
"D:\\Steam\\SteamApps\\s4w\\source sdk base\\hl2.exe"="D:\\Steam\\SteamApps\\s4w\\source sdk base\\hl2.exe:*:Enabled:hl2"
"D:\\Program Files\\Skype\\Phone\\Skype.exe"="D:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype. Take a deep breath "
"D:\\MU Online\\bin\\ds1.exe"="D:\\MU Online\\bin\\ds1.exe:*:Enabled:Dataserver ?? ????"
"D:\\MU Online\\bin\\ds2.exe"="D:\\MU Online\\bin\\ds2.exe:*:Enabled:Dataserver ?? ????"
"D:\\MU Online\\bin\\exdb.exe"="D:\\MU Online\\bin\\exdb.exe:*:Enabled:Exdb MFC ?? ????"
"D:\\MU Online\\bin\\chat.exe"="D:\\MU Online\\bin\\chat.exe:*:Enabled:ChatServer MFC ?? ????"
"D:\\MU Online\\bin\\ranking.exe"="D:\\MU Online\\bin\\ranking.exe:*:Enabled:ranking"
"D:\\MU Online\\bin\\event.exe"="D:\\MU Online\\bin\\event.exe:*:Enabled:event"
"D:\\MU Online\\bin\\cs.exe"="D:\\MU Online\\bin\\cs.exe:*:Enabled:ConnectServer"
"D:\\MU Online\\bin\\joinserver.exe"="D:\\MU Online\\bin\\joinserver.exe:*:Enabled:JoinServer"
"D:\\MU Online\\gameserver\\gameserver.exe"="D:\\MU Online\\gameserver\\gameserver.exe:*:Enabled:gameserver"
"D:\\Program Files\\Xfire\\xfire.exe"="D:\\Program Files\\Xfire\\xfire.exe:*:Enabled:Xfire"
"D:\\Program Files\\XBC\\neXBC.exe"="D:\\Program Files\\XBC\\neXBC.exe:*:Enabled:XBConnect"
"D:\\Program Files\\FlashGet\\FlashGet.exe"="D:\\Program Files\\FlashGet\\FlashGet.exe:*:Enabled:Flashget"
"D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe"="D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3x.exe:*:Enabled:Age of Empires III - The WarChiefs"
"D:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat"="D:\\Program Files\\Electronic Arts\\Command & Conquer 3\\RetailExe\\1.9\\cnc3game.dat:*:Enabled:Command & Conquer 3 Tiberium Wars"
"D:\\Program Files\\Counter-Strike\\hl.exe"="D:\\Program Files\\Counter-Strike\\hl.exe:*:Enabled:Half-Life Launcher"
"D:\\Steam\\SteamApps\\STEAM\\Dedicated Server\\hlds.exe"="D:\\Steam\\SteamApps\\STEAM\\Dedicated Server\\hlds.exe:*:Enabled:HLDS Launcher"
"D:\\csserv\\Dedicated Server\\hlds.exe"="D:\\csserv\\Dedicated Server\\hlds.exe:*:Enabled:HLDS Launcher"
"D:\\csserv\\hlds.exe"="D:\\csserv\\hlds.exe:*:Enabled:HLDS Launcher"
"D:\\SAMPServer\\samp-server.exe"="D:\\SAMPServer\\samp-server.exe:*:Enabled:samp-server"
"C:\\Documents and Settings\\kasutaja\\Desktop\\OpenLieroX\\OpenLieroX.exe"="C:\\Documents and Settings\\kasutaja\\Desktop\\OpenLieroX\\OpenLieroX.exe:*:Enabled:OpenLieroX"
"D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe"="D:\\Program Files\\Microsoft Games\\Age of Empires III\\age3.exe:*:Enabled:Age of Empires 3"
"D:\\CabalTemp\\ESTSetupLoader.exe"="D:\\CabalTemp\\ESTSetupLoader.exe:*:Enabled:EST! download engine"
"D:\\Program Files\\Games-Masters.com\\CABAL Online (Europe)\\launcher\\update\\ESTdnheadless.exe"="D:\\Program Files\\Games-Masters.com\\CABAL Online (Europe)\\launcher\\update\\ESTdnheadless.exe:*:Enabled:EST! download engine"
"D:\\Program Files\\DarkSide Tetris - The Second Block\\DarkSideTetris.exe"="D:\\Program Files\\DarkSide Tetris - The Second Block\\DarkSideTetris.exe:*:Enabled:DarkSideTetris"
"D:\\Program Files\\Joost\\xulrunner\\tvprunner.exe"="D:\\Program Files\\Joost\\xulrunner\\tvprunner.exe:*:Enabled:tvprunner"
"D:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="D:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ "
"D:\\Program Files\\iTunes\\iTunes.exe"="D:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"D:\\Steam\\SteamApps\\s4w\\source dedicated server\\srcds.exe"="D:\\Steam\\SteamApps\\s4w\\source dedicated server\\srcds.exe:*:Enabled:srcds"
"D:\\Downloads\\TF2\\Team Fortress 2\\[psy] Team Fortress\\hl2.exe"="D:\\Downloads\\TF2\\Team Fortress 2\\[psy] Team Fortress\\hl2.exe:*:Enabled:hl2"
"D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"="D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe:*:Enabled:Assassin's Creed Dx9"
"D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"="D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe:*:Enabled:Assassin's Creed Dx10"
"D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"="D:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe:*:Enabled:Assassin's Creed Update"
"C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"="C:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"D:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"="D:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"D:\\Program Files\\Nokia\\Carbide.ui Theme Edition 3.2\\JRE\\bin\\javaw.exe"="D:\\Program Files\\Nokia\\Carbide.ui Theme Edition 3.2\\JRE\\bin\\javaw.exe:*:Enabled:Java™ 2 Platform Standard Edition binary"


-- Environment Variables -------------------------------------------------------



-- User Profiles ---------------------------------------------------------------

kasutaja (admin)


-- Add/Remove Programs ---------------------------------------------------------



-- Application Event Log -------------------------------------------------------

Event Record #/Type1683 / Error
Event Submitted/Written: 05/04/2008 00:13:55 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application taskmgr.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x0007f733.
Processing media-specific event for [taskmgr.exe!ws!]

Event Record #/Type1680 / Error
Event Submitted/Written: 05/04/2008 00:12:51 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application explorer.exe, version 6.0.2900.2180, faulting module unknown, version 0.0.0.0, fault address 0x0130f1e7.
Processing media-specific event for [explorer.exe!ws!]

Event Record #/Type1677 / Error
Event Submitted/Written: 05/04/2008 00:11:40 PM
Event ID/Source: 3299 / Apache Service
Event Description:
The Apache service named reported the following error:
>>> httpd.exe: Syntax error on line 115 of D:/Apache Software Foundation/Apache2.2/conf/httpd.conf: Cannot load C:/php/php4apache.dll into server: The specified module could not be found. .

Event Record #/Type1676 / Error
Event Submitted/Written: 05/04/2008 00:06:02 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application taskmgr.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x0007f733.
Processing media-specific event for [taskmgr.exe!ws!]

Event Record #/Type1675 / Error
Event Submitted/Written: 05/04/2008 00:05:29 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application taskmgr.exe, version 5.1.2600.2180, faulting module unknown, version 0.0.0.0, fault address 0x0007f733.
Processing media-specific event for [taskmgr.exe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type659 / Error
Event Submitted/Written: 05/04/2008 00:13:31 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Webroot Spy Sweeper Engine service failed to start due to the following error:
%%1053

Event Record #/Type658 / Error
Event Submitted/Written: 05/04/2008 00:13:31 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine service to connect.

Event Record #/Type657 / Error
Event Submitted/Written: 05/04/2008 00:13:31 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The npkcrypt service failed to start due to the following error:
%%3

Event Record #/Type656 / Error
Event Submitted/Written: 05/04/2008 00:13:31 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Eset Nod32 Boot service failed to start due to the following error:
%%1053

Event Record #/Type655 / Error
Event Submitted/Written: 05/04/2008 00:13:31 PM
Event ID/Source: 7009 / Service Control Manager
Event Description:
Timeout (30000 milliseconds) waiting for the Eset Nod32 Boot service to connect.



-- End of Deckard's System Scanner: finished at 2008-05-04 12:29:33 ------------




Thanks,
Equal :thumbsup:

Edited by Equal, 05 June 2008 - 04:32 PM.


BC AdBot (Login to Remove)

 


#2 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 06 June 2008 - 07:10 AM

Hello Equal and welcome to BleepingComputer,

1. * Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Under Browsing History, click Delete.
  • Click Delete Files, Delete cookies and Delete history
  • Click Close below.
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu..
  • Click the Clear now button below.. A new window will popup what to clear.
  • Select all and click the Clear button again.
  • Click OK to close the Options window
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
2. Please download Malwarebytes' Anti-Malware from Here or Here

Doubleclick mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply along with a fresh HijackThis log.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

3. Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please ensure you read this guide carefully and install the Recovery Console first.
The Windows Recovery Console will allow you to boot up into a special recovery mode, in case your computer has a problem after an attempted removal of malware. This allows us to help you. (WinXP SP3 users, please download the appropriate SP2 file, Home or Pro, to install the RC)

In the event you already have Combofix, delete your current version and download the latest version as described in the tutorial.
It must be saved directly to your desktop.


Note: Make sure not to click ComboFix's window while it's running. That may cause it to stall or freeze.

Please post the log from ComboFix (can also be found as C:\ComboFix.txt) in your next reply. :thumbsup:

If you have any questions along the way, STOP and ask them before proceeding !!

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#3 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 06 June 2008 - 01:20 PM

Hello again, thank you for helping me with my computer problems. Everything ran smoothly with the scans. But I couldn't delete the temporary files with cleanmgr, I did what you said Start > Run > I tried both cleanmgr and cleanmgr.exe but nothing happened, I got no error or anything.

Here are the logs,

Malwarebytes' Anti-Malware

Malwarebytes' Anti-Malware 1.15
Database version: 834

20:19:54 6.06.2008
mbam-log-6-6-2008 (20-19-54).txt

Scan type: Quick Scan
Objects scanned: 35947
Time elapsed: 5 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 18
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{df780f87-ff2b-4df8-92d0-73db16a1543a} (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp.1 (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\HID_Layer (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\Process.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\kasutaja\Application Data\urlredir.cfg (Adware.RightOnAds) -> Quarantined and deleted successfully.


Combofix

ComboFix 08-06-05.3 - kasutaja 2008-06-06 20:26:18.5 - NTFSx86
Running from: C:\Documents and Settings\kasutaja\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM635e9e1f.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cryptu.dll
C:\WINDOWS\system32\dNTDMUtv.ini
C:\WINDOWS\system32\dNTDMUtv.ini2
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\drivers\savjitlk.dat
C:\WINDOWS\system32\dsldpugr.dll
C:\WINDOWS\system32\eKUFPXyb.ini
C:\WINDOWS\system32\eKUFPXyb.ini2
C:\WINDOWS\system32\fdrmkudf.ini2
C:\WINDOWS\system32\fdrmkudf.tmp
C:\WINDOWS\system32\fsgkiuos.ini
C:\WINDOWS\system32\kepbjifs.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\OqrXayay.ini
C:\WINDOWS\system32\OqrXayay.ini2
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll
.
---- Previous Run -------
.
C:\install.exe
C:\WINDOWS\system32\nsaA7.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\LEGACY_ZBRVMBDW
-------\zbrvmbdw
-------\Legacy_NM
-------\Legacy_NPF
-------\Legacy_ZBRVMBDW
-------\Service_nm
-------\Service_NPF


((((((((((((((((((((((((( Files Created from 2008-05-06 to 2008-06-06 )))))))))))))))))))))))))))))))
.

2008-06-06 20:12 . 2008-06-06 20:12 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Malwarebytes
2008-06-06 20:12 . 2008-06-06 20:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-06 20:12 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-06 20:12 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-06 16:54 . 2008-06-06 16:54 <DIR> d-------- C:\Downloads
2008-06-06 00:19 . 2008-06-06 00:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-05 22:48 . 2008-06-05 22:48 0 --a------ C:\WINDOWS\system32\CMMGR32.EXE
2008-06-05 20:50 . 2008-06-05 20:50 <DIR> d-------- C:\Program Files\Realtek AC97
2008-06-05 13:57 . 2008-06-05 13:57 12,352 --a------ C:\WINDOWS\system32\dfnrquhm.exe
2008-06-04 11:23 . 2008-06-04 11:23 11,840 --a------ C:\WINDOWS\system32\usiiiroi.exe
2008-06-04 10:40 . 2008-06-04 10:40 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-04 10:18 . 2001-08-23 15:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-06-04 10:18 . 2001-08-23 15:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-06-03 15:58 . 2008-06-03 15:58 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-05-28 13:11 . 2008-05-28 13:11 12,352 --a------ C:\WINDOWS\system32\pyoxjeci.exe
2008-05-27 08:38 . 2008-05-27 08:38 12,352 --a------ C:\WINDOWS\system32\akfvirtq.exe
2008-05-27 08:35 . 2008-05-27 08:41 295 --ahs---- C:\WINDOWS\system32\pcvrhbwf.ini
2008-05-26 20:29 . 2008-06-05 18:33 125 --a------ C:\WINDOWS\fd3.INI
2008-05-26 20:28 . 2008-05-26 20:28 57,344 --a------ C:\WINDOWS\system32\tuvtTKbC.dll.vir
2008-05-25 18:14 . 2008-05-25 18:14 <DIR> d-------- C:\Program Files\Common Files\SourceTec
2008-05-25 15:04 . 2008-05-25 15:20 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Command & Conquer 3 Kane's Wrath
2008-05-22 18:28 . 2008-05-27 09:53 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Orbit
2008-05-20 22:18 . 2008-05-20 22:18 <DIR> d-------- C:\spoolerlogs
2008-05-19 13:21 . 2008-05-19 13:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-12 19:56 . 2008-05-12 19:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\foldit
2008-05-08 20:42 . 2008-05-08 20:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-05-08 20:32 . 2008-05-08 20:43 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\DAEMON Tools Pro
2008-05-07 19:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-07 19:01 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-06 07:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-06 07:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\HipSoft
2008-06-05 16:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-04 08:25 --------- d-----w C:\Program Files\Java
2008-05-27 09:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-27 08:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-20 15:41 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Microgaming
2008-05-20 14:49 --------- d-----w C:\Program Files\mozilla.org
2008-05-19 10:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-08 17:34 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-05-08 17:33 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-07 14:31 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Nokia
2008-05-05 14:58 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-05-05 14:45 --------- d-----w C:\Program Files\Toribash-3.1
2008-05-04 13:09 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Azureus
2008-05-04 10:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-02 16:26 4,096 ----a-w C:\WINDOWS\system32\drivers\nocashio.sys
2008-04-28 16:56 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\LimeWire
2008-04-17 07:28 --------- d-----w C:\Program Files\Common Files\INCA Shared
2008-04-17 07:27 --------- d--h--w C:\Documents and Settings\kasutaja\Application Data\ijjigame
2008-04-13 19:11 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\gtk-2.0
2008-04-13 18:26 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\RadiantSettings
2008-04-12 15:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-04-12 09:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-12 09:38 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-11 20:12 77,824 ----a-w C:\WINDOWS\NMUninstJ.exe
2008-04-11 20:12 454,656 ----a-w C:\WINDOWS\NMWizardJP5.exe
2008-04-08 18:00 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\PC Suite
2008-04-08 17:39 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-04-08 17:39 --------- d-----w C:\Program Files\Common Files\Nokia
2008-04-08 17:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-04-08 17:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-04-08 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-01-27 19:02 22,328 ----a-w C:\Documents and Settings\kasutaja\Application Data\PnkBstrK.sys
2007-12-01 14:47 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-10-04 14:26 202 ----a-w C:\Documents and Settings\kasutaja\aw.dat
2005-11-27 04:45 102,400 ----a-w C:\Documents and Settings\kasutaja\zlib.dll
2006-08-23 10:34 56 --sha-r C:\WINDOWS\system32\B6006D7261.sys
2006-08-23 10:34 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2004-08-04 00:56 1041920 a2dcd56b86231909d51abf8629ea755a C:\WINDOWS\explorer.exe
2007-06-13 13:23 1042944 a03958f31efb50b00679bf04af8963f4 C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
2007-06-13 14:26 1042944 9ebb2ddded92e1259641f8fd98a4465d C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe

2004-08-04 00:56 24576 8c47ffc39c4dc0fcb006841e77589468 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN]
@={30351346-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN]
@={30351347-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN]
@={30351348-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN]
@={3035134B-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN]
@={3035134C-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN]
@={3035134D-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN]
@={3035134E-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 24576]
"msnmsgr"="D:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 02:07 8491008]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [2008-04-11 23:09 155648]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-12 11:00 180224]
"nwiz"="nwiz.exe" [2007-09-17 02:07 1638400 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2008-04-12 11:00 221184]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-05-05 14:54 425984]
"Flashget"="D:\Program Files\FlashGet\flashget.exe" [2008-05-05 14:54 2019376]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 02:07 81920]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 589824 C:\WINDOWS\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 24576]
"Nokia.PCSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-04-11 23:09 1294336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 00:56 63488 C:\WINDOWS\system32\narrator.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 22:59 53760]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-21 17:40:08 113664]
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Service Manager.lnk - D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe [2007-08-30 19:44:36 69632]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-09-28 12:22 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2006-10-19 10:12 258048 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.WMV3"= D:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
"vidc.ffds"= D:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll
"SENTINEL"= snti386.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
backup=C:\WINDOWS\pss\Monitor Apache Servers.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^IMVU.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
--a------ 2008-04-01 16:31 290248 D:\Program Files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
--a------ 2008-05-05 14:54 2019376 D:\Program Files\FlashGet\flashget.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
--a------ 2007-03-05 13:57 1103480 D:\Program Files\IGN\Download Manager\DLM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
--a------ 2008-02-09 15:02 6051144 D:\Program Files\Pando Networks\Pando\Pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
--a------ 2006-07-05 14:39 1219072 D:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-05 14:54 425984 D:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
--a------ 2007-06-15 15:17 699120 D:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-11-12 16:48 21760296 D:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2007-07-19 22:54 5361464 D:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2006-10-18 11:36 1306624 D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VT100 Emulator]
C:\WINDOWS\TEMP\VT100.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2006-11-21 20:38 45056 D:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\FlashGet\\flashget.exe"=
"D:\\Program Files\\MSN Messenger\\msnmsgr.exe"=


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeed-af8a-11da-a396-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeee-af8a-11da-a396-806d6172696f}]
\Shell\AutoRun\command - F:\setup.exe

.
Contents of the 'Scheduled Tasks' folder
"2008-05-24 11:17:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-06 20:33:18
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL]
"ImagePath"="\"D:\Abyss Web Server\database\mysql\bin\mysqld-nt\" --defaults-file=\"D:\Abyss Web Server\database\mysql\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQLRS]
"ImagePath"="\"D:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"D:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQLRS"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\PsSdk30]
"ImagePath"="\??\C:\WINDOWS\system32\Drivers\PsSdk30.drv"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> D:\Program Files\TortoiseSVN\iconv\_tbl_simple.so
-> D:\Program Files\TortoiseSVN\iconv\windows-1257.so
-> D:\Program Files\TortoiseSVN\iconv\utf-8.so
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\WINDOWS\system32\rundll32.exe
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe
D:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pnkbstra.exe
D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
D:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2008-06-06 21:07:56 - machine was rebooted [kasutaja]
ComboFix-quarantined-files.txt 2008-06-06 18:06:45

Pre-Run: 1,630,289,920 bytes free
Post-Run: 1,627,570,176 bytes free

292 --- E O F --- 2008-06-04 13:53:39


HijackThis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:16:05, on 6.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe
D:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-606747145-838170752-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe
O8 - Extra context menu item: &Download All with FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: TrioBet Poker - {019BB34E-96AC-4aa7-A5DE-3CC7442D4E38} - C:\Microgaming\Poker\TriobetMPP\MPPoker.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\kasutaja\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - D:\Program Files\CarbonPoker\Poker.exe (file missing) (HKCU)
O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914008796
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914002562
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} - http://file.netmarble.jp/Control/NMJTransX.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/TrioBet/FlashAX.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - D:\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - D:\Abyss.exe (file missing)
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 11799 bytes


Thanks,
Equal :thumbsup:

Edited by Equal, 06 June 2008 - 01:21 PM.


#4 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 06 June 2008 - 04:52 PM

Hello Equal,

Let's clean up some more :

Open Notepad - don't use any other texteditor than Notepad or the script will fail !
Copy/paste the bold, blue text below into an empty notepad window:http://www.bleepingcomputer.com/forums/t/150767/virtumundo-browser-hijacks-adware-lot-more/
Collect::[9]
C:\WINDOWS\system32\dfnrquhm.exe
C:\WINDOWS\system32\usiiiroi.exe
C:\WINDOWS\system32\pyoxjeci.exe
File::
C:\WINDOWS\system32\akfvirtq.exe
C:\WINDOWS\system32\pcvrhbwf.ini
C:\WINDOWS\fd3.INI
C:\WINDOWS\system32\tuvtTKbC.dll.vir

Save this as txtfile CFScript

Then drag the CFScript into ComboFix.exe as you see in the screenshot below.

Posted Image

This will start ComboFix again. Upon reboot, (in case it asks to reboot), post the contents of the Combofix log in your next reply, as well as a fresh HijackThislog.

When CF finishes running, the ComboFix log will open along with a message box, --do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis.

Ensure you are connected to the internet and click OK on the message box. A browser will open.
Simply follow the instructions to copy/paste/send the requested file [9]-Submit_Date_Time.zip.

Are you still having problems ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#5 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 07 June 2008 - 05:57 AM

Hey again, everything ran smoothly, but still the cleanmgr isn't working and the windows updates never finish. I have like 90 of them and I click shut down to update but It stays at Update 1 of 90. Other than that everything seems to be fine. Also I uploaded the .zip file you asked me to.

Combofix

ComboFix 08-06-05.3 - kasutaja 2008-06-07 13:19:13.6 - NTFSx86
Running from: C:\Documents and Settings\kasutaja\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\kasutaja\Desktop\CFScript.txt

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\fd3.INI
C:\WINDOWS\system32\akfvirtq.exe
C:\WINDOWS\system32\pcvrhbwf.ini
C:\WINDOWS\system32\tuvtTKbC.dll.vir
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\fd3.INI
C:\WINDOWS\system32\akfvirtq.exe
C:\WINDOWS\system32\CMMGR32.EXE
C:\WINDOWS\system32\dfnrquhm.exe
C:\WINDOWS\system32\pcvrhbwf.ini
C:\WINDOWS\system32\pyoxjeci.exe
C:\WINDOWS\system32\tuvtTKbC.dll.vir
C:\WINDOWS\system32\usiiiroi.exe

.
((((((((((((((((((((((((( Files Created from 2008-05-07 to 2008-06-07 )))))))))))))))))))))))))))))))
.

2008-06-06 20:12 . 2008-06-06 20:12 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Malwarebytes
2008-06-06 20:12 . 2008-06-06 20:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-06 20:12 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-06-06 20:12 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-06-06 16:54 . 2008-06-06 16:54 <DIR> d-------- C:\Downloads
2008-06-06 00:19 . 2008-06-06 00:19 <DIR> d-------- C:\Program Files\Trend Micro
2008-06-05 20:50 . 2008-06-05 20:50 <DIR> d-------- C:\Program Files\Realtek AC97
2008-06-04 10:40 . 2008-06-04 10:40 488 -rah----- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\WindowsShell.Manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\wuaucpl.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\sapi.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\nwc.cpl.manifest
2008-06-04 10:39 . 2008-06-04 10:39 749 -rah----- C:\WINDOWS\system32\ncpa.cpl.manifest
2008-06-04 10:18 . 2001-08-23 15:00 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2008-06-04 10:18 . 2001-08-23 15:00 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2008-06-03 15:58 . 2008-06-03 15:58 <DIR> d--hs---- C:\$RECYCLE.BIN
2008-05-25 18:14 . 2008-05-25 18:14 <DIR> d-------- C:\Program Files\Common Files\SourceTec
2008-05-25 15:04 . 2008-05-25 15:20 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Command & Conquer 3 Kane's Wrath
2008-05-22 18:28 . 2008-05-27 09:53 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\Orbit
2008-05-20 22:18 . 2008-05-20 22:18 <DIR> d-------- C:\spoolerlogs
2008-05-19 13:21 . 2008-05-19 13:22 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-12 19:56 . 2008-05-12 19:56 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\foldit
2008-05-08 20:42 . 2008-05-08 20:44 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Pro
2008-05-08 20:32 . 2008-05-08 20:43 <DIR> d-------- C:\Documents and Settings\kasutaja\Application Data\DAEMON Tools Pro
2008-05-07 19:01 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-07 19:01 . 2007-07-30 19:19 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-06-06 07:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\TechSmith
2008-06-06 07:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\HipSoft
2008-06-05 16:01 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-04 08:25 --------- d-----w C:\Program Files\Java
2008-05-27 09:18 --------- d-----w C:\Documents and Settings\All Users\Application Data\TrackMania
2008-05-27 08:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-20 15:41 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Microgaming
2008-05-20 14:49 --------- d-----w C:\Program Files\mozilla.org
2008-05-19 10:20 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-08 17:34 278,984 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-05-08 17:33 717,296 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-05-07 14:31 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Nokia
2008-05-05 14:58 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-05-05 14:58 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-05-05 14:45 --------- d-----w C:\Program Files\Toribash-3.1
2008-05-04 13:09 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\Azureus
2008-05-04 10:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Azureus
2008-05-04 08:56 100,864 ----a-w C:\WINDOWS\system32\VT100.EXE
2008-05-02 16:26 4,096 ----a-w C:\WINDOWS\system32\drivers\nocashio.sys
2008-04-28 16:56 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\LimeWire
2008-04-17 07:28 --------- d-----w C:\Program Files\Common Files\INCA Shared
2008-04-17 07:27 --------- d--h--w C:\Documents and Settings\kasutaja\Application Data\ijjigame
2008-04-13 19:11 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\gtk-2.0
2008-04-13 18:26 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\RadiantSettings
2008-04-12 15:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\ESET
2008-04-12 09:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\InstallShield
2008-04-12 09:38 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-12 08:00 221,184 ----a-w C:\WINDOWS\system32\LVCOMSX.EXE
2008-04-11 20:12 77,824 ----a-w C:\WINDOWS\NMUninstJ.exe
2008-04-11 20:12 454,656 ----a-w C:\WINDOWS\NMWizardJP5.exe
2008-04-11 20:12 217,088 ----a-w C:\WINDOWS\system32\NMJ_Util.exe
2008-04-11 20:09 155,648 ----a-w C:\WINDOWS\system32\NeroCheck.exe
2008-04-08 18:00 --------- d-----w C:\Documents and Settings\kasutaja\Application Data\PC Suite
2008-04-08 17:39 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-04-08 17:39 --------- d-----w C:\Program Files\Common Files\Nokia
2008-04-08 17:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2008-04-08 17:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2008-04-08 16:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2008-01-27 19:02 22,328 ----a-w C:\Documents and Settings\kasutaja\Application Data\PnkBstrK.sys
2007-12-01 14:47 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2006-10-04 14:26 202 ----a-w C:\Documents and Settings\kasutaja\aw.dat
2005-11-27 04:45 102,400 ----a-w C:\Documents and Settings\kasutaja\zlib.dll
2006-08-23 10:34 56 --sha-r C:\WINDOWS\system32\B6006D7261.sys
2006-08-23 10:34 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

------- Sigcheck -------

2004-08-04 00:56 1041920 a2dcd56b86231909d51abf8629ea755a C:\WINDOWS\explorer.exe
2007-06-13 13:23 1042944 a03958f31efb50b00679bf04af8963f4 C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe
2007-06-13 14:26 1042944 9ebb2ddded92e1259641f8fd98a4465d C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe

2004-08-04 00:56 24576 8c47ffc39c4dc0fcb006841e77589468 C:\WINDOWS\system32\ctfmon.exe
.
((((((((((((((((((((((((((((( snapshot@2008-06-06_21.06.21.71 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-06 17:32:09 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-07 07:40:11 2,048 --s-a-w C:\WINDOWS\bootstat.dat
- 2008-06-06 17:32:10 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-06-07 07:40:12 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-06-06 17:32:10 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-06-07 07:40:12 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-06-06 17:32:10 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-06-07 07:40:12 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-06-06 06:49:23 85,526 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-06-07 07:52:19 85,526 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-06-06 06:49:23 457,458 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-06-07 07:52:19 457,458 ----a-w C:\WINDOWS\system32\perfh009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseSVN]
@={30351346-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseSVN]
@={30351347-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseSVN]
@={30351348-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseSVN]
@={3035134B-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseSVN]
@={3035134C-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseSVN]
@={3035134D-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseSVN]
@={3035134E-7B7D-4FCC-81B4-1E394CA267EB}

[HKEY_CLASSES_ROOT\CLSID\{30351346-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351347-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{30351348-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134B-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134C-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134D-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CLASSES_ROOT\CLSID\{3035134E-7B7D-4FCC-81B4-1E394CA267EB}]
2006-09-16 11:58 536576 --a------ D:\Program Files\TortoiseSVN\bin\tortoisesvn.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:56 24576]
"msnmsgr"="D:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:54 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-09-17 02:07 8491008]
"NeroCheck"="C:\WINDOWS\system32\\NeroCheck.exe" [2008-04-11 23:09 155648]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-04-12 11:00 180224]
"nwiz"="nwiz.exe" [2007-09-17 02:07 1638400 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2008-04-12 11:00 221184]
"SunJavaUpdateSched"="D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2008-05-05 14:54 425984]
"Flashget"="D:\Program Files\FlashGet\flashget.exe" [2008-05-05 14:54 2019376]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-09-17 02:07 81920]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 589824 C:\WINDOWS\soundman.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:56 24576]
"Nokia.PCSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-04-11 23:09 1294336]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 00:56 63488 C:\WINDOWS\system32\narrator.exe]
"tscuninstall"="C:\WINDOWS\system32\tscupgrd.exe" [2004-08-03 22:59 53760]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2006-03-21 17:40:08 113664]
Adobe Reader Speed Launch.lnk - D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Service Manager.lnk - D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe [2007-08-30 19:44:36 69632]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-09-28 12:22 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
D:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2006-10-19 10:12 258048 D:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.WMV3"= D:\PROGRA~1\COMBIN~1\Filters\wmv9vcm.dll
"vidc.ffds"= D:\PROGRA~1\COMBIN~1\Filters\ff_vfw.dll
"SENTINEL"= snti386.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, zwebauth.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Monitor Apache Servers.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
backup=C:\WINDOWS\pss\Monitor Apache Servers.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^IMVU.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^MagicDisc.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\MagicDisc.lnk
backup=C:\WINDOWS\pss\MagicDisc.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Xfire.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Xfire.lnk
backup=C:\WINDOWS\pss\Xfire.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^kasutaja^Start Menu^Programs^Startup^Yahoo! Widget Engine.lnk]
path=C:\Documents and Settings\kasutaja\Start Menu\Programs\Startup\Yahoo! Widget Engine.lnk
backup=C:\WINDOWS\pss\Yahoo! Widget Engine.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
--a------ 2008-04-01 16:31 290248 D:\Program Files\DAEMON Tools Pro\DTProAgent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flashget]
--a------ 2008-05-05 14:54 2019376 D:\Program Files\FlashGet\flashget.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igndlm.exe]
--a------ 2007-03-05 13:57 1103480 D:\Program Files\IGN\Download Manager\DLM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Pando]
--a------ 2008-02-09 15:02 6051144 D:\Program Files\Pando Networks\Pando\Pando.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PSwitch]
--a------ 2006-07-05 14:39 1219072 D:\Program Files\Proxy Switcher Standard\ProxySwitcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-05-05 14:54 425984 D:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SBCSTray]
--a------ 2007-06-15 15:17 699120 D:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-11-12 16:48 21760296 D:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]
--a------ 2007-07-19 22:54 5361464 D:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
--a------ 2006-10-18 11:36 1306624 D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VT100 Emulator]
C:\WINDOWS\TEMP\VT100.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2006-11-21 20:38 45056 D:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"D:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Pando Networks\\Pando\\pando.exe"=
"D:\\Program Files\\FlashGet\\flashget.exe"=


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeed-af8a-11da-a396-806d6172696f}]
\Shell\AutoRun\command - E:\AUTORUN\AUTORUN.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{42d0eeee-af8a-11da-a396-806d6172696f}]
\Shell\AutoRun\command - F:\setup.exe

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder
"2008-05-24 11:17:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- D:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-06-07 13:22:24
Windows 5.1.2600 Service Pack 2 NTFS

detected NTDLL code modification:
ZwOpenFile

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQL]
"ImagePath"="\"D:\Abyss Web Server\database\mysql\bin\mysqld-nt\" --defaults-file=\"D:\Abyss Web Server\database\mysql\my.ini\" MySQL"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MySQLRS]
"ImagePath"="\"D:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt\" --defaults-file=\"D:\Program Files\MySQL\MySQL Server 5.0\my.ini\" MySQLRS"

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PsSdk30]
"ImagePath"="\??\C:\WINDOWS\system32\Drivers\PsSdk30.drv"
.
Completion time: 2008-06-07 13:49:03
ComboFix-quarantined-files.txt 2008-06-07 10:47:59
ComboFix2.txt 2008-06-06 18:07:57

Pre-Run: 1,408,569,344 bytes free
Post-Run: 1,387,917,312 bytes free

263 --- E O F --- 2008-06-04 13:53:39


HijackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:56:20, on 7.06.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe
D:\Program Files\No-IP\DUC20.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neti.ee/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Flashget] D:\Program Files\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "D:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-606747145-838170752-682003330-1003\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Service Manager.lnk = D:\Program Files\Microsoft SQL Server\80\Tools\binn\sqlmangr.exe
O8 - Extra context menu item: &Download All with FlashGet - D:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Download with FlashGet - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: TrioBet Poker - {019BB34E-96AC-4aa7-A5DE-3CC7442D4E38} - C:\Microgaming\Poker\TriobetMPP\MPPoker.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\kasutaja\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: CarbonPoker - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - D:\Program Files\CarbonPoker\Poker.exe (file missing) (HKCU)
O16 - DPF: {20050325-D35A-4233-926E-2E801AE25949} - http://www.netmarble.jp/_common/cab/NMStarterJP5.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914008796
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} - http://www.acclaim.com/cabs/acclaim_v4.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1209914002562
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} - http://file.netmarble.jp/Control/NMJTransX.cab
O16 - DPF: {9732FB42-C321-11D1-836F-00A0C993F125} - http://pcpitstop.com/mhLbl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} - http://messenger.msn.com/download/MsnMesse...pDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://cdn2.zone.msn.com/binFramework/v10/...ro.cab34246.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://mppv2flash3.valueactive.com/TrioBet/FlashAX.cab
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe (file missing)
O23 - Service: Apache2.2 - Apache Software Foundation - D:\Apache Software Foundation\Apache2.2\bin\httpd.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - D:\Abyss.exe (file missing)
O23 - Service: NoIPDUCService - Vitalwerks LLC - D:\Program Files\No-IP\DUC20.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - D:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

--
End of file - 11775 bytes


Thanks,
Equal :thumbsup:

#6 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 07 June 2008 - 06:06 AM

Hello Equal,

Your JavaVM is also out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 6u6.
  • Scroll down to where it says The Java SE Runtime Environment (JRE) allows end-users to run Java applications.
  • Click the Download button to the right.
  • Check the box that says: Accept License Agreement
  • The page will refresh.
  • Click on the link to download Windows Offline Installation (jre-6u6-windows-i586-p.exe) and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel, double-click on Add/Remove programs and remove all older versions of Java.
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u6-windowsi586-p.exe to install the newest version.
As for that updating problem :

Download and unzip Dial-a-Fix to its own folder on your desktop:Open the Dial-a-Fix folder, launch the program by clicking on the blue cog-wheel icon.
First, click the "Policies..." button on the bottom.
If anything is found, make sure it's checked and then, click the "Remove" button and click the "Close" button to close that window.
Now click the green, double check icon (Check all) on the bottom.
Then click on 'GO' at the bottom.
Click "Exit" and restart your pc when Dial-a-Fix has done.
Are those updates getting installed now ?

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#7 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 07 June 2008 - 09:09 AM

Hey again, yeah it's now updating. Altough the computer is somewhat slow when trying to shut down, the window where you can choose what to do (standby, shut down, restart) appears in about 5 minutes.

#8 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 07 June 2008 - 12:22 PM

Hello Equal,

As long as your system is updating, I'd hold off doing anything else, or taking additional measures. :thumbsup:
Upon finishing, give it some time to stabilise.

Then, you can remove all used tools and folders created in the process.
To remove ComboFix :
Go to Start > Run, and copy and paste next command in the field:ComboFix /u
Make sure there's a space between Combofix and /u
Then press Enter.
This will uninstall Combofix, delete its related folders and files, restore your clock settings, hide file extensions, hide the system/hidden files and resets System Restore again.

Please read this Prevention page with lots of info and tips how to prevent this in the future.
And if you want to improve speed/system performance after malware removal, take a look here.
Extra note: Make sure your programs are up to date - because older versions may contain Security Leaks.
To find out what programs need to be updated, please run the Secunia Software Inspector Scan.

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#9 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 12 June 2008 - 06:01 AM

Hey again, long time no see.

Everything else seems to be running except these problems have been and are still here.

The problem is that when trying to run some applications I get "The application failed to initialize properly (0xc000007b). Click on OK to terminate the application." I downloaded .NET framework 3.5 to solve this but it didn't. At first it wouldn't install at all, but then I used the .NET framework removal tool, it removed all of the old registry keys and old frameworks and it installed after that successfully.

And when trying to run Sothink SWF Decompiler I get the following error, "This program has been damaged, possibly by a bad sector of the hard drive or a virus. Please reinstall it." I've tried reinstalling it for multiple times and even to different locations, but I still get the same error.

Hope you can help me,
Equal.

#10 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 12 June 2008 - 08:25 AM

Hello Equal,

Just to make sure it isn't malware related, I'd like you to run an online scan :

Please use the Internet Explorer browser, and do an online scan with Kaspersky Online Scanner

Note: If you have used this particular scanner before, you MAY HAVE TO UNINSTALL the program through Add/Remove Programs before downloading the new ActiveX component

Click Yes, when prompted to install its ActiveX component.
(Note.. for Internet Explorer 7 users: If at any time you have trouble with the Accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)

The program launches and downloads the latest definition files.
  • Once the files are downloaded click on Next
  • Click on Scan Settings and configure as follows:
    • Scan using the following Anti-Virus database:
      • choose the second option Extended - ptotect your ....
    • Scan Options:select Scan Archives and Scan Mail Bases
  • Click OK and, under select a target to scan, select My Computer
    Posted Image
When the scan is done, in the Scan is completed window (below), any infection is displayed.
There is no option to clean/disinfect, however, we need to analyze the information on the report. Posted Image
Posted Image
To obtain the report:
Click on: Save Report As (above - red blinking arrow)
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar
In Save as type, click the drop arrow and select: Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in your reply.
Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#11 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 12 June 2008 - 09:16 AM

There's only one problem with this, my Internet explorer isn't working, it reversed to IE 6 and my Windows media player 11 reversed to 9, when I took it to the computer repair before I did anything here. And now neither one of them works.

#12 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 13 June 2008 - 07:20 AM

Hello Equal,

There's only one problem with this, my Internet explorer isn't working, it reversed to IE 6 and my Windows media player 11 reversed to 9, when I took it to the computer repair before I did anything here. And now neither one of them works.

Do you mean that's how your PC came back from repair ?? :)

It seems to me you've got additional problems with damaged system- and/or program files. :thumbsup:

To run the System File Checker, follow these steps:1. Click Start, click Run, type sfc /scannow, and then press ENTER.
2. Follow the prompts throughout the System File Checker process.
3. Restart the computer when System File Checker process is complete.
You may be asked for your WinXp installation CD.

Greetings,
Thunder

Edited by Thunder, 13 June 2008 - 07:21 AM.

Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#13 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 13 June 2008 - 08:20 AM

Hey,

Yeah that's how it came back.

The system file checker doesn't do anything, the "Please wait while Windows verifies..." comes up, loads very fast and closes. Nothing else happens.

Big thanks for trying to help me,
Equal.

EDIT:
I got my IE to work!!! I will run the scan soon, thanks!

Edited by Equal, 13 June 2008 - 09:09 AM.


#14 Thunder

Thunder

  • Members
  • 3,294 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Belgium
  • Local time:07:26 AM

Posted 13 June 2008 - 09:33 AM

Hello Equal,

EDIT:
I got my IE to work!!!


Now you've made me curious. :thumbsup:

Greetings,
Thunder
Whatever happens, make believe it was intended to ...
-----------------------------------------------------------------------
Posted Image - If I have helped you in any way, please consider a donation to help me continue the fight against malware.
-----------------------------------------------------------------------
Stand Up & Be Counted --> Posted Image <-- And make a difference

#15 Equal

Equal
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 13 June 2008 - 03:20 PM

Hey,

I stopped the scan after 5 hours and 53 minutes and it had only scanned 27% because: ALL OF MY COMPUTER'S (.exe) AND YES ALL OF MY COMPUTER'S (.exe) FILES HAVE BEEN INFECTED by Virus.Win32.Virut.n, so yeah this is pretty much of an issue because I have lots of necessary files, and even if I wanted to format or anything I don't have the CD. I read about this virus and it infects files that have .exe and .scr as their file name extension.


--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, June 13, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, June 13, 2008 13:07:26
Records in database: 859827
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 478140
Threat name: 2
Infected objects: 2145
Suspicious objects: 0
Duration of the scan: 05:53:11


File name / Threat name / Threats count
C:\WINDOWS\system32\spoolsv.exe/C:\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Explorer.EXE/C:\WINDOWS\Explorer.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\RUNDLL32.EXE/C:\WINDOWS\system32\RUNDLL32.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SOUNDMAN.EXE/C:\WINDOWS\SOUNDMAN.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ctfmon.exe/C:\WINDOWS\system32\ctfmon.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe/D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvsvc32.exe/C:\WINDOWS\system32\nvsvc32.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\abyssws.exe/D:\Abyss Web Server\abyssws.exe Infected: Virus.Win32.Virut.n 2
C:\Program Files\Internet Explorer\iexplore.exe/C:\Program Files\Internet Explorer\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\b\BmdDecoder.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\FireFoxRestarter1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\ijjinotify2FxB.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\ijjiPreNotify2FxB.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\ijjiPreStarter2FxB.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\ijjistarter2FxB.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\IJJIGame\ijjiUninstall.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstCCD.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCS.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{29466F9C-7C6A-419C-B301-F440FAF78760}\Installer\CommonCustomActions\UninstPCSFEMsi.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{2B06E7FD-C5A1-403E-B387-A8D4AA858F48}\Installer\CommonCustomActions\Sleep.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{AFB7DCE0-50FA-446A-9A19-EEF7F14AEBE7}\Installer\CommonCustomActions\UninstCCD.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{AFB7DCE0-50FA-446A-9A19-EEF7F14AEBE7}\Installer\CommonCustomActions\UninstPCS.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Installations\{AFB7DCE0-50FA-446A-9A19-EEF7F14AEBE7}\Installer\CommonCustomActions\UninstPCSFEMsi.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Leaf Developers\LeafGuard\0.8.5.120\csrss.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Leaf Developers\LeafGuard\0.8.5.120\smss.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Leaf Developers\LeafGuard\0.8.6.120\csrss.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\All Users\Application Data\Leaf Developers\LeafGuard\0.8.6.120\smss.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\AutoUpdate+\eGunz\UpdateClient\AutoUpdateClient.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\ijjigame\ijjistarter2.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\ijjigame\ijjistarter2FxB.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\Microsoft\Installer\{52A8B5F2-6DB5-4ECA-8367-3F42D8CAACA9}\editor_EC0AB585B2794A778BB564C403E43EE7.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\RaGEZONE\RaGEZONE\0.7.7.156\winlogon.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\RaGEZONE\RaGEZONE\0.8.3.156\leafguard.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\RaGEZONE\RaGEZONE\0.8.5.156\leafguard.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Application Data\RaGEZONE\RaGEZONE\0.8.6.156\leafguard.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Desktop\Dial-a-fix-v0.60.0.24\Dial-a-fix.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Desktop\Rasmus\Häkid\Stick Arena\flasm.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Desktop\Rasmus\rapget.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Desktop\SA Trainer.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Desktop\[9]-Submit_2008-06-07@13.18.zip Infected: Virus.Win32.Virut.n 3
C:\Documents and Settings\kasutaja\Local Settings\Apps\2.0\0CKCZ1MJ.7PN\MQ247E1A.Y5A\ener..tion_3e534e859a578a7b_0001.0000_419e777da6fd6cd2\Energy.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Apps\2.0\0CKCZ1MJ.7PN\MQ247E1A.Y5A\ener..tion_fd77b0a838dfc8da_0001.0000_776fc60b7fe333d2\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Apps\2.0\0CKCZ1MJ.7PN\MQ247E1A.Y5A\ener..tion_fd77b0a838dfc8da_0001.0000_bfc6d0b7d579f481\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Apps\2.0\0CKCZ1MJ.7PN\MQ247E1A.Y5A\pack..tion_327fe5f622394256_0001.0001_33b435ec5a974699\PackBarre.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Temp\jkos-kasutaja\binaries\ScanningProcess.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Temp\RarSFX0\AutoPlay\Docs\Portable.VB6\C2.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Temp\RarSFX0\AutoPlay\Docs\Portable.VB6\Link.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Temp\RarSFX0\AutoPlay\Docs\Portable.VB6\Vb6.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\Local Settings\Temp\RarSFX0\autorun.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\897.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\AutoUpdater Gunz\src\Visual C++\neoncube\Create.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\EQUAL HEADSHOT\Aimbot.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\EQUAL HEADSHOT\BaDBoYv4.2\BaDBoYv4.2.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\flasm16win\flasm.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Mystery Machine\Mystery Machine.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Block it!\Block it!\bin\Debug\Block it!.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Block it!\Block it!\bin\Debug\Block it!.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Block it!\Block it!\bin\Release\Block it!.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Block it!\Block it!\obj\Debug\Block it!.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Block it!\Block it!\obj\Release\Block it!.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\debug\DarkPoker.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Energy\Energy\bin\Debug\Energy.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Energy\Energy\bin\Debug\Energy.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Energy\Energy\bin\Release\Energy.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Energy\Energy\obj\Debug\Energy.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Energy\Energy\obj\Release\Energy.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\EQ\EQ\bin\Debug\EQ.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\EQ\EQ\bin\Debug\EQ.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\EQ\EQ\obj\Debug\EQ.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\firsttoshoot\debug\firsttoshoot.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\MySpacewarWin1\MySpacewarWin1\bin\x86\Debug\MySpacewarWin1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\MySpacewarWin1\MySpacewarWin1\obj\x86\Debug\MySpacewarWin1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\OmaPlayer\OmaPlayer\bin\Debug\OmaPlayer.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\OmaPlayer\OmaPlayer\bin\Debug\OmaPlayer.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\OmaPlayer\OmaPlayer\obj\Debug\OmaPlayer.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Own\Own\bin\Debug\Own.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Own\Own\bin\Release\Own.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Own\Own\obj\Release\Own.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Rs\Rs\bin\Debug\WindowsApplication1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Rs\Rs\bin\Debug\WindowsApplication1.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Rs\Rs\obj\Debug\WindowsApplication1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Runescape Server Status\Runescape Server Status\bin\Debug\Runescape Server Status.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Server Online or Offline\Server Online or Offline\bin\Debug\WindowsApplication1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Server Online or Offline\Server Online or Offline\bin\Debug\WindowsApplication1.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Server Status\Server Status\bin\Debug\Server Status.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Test\Test\bin\Debug\Test.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Test\Test\bin\Debug\Test.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Test\Test\bin\Debug\WindowsApplication1.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Test\Test\obj\Debug\Test.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\bin\Debug\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\bin\Debug\EnergyX Production.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\bin\Debug\WindowsApplication1.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\bin\Release\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\obj\Debug\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\Testtt\Testtt\obj\Release\EnergyX Production.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\WindowsApplication1\WindowsApplication1\bin\Debug\WindowsApplication1.vshost.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\WindowsApplication1\WindowsApplication1\bin\Release\WindowsApplication1.exe Infected: Virus.Win32.Virut.n 1
C:\Documents and Settings\kasutaja\My Documents\Visual Studio 2005\Projects\WindowsApplication1\WindowsApplication1\obj\Release\WindowsApplication1.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\Locator\Copy of Locator.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\Locator\Locator.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\MatchAgent\MatchAgent.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\MatchServer\MatchServer.rar Infected: Virus.Win32.Virut.n 1
C:\GunzServer\MatchServer\MatchServer_By_Emisand.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\ServerKeeper\ServerKeeper.exe Infected: Virus.Win32.Virut.n 1
C:\GunzServer\UDPChecker.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\Gunz\BAReport.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\Gunz\Gunz.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\Gunz\GunzLauncher.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\HgSoundOut.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\ijjiUninstall.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\Rounders.exe Infected: Virus.Win32.Virut.n 1
C:\ijji\ENGLISH\u_gunz.exe Infected: Virus.Win32.Virut.n 1
C:\Microgaming\Poker\TriobetMPP\MPPoker.exe Infected: Virus.Win32.Virut.n 1
C:\Microgaming\Poker\TriobetMPP\Triobet\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\NVIDIA\Win2k\163.71\English\nvudisp.exe Infected: Virus.Win32.Virut.n 1
C:\NVIDIA\Win2KXP\81.98\nvudisp.exe Infected: Virus.Win32.Virut.n 1
C:\NVIDIA\Win2KXP\91.47\nvudisp.exe Infected: Virus.Win32.Virut.n 1
C:\Perl\bin\perl5.8.8.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\AMD\Athlon 64 Processor Driver\amdcon.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\ArtMoney\artmoney.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\AvRack\rtlrack.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\CCleaner\ccleaner.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Adobe\ESD\AdobeDownloadManager.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Adobe\ESD\DLMCleanup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\bin\findkey.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\bin\hinstall.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\bin\installKey.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\bin\lmtools.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\bin\lmutil.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\etc\lmgrd.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Alias Shared\Licensing\etc\sgiawd.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft\Uninstall.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Insight Software Solutions\ISSBugRp.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Insight Software Solutions\QkStart.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Driver\10\Intel 32\IDriver.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriver2.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Driver\9\Intel 32\IDriver2.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\knlwrap.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\01\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Java\Update\Base Images\jdk1.6.0.b105\patch-jdk1.6.0_06.b02\copier.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Java\Update\Base Images\jdk1.6.0.b105\patch-jdk1.6.0_06.b02\launcher.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_06.b02\launcher.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\CamServr.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\DelDev.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\InstFiles.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\InstMed.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\Launcher.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\Setup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\Shutdown.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\SLAUNCH.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\StripInf.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Logitech\QCDRV\BIN\Update.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\Database Replication\Conflict Viewer\wzcnflct.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\Database Replication\WZCNFLCT.EXE Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\MSENV\en\VSContentInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\MSENV\VSContentInstaller.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\PROOF\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Nullsoft\ActiveX\2.6\ProxyConfig.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Common Files\Real\Update_OB\upgrdhlp.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\DivX\DivX\config.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\DivX\DivX\DivX EKG.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\ESET\Install\setup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\InstallShield Installation Information\{36BC3F0C-8777-4DB2-B2F4-7FA5250F34BA}\Setup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\InstallShield Installation Information\{B91E4360-298A-4306-9E95-9AD91A0952A1}\Setup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Internet Explorer\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\java-rmi.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\java.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\javacpl.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\javaw.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\javaws.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\keytool.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\kinit.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\klist.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\ktab.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\orbd.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\pack200.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\policytool.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\rmid.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\rmiregistry.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\servertool.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\tnameserv.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Java\jre1.6.0_05\bin\unpack200.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Macromedia\Flash 8\FlashLiteBundler.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Macromedia\Flash 8\Players\Debug\SAFlashPlayer.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Macromedia\Flash 8\Players\Release\SAFlashPlayer.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Macromedia\Flash 8\Players\SAFlashPlayer.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\mIRC\mirc.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Morpheus\Morpheus.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Movie Maker\moviemk.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Mozilla Firefox\components\Process.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\rvsezm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\MSN Gaming Zone\Windows\zclientm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\NetMeeting\cb32.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\NetMeeting\conf.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\NetMeeting\wb32.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Outlook Express\msimn.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Outlook Express\oemig50.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Outlook Express\setup50.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Outlook Express\wab.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Outlook Express\wabmig.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Plaxo\PlaxoHelper.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\RapidLeecher\RapidLeecher.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Realtek AC97\alcrmv.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Realtek AC97\alcrmv64.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Realtek AC97\ChCfg.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Realtek AC97\RTLCPL.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Realtek AC97\SoundMan.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\AdjustServiceSecurity.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MediaMgrSqlWrapper.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\cmdwrap.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlmaint.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\TechSmith\SnagIt 8\SnagItPI.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\TechSmith\SnagIt 8\SnagItPI64.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\TechSmith\SnagIt 8\TscHelp.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Toribash-3.1\data\bin\ffmpeg.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Toribash-3.1\tb.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Toribash-3.1\tb.old.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Toribash-3.1\toribash.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Virtools\3D Life Player\webplayerconfig.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\migrate.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\mplayer2.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\setup_wm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmdbexport.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmlaunch.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmpenc.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmplayer.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmpnscfg.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmpshare.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows Media Player\wmsetsdk.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows NT\Accessories\wordpad.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows NT\dialer.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows NT\hypertrm.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Windows NT\Pinball\pinball.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinRAR\Rar.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinRAR\RarExtLoader.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinRAR\Uninstall.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinRAR\UnRAR.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinZip\WZMSG.EXE Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinZip\WZQKPICK.EXE Infected: Virus.Win32.Virut.n 1
C:\Program Files\WinZip\WZSEPE32.EXE Infected: Virus.Win32.Virut.n 1
C:\Program Files\Xfire\66.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\XviD\AviC.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\XviD\MiniCalc.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\XviD\OGMCalc.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\XviD\StatsReader.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\XviD\vidccleaner.exe Infected: Virus.Win32.Virut.n 1
C:\Program Files\Zenographics\{F3BE2316-8FB7-4C1D-8509-1714EBA22D08}\setup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB873339\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB873339\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885250\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885250\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885835\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885835\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885836\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB885836\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB886185\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB886185\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB887472\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB887472\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB887742\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB887742\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB888113\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB888113\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB888302\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB888302\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB891781\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB891781\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB905915\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB908531\SP2QFE\verclsid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB912812\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB916281\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB918899\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB920213\SP2QFE\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB922582\SP2QFE\fltmc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB925720\SP2QFE\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB931836\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB942763\SP3GDR\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB942763\SP3QFE\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB947864\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$hf_mig$\KB950759\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$MSI31Uninstall_KB893803v2$\msiexec.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB873339$\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB873339$\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB885836$\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB885836$\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB888302$\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB888302$\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB891781$\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB891781$\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB893756$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896358$\hh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896358$\hh.exe.000 Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896423$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896423$\spoolsv.exe.000 Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896428$\telnet.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB896428$\telnet.exe.000 Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB899587$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB899591$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB900725$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB901017$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB902400$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB902400$\migregdb.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB905414$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB905749$\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB908531$\verclsid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB908531$\verclsid.exe.000 Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB918899_0$\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB920213$\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB922582$\fltmc.exe.000 Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB925720$\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB925720$\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB925720$\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB925720$\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB938828$\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB942763$\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB947864$\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallKB950759$\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\$NtUninstallWMFDist11$\logagent.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\$NtUninstallWMFDist11$\uwdf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\$NtUninstallWMFDist11$\wdfmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\$NtUninstallWMFDist11$\wmsetsdk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\setup_wm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\unregmp2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\wmlaunch.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\wmpenc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\$NtUninstallwmp11$\wmplayer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Alcrmv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\alcupd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\CABARC.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Downloaded Installations\Macromedia Dreamweaver 8\DW_Client_Installer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Downloaded Installations\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\iTunesSetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Downloaded Program Files\dwusplay.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\hh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\msfeedssync.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\mshta.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7\winfxdocobj.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7updates\KB928090-IE7\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7updates\KB928090-IE7\ieudinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\ie7updates\KB928090-IE7\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\inf\unregmp2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{0837A661-FEC3-48B3-876C-91E7D32048A9}\DWARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{1C08A24C-B168-407E-A826-68FAF5F20710}\ARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{2BD5C305-1B27-4D41-B690-7A61172D2FEB}\ARPPRODUCTICONFL8.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}\icon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{524228C9-826F-4B58-9E47-4F2E5C7E9F45}\Icon55367664.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}\EMARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{59C4F14F-7590-45FC-BE9F-A67AB3590709}\NewShortcut4_8C3BCD70236347B8A53EEE8A82FD5C78.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\ARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\Comrade.exe_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut7_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}\NewShortcut8_CD7D16AA9DCA4A66A4ABF9C1BE60B1B5.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{6EA41A86-7C9C-4DDC-BAD6-6C276C7D8661}\ARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{6EA41A86-7C9C-4DDC-BAD6-6C276C7D8661}\NewShortcut1_4.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{6EA41A86-7C9C-4DDC-BAD6-6C276C7D8661}\NewShortcut4.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{784E6B0F-00EC-4950-95A2-BBA64F44EC48}\Icon16CBC2751.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{784E6B0F-00EC-4950-95A2-BBA64F44EC48}\Icon16CBC2753.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{784E6B0F-00EC-4950-95A2-BBA64F44EC48}\IconEF5C4888.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{789289CA-F73A-4A16-A331-54D498CE069F}\Icon789289CA.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}\ARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}\ARPPRODUCTICONFLV1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{8E8B88CB-2B90-455F-85F4-5CDFDA08E168}\ARPPRODUCTICON.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{8E8B88CB-2B90-455F-85F4-5CDFDA08E168}\NewShortcut1_7CD22B65921A4E498E3E3DDBA3665BE6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{8E8B88CB-2B90-455F-85F4-5CDFDA08E168}\NewShortcut2_7CD22B65921A4E498E3E3DDBA3665BE6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{950A8D14-C48E-4508-B377-1EA45A18FA3D}\Icon16CBC2751.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{B0C30E93-D3D9-4F04-A2AC-54749B573275}\NewShortcut31_96B87C3D64854A7D96EBB2C8CB752619.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{B0C30E93-D3D9-4F04-A2AC-54749B573275}\NewShortcut3_96B87C3D64854A7D96EBB2C8CB752619.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C04E32E0-0416-434D-AFB9-6969D703A9EF}\icon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\NewShortcut3_C0B0FA55D4E943749871BBFBF2AEF0D1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\NewShortcut4_C0B0FA55D4E943749871BBFBF2AEF0D1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe1_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}\pando.exe_ED0ECD11C6AB405E9A06D25E96BD6FD7.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{C2C99466-8BD9-48CB-9E36-727E63E5D2F3}\lmtools.9778550C_E26A_4334_B4D1_F54578B97625.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF11.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF13.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}\IconCDDCBBF15.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\Icon0E6AB9FC1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}\IconDED53B0B1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\sbase.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\scalc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\sdraw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\simpress.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\smath.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\soffice.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Installer\{EF9BBD13-BA93-440B-AD9E-857CE59A9F79}\swriter.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\IsUninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\iun6002.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\msagent\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\mui\muisetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\N0063A2A7-Mortal Kombat 4-Setup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\notepad.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\helphost.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\helpsvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\hscupd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\helpctr\binaries\notiflag.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\pchealth\UploadLB\Binaries\uploadm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\regedit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SDUnInst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0ad26524c298df9a41026d3b49a38936\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2GDR\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2GDR\ieudinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2GDR\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2QFE\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2QFE\ieudinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0e573dbed32e8bd8f7ba833ffcfb788c\SP2QFE\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2gdr\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2gdr\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2gdr\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2gdr\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2qfe\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2qfe\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2qfe\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0eaed8d713d78954a90c813a5e2c5934\sp2qfe\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2gdr\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\sp2qfe\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\0fd33c77398fa2b50df56456525ef5c3\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\29fac2778ef9276807b5af52b3f981b9\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\29fac2778ef9276807b5af52b3f981b9\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\2d96d8aba9a2dff89a10de77705d6434\sp2gdr\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\2d96d8aba9a2dff89a10de77705d6434\sp2qfe\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2gdr\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\44d74c37f0595a363bcec5e9229d8564\sp2qfe\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\48a70a151a3d9c31b7f015a321520ae4\SP2GDR\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\48a70a151a3d9c31b7f015a321520ae4\SP2QFE\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\48a70a151a3d9c31b7f015a321520ae4\SP3GDR\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\48a70a151a3d9c31b7f015a321520ae4\SP3QFE\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\4a70167257b9ec465806ced7f92b65d8\sp2gdr\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\4a70167257b9ec465806ced7f92b65d8\sp2qfe\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\4f34fed83363df83031761e8fceb73ae\sp2gdr\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\4f34fed83363df83031761e8fceb73ae\sp2qfe\iedw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\626eacb7c8acf36c15d9f790ff9b994b\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\626eacb7c8acf36c15d9f790ff9b994b\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\660425732726e9b33577f4657b36117d\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\6d16348987bfa3ee3fd983361ac371cb\sp2gdr\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\6d16348987bfa3ee3fd983361ac371cb\sp2qfe\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\843953281f8497f8e20b19c4e3fe3e01\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\86a5d4ec598b957d3e4d2a7951b2c258\sp2gdr\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\86a5d4ec598b957d3e4d2a7951b2c258\sp2qfe\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\88d647f371042dbee1feee96bacd6e4c\unregmp2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\8bc88a7fbc35ebd8d6b9dff49c373dd7\sp2gdr\hh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\8bc88a7fbc35ebd8d6b9dff49c373dd7\sp2qfe\hh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2gdr\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2gdr\ieudinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2gdr\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2qfe\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2qfe\ieudinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\9489e810bc136788bfeb9b68b0d7dfee\sp2qfe\iexplore.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\94d4564c331fd50de11e52451ac2e679\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\ad9c4c2a779933f83b51a49a2c88838d\msiexec.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\c1fd7fbb2b63f1c80fc27f2df1ef6fcd\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\c1fd7fbb2b63f1c80fc27f2df1ef6fcd\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\c97484bc3f0a909669b5abb5a1bd9a86\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\cb2769f3b1daf367a31ed046299a3790\sp2gdr\verclsid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\cb2769f3b1daf367a31ed046299a3790\sp2qfe\verclsid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\sp2qfe\migregdb.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\dca9d8a1ecbaf4bd0e18d083156f30c9\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\dfeddbe03266add4998ad4eea2bf3073\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\dfeddbe03266add4998ad4eea2bf3073\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\ec4eaabcd12e69f3a00a5aee112d61fd\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\ee626d72680ff2619246a1cf5516f892\sp2gdr\telnet.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\ee626d72680ff2619246a1cf5516f892\sp2qfe\telnet.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\f296928eb21d756b3a2e1cf07fba47dd\spuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\f296928eb21d756b3a2e1cf07fba47dd\update\update.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\SoftwareDistribution\Download\f7a4b3723a3aad7955ede9785b307e88\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\soundman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\accwiz.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\actmovie.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Adobe\Shockwave 11\SwInit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Adobe\Shockwave 11\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ahui.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\arp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\asr_fmt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\asr_ldm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\asr_pfu.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\at.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\atmadm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\attrib.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\auditusr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\bkEur04\bkEur041066.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\blastcln.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\bootcfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\bootok.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\bootvrfy.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cacls.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\calc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\CF9875.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\charmap.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ChCfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\chkdsk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\chkntfs.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cidaemon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cipher.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cisvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ckcnv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cleanmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cliconfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\clipbrd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\clipsrv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cmd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cmdl32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cmmon32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cmstp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Com\comrepl.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Com\comrereg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\comp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\compact.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\conime.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\control.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\convert.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Copy of GkSui18.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\cscript.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ctfmon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dcomcnfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ddeshare.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\defrag.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dfrgfat.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dfrgntfs.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\diantz.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\diskpart.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\diskperf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\DivXCodecUpdateChecker.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\DivXsm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\agentsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\explorer.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\PrintFilterPipelineSvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllcache\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllhost.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dllhst3g.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dmadmin.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dmremote.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\doskey.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dplaysvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dpnsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dpvsetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\driverquery.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\drmupgds.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\DRVSTORE\clj2600_95D4A75F150A52E7585758A86DE2105B7FD2BB1A\ZHHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\DRVSTORE\clj2600_95D4A75F150A52E7585758A86DE2105B7FD2BB1A\ZSHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\drwtsn32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dumphive.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dumprep.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dvdplay.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dvdupgrd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dwwin.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\dxdiag.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\esentutl.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\eudcedit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\eventcreate.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\eventtriggers.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\eventvwr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\expand.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\extrac32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\find.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\findstr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\finger.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fixmapi.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fltmc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fontview.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\forcedos.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\freecell.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fsquirt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\fsutil.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ftp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\getmac.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\gpresult.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\gpupdate.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\grpconv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\help.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\hostname.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\iexpress.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ijjiSetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\imapi.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\insrepim.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\InstMed.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ipconfig.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ipsec6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ipv6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ipxroute.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\java.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\javaw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\javaws.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\keystone.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\label.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\lights.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\lnkstub.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\locator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\lodctr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\logagent.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\logman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\logoff.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\logon.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\logonui.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\lpq.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\lpr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Macromed\Shockwave 8\QuitRemote.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Macromed\Shockwave 8\SwInit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Macromed\Shockwave 8\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\magnify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\makecab.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\migpwd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mmc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mnmsrvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mobsync.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mountvol.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mplay32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mpnotify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mqbkup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mqsvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mqtgsvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mrinfo.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\msdtc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\msg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mshearts.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mshta.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\msiexec.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\msiregmv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mspaint.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\msswchx.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mstinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\mstsc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\myodbc3i.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\myodbc3m.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\narrator.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nbtstat.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nddeapir.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\net.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\net1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\netdde.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\netsetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\netsh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\netstat.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\notepad.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\npp\nppagent.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nslookup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ntbackup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ntsd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ntvdm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvappbar.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvcolor.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvcplui.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvdspsch.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvsvc32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvudisp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvugart.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvuide.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\NVUninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvunrm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nvusmb.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nwiz.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\nwscript.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\odbcad32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\odbcconf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\oobe\msoobe.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\oobe\oobebaln.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\openfiles.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\osk.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\osuninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\packager.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\pathping.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\pbsvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\pentnt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\perfmon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ping.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ping6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\powercfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\print.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\progman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\proquota.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\proxycfg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\pxcpyi64.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\qappsrv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\qprocess.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\qwinsta.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rasautou.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rasdial.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rasphone.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rcimlby.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rcp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rdpclip.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rdsaddin.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rdshost.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\recover.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\reg.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\regedt32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\regini.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\regsvr32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\REGTLIB.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\regwiz.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\relog.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\replace.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\reset.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Restore\rstrui.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Restore\srdiag.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rexec.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\RNBOSENT\SETUPX86.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\route.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\routemon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsh.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsmsink.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsmui.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsnotify.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsopprov.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rsvp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rtcshare.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\RTLCPL.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\runas.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rundll32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\runonce.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\rwinsta.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\savedump.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\scardsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\schtasks.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\scrnsave.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sdbinst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\secedit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sessmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sethc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\setup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sfc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\shadow.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\shmgrate.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\shrpubw.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\shutdown.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sigverif.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\skeys.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\smbinst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\smlogsvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sndrec32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sndvol32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Snowman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\Snowman.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sol.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sort.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spider.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spiisupd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spnpinst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\ZSHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\ZSPOOL32.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\3\ZUNINST.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSPOOL32.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZUNINST.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spool\prtprocs\w32x86\PrintFilterPipelineSvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ss3dfo.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssbezier.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssflwbox.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssmarque.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssmypics.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssmyst.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sspipes.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ssstars.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sstext3d.scr Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\SteamReg2XML.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\stimon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\subst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\syncapp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\syskey.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\sysocmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\systeminfo.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\systray.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\taskkill.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tasklist.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\taskman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\taskmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tcmsetup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tcpsvcs.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\telnet.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tftp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tlntadmn.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tlntsess.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tlntsvr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tourstart.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tracerpt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tracert.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tracert6.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tscon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tscupgrd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tsdiscon.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tskill.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tsshutdn.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\typeperf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\tzchange.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\unlodctr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\upnpcont.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ups.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\userinit.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usmt\migload.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usmt\migwiz.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usmt\migwiza.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usmt\migwiz_a.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usrmlnka.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usrprbda.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\usrshuta.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\utilman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\uwdf.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\verclsid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\verifier.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\vssadmin.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\vssvc.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\VT100.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\w32tm.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\mofcomp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\scrcons.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\unsecapp.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\wbemtest.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\winmgmt.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\wmiadap.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\wmic.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wbem\wmiprvse.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wdfmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wextract.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\WhoisCL.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wiaacmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\winhlp32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\winmine.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\winmsd.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\winver.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\WISPTIS.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wpabaln.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wpdshextautoplay.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wpnpinst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\write.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wscntfy.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wscript.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wuauclt1.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\WudfHost.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\wupdmgr.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\xcopy.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\xmlinst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\XP.genuine.advantage.validation.v1.5.532.0-multi.lang.patch.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\ZHHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\system32\zSHP2600.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\taskman.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\twain_32\LogiVid\HVideoS2.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\twain_32\LogiVid\InstVid.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\twunk_32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\UnGins.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\uninst.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\uninstall\Satellite TV for PC Elite\setup.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\UninstallFirefox.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\unvise32.exe Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\Vf2KUist.EXE Infected: Virus.Win32.Virut.n 1
C:\WINDOWS\winhlp32.exe Infected: Virus.Win32.Virut.n 1
D:\600154a61fbb70883e\update\iereseticons.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\abyssws.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\adn\FCGIDotNet_1_1.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\adn\FCGIDotNet_2_0.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\comp-err.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\isamchk.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\myisamchk.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\myisamlog.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\myisampack.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\myisam_ftdump.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysql.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqladmin.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlbinlog.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlcheck.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld-debug.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld-max-nt.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld-max.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld-nt.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqld.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqldump.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlimport.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\MySQLInstanceConfig.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlshow.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlshutdown.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqltest.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysqlwatch.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\mysql_client_test.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\my_print_defaults.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\pack_isam.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\perror.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\database\mysql\bin\replace.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\htdocs\RSMInit.exe Infected: Virus.Win32.Virut.n 1
D:\Abyss Web Server\htdocs\VB.Files.Pack.ResR.1.35.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\ab.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\htcacheclean.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\htdbm.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\htdigest.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\htpasswd.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\logresolve.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\rotatelogs.exe Infected: Virus.Win32.Virut.n 1
D:\Apache Software Foundation\Apache2.2\bin\wintty.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268060.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268061.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268062.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268063.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268064.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268076.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268199.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268200.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268201.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268202.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268208.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268224.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0268230.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270199.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270200.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270201.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270202.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270208.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0270228.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271216.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271221.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271227.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271262.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271263.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271266.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271273.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271279.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271283.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271284.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271286.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271315.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271320.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271324.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271326.exe Infected: Virus.Win32.Virut.n 1
D:\backup\System Volume Information\_restore{F990F01E-F96E-4A92-9B37-7C9B430996C0}\RP223\A0271351.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB834707\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB834707\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB867282\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB867282\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB873333\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB873333\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB873339\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB873339\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB883939\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885250\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885250\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885835\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885835\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885836\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB885836\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB886185\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB886185\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB887472\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB887472\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB887742\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB887742\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB888113\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB888113\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB888302\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB888302\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB890047\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB890047\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB890175\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB890175\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB891781\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB891781\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB893756\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896358\SP2QFE\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896423\SP2QFE\spoolsv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896423\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896424\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896428\SP2QFE\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896688\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896688\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896727\SP2QFE\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB896727\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB899587\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB899588\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB899589\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB899591\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB900725\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB901017\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB902400\SP2QFE\migregdb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB902400\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB904706\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB905414\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$hf_mig$\KB905749\update\arpidfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$MSI31Uninstall_KB893803$\msiexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB828741$\comrepl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB828741$\migregdb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB828741$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB834707$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB834707-IE6SP1-20040929.091901$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB835732$\helpctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB835732$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB840987$\ntvdm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB840987$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB840987$\winlogon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB842773$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB867282$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB883939$\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB887472$\msmsgs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB887742$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB890047$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB890175$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB896358$\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB896423$\spoolsv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB896428$\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB896688$\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\$NtUninstallKB896727$\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\alcrmv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\alcupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\cadkasdeinst01e.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\dia2dump.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\explorer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\fjh.006 Infected: not-a-virus:Monitor.Win32.Ardamax.20 1
D:\backup\WINDOWS\fjh.007 Infected: not-a-virus:Monitor.Win32.Ardamax.20 1
D:\backup\WINDOWS\GPInstall.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\CvtPdb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Export2BSYM.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Map2BSYM.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Release\bin\regini.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Release\Sync.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Sync.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\UndocInc\undoc2\ntqsi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\Cleaner\cleaner.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\dia2dump.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\Export2BSYM\Export2BSYM.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\Expr\calc_tab.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\ModList\modlist.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\TestBPX\aaa.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\TestPDB\DumpPdbAll.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Gunzivärk\Utils\TestPDB\DumpPdbClean.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\inf\regl3acm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\inf\unregmp2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\sbase.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\scalc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\sdraw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\simpress.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\smath.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\soffice.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{1734C6DF-C48A-46F0-8EA3-C5BBDBBB9B76}\swriter.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}\places.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{8AD2EA30-5049-11D4-A08E-0080AD97BBF5}\Icon8AD2EA30.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\accicons.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\cagicon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\inficon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\misc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\mspicons.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\oisicon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\opwicon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\outicon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pptico.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\pubs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\unbndico.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\wordicon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{90110409-6000-11D3-8CFE-0150048383C9}\xlicons.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{C8E60E40-D198-4362-A2D9-4F82A9D110F8}\NewShortcut1_C8E60E40D1984362A2D94F82A9D110F8.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{C8E60E40-D198-4362-A2D9-4F82A9D110F8}\NewShortcut3_C8E60E40D1984362A2D94F82A9D110F8.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{C9EDC6B9-DD2F-4C13-8570-2D17229B1932}\NewShortcut4_C9EDC6B9DD2F4C1385702D17229B1932.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{C9EDC6B9-DD2F-4C13-8570-2D17229B1932}\NewShortcut5_C9EDC6B9DD2F4C1385702D17229B1932.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814234.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}\IconE9F814236.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{F8EAF733-396C-4974-BDCC-F43FC7361E3B}\NewShortcut10.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{F8EAF733-396C-4974-BDCC-F43FC7361E3B}\NewShortcut11.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{F8EAF733-396C-4974-BDCC-F43FC7361E3B}\NewShortcut15.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{F8EAF733-396C-4974-BDCC-F43FC7361E3B}\NewShortcut2_1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Installer\{F8EAF733-396C-4974-BDCC-F43FC7361E3B}\NewShortcut4.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\IsUninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\iun505.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\LastGood\system32\nvsvc32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\LOGI_MWX.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\NETFXSBS10.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CasPol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\csc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\cvtres.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\gacutil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\IEExec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ilasm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\InstallUtil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\jsc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ngen.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegAsm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\RegSvcs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v1.1.4322\vbc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\AppLaunch.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_compiler.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_regbrowsers.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_regiis.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_regsql.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_state.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\aspnet_wp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\CasPol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\csc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\cvtres.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\dfsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\IEExec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\ilasm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\InstallUtil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\jsc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\Microsoft .NET Framework 2.0 Beta 2\install.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\MSBuild.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\mscorsvw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\ngen.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\RegAsm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\RegSvcs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\regtlibv12.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Microsoft.NET\Framework\v2.0.50215\vbc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\msagent\agentsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\mui\muisetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\NMWizard16.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\notepad.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\helpsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\hscupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\HelpCtr\Binaries\notiflag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\PCHealth\UploadLB\Binaries\uploadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\regedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}\setup_wm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{3FDF25EE-E592-4495-8391-6E9C504DAC2B}$BACKUP$\System\setup_wm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\uwdf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wdfmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\logagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}$BACKUP$\System\logagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\migrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\unregmp2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmlaunch.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmpenc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}\wmplayer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\migrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\unregmp2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\RegisteredPackages\{DD90D410-1823-43EB-9A16-A2331BF08799}$BACKUP$\System\wmplayer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\replace.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Setup1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\slrundll.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\191c899196624d7a81a735dad2332655\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\191c899196624d7a81a735dad2332655\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\3ab3c750096febe50fc47ce46ea0b9dc\msiexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\453a5dd959bf8c3148eb54e4e1aff1d8\sp1qfe\ntvdm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\453a5dd959bf8c3148eb54e4e1aff1d8\sp1qfe\winlogon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\453a5dd959bf8c3148eb54e4e1aff1d8\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\453a5dd959bf8c3148eb54e4e1aff1d8\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\4ccf4a2462348f838bd9af0b23c2a74e\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\4ccf4a2462348f838bd9af0b23c2a74e\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\accwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\actmovie.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\admin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\agentsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ahui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\alg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\aspnet_regiis.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\aspnet_wp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\asr_fmt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\at.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\atmadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\auditusr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\author.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\blastcln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\caspol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cfgwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cipher.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cisvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cleanmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cliconfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\clipbrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\clipsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cmd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cmdl32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cmmon32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cmstp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\comrepl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\conf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\conime.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\csc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\cscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ctfmon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\davcdata.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ddeshare.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\defrag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dfrgfat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dfrgntfs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dialer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\diantz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\diskpart.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dlimport.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dllhost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dmadmin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dmremote.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dplaysvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dpnsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dpvsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dumprep.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dvdupgrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dwwin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\dxdiag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\eudcedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\evcreate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\evntcmd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\evntwin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\explorer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\extrac32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\faxpatch.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\findstr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fltmc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fontview.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fp98sadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fp98swin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fpadmcgi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fpcount.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fpremadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fpsrvadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fsquirt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ftp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fxsclnt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fxscover.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\fxssvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\gprslt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\grpconv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\helpctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\helpsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\hscupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\icwconn1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\icwconn2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\icwrmind.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ieexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\iexplore.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\iexpress.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\iisrstas.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ilasm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\imapi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\inetin51.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\inetwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\installutil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\asr_pfu.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\comsdupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\secedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ip\spiisupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ipconfig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ipv6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ipxroute.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\irftp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\jsc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\cintsetp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\cplexe.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjpdct.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjpdsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjpmig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjprw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imjputy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\imscinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\pintlphr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\tintlphr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lang\tintsetp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\locator.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\logagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\logman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\logon.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\logonui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\lsass.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\magnify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\makecab.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\migload.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\migrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\migregdb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\migwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\migwiz_a.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mmc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mnmsrvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mobsync.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mofcomp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\moviemk.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mplay32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mplayer2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mqbkup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mqsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mqtgsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msconfig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msdtc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mshta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msiexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msimn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msiregmv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\msmsgs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mspaint.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mstinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\mstsc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\muisetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\narrator.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\nddeapir.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\net.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\net1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\netdde.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\netfxupdate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\netsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\netsh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\netstat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ngen.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\notepad.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\nppagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\nslookup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ntbackup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ntvdm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\odbcad32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\odbcconf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\oemig50.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\oobebaln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\opnfiles.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\osk.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\packager.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\perfmon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\pinball.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ping.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\powercfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\progman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\proquota.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\proxycfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\qprocess.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rasphone.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rcimlby.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rcp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rdpclip.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rdsaddin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rdshost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\reg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\regasm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\regedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\regsvcs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\regsvr32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rsh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rsnotify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rstrui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rtcshare.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\rundll32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\runonce.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\savedump.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\scardsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\scrcons.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\scrnsave.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sctasks.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sdbinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\services.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sessmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sethc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\setregni.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\setup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\setup50.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\setup_wm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\shmgrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\shrpubw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\shtml.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\shutdown.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sigverif.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\skeys.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\slrundll.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\slserv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\smbinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\smi2smir.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\smlogsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sndrec32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\snmp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\snmptrap.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spdwnwxp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spider.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spnpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spoolsv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spupdsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\spupdwxp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ss3dfo.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssbezier.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssflwbox.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssmarque.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssmypics.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssmyst.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sspipes.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ssstars.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sstext3d.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\stimon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\stub_fpsrvadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\stub_fpsrvwin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\svchost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\sysocmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\taskmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tcptest.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tlntadmn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tlntsess.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tlntsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\togac.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tourstrt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tp4mon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tracerpt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tracert.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\tscupgrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\unregmp2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\fixccs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\nv4prep.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\spnpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\uploadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\upnpcont.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\ups.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\userinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\utilman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\vbc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\vssvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wab.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wabmig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wbemtest.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wextract.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wiaacmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\winhlp32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\winlogon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\winver.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wmiadap.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wmiapsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wmic.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wmiprvse.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wmplayer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wordpad.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wpabaln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wpnpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wscntfy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wuauclt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\wuauclt1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989\xcopy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6d87f6908e2968128604c42e4d41df18\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6d87f6908e2968128604c42e4d41df18\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ddf94f5c8129ac27a2cd55cfb9e0783\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\6ddf94f5c8129ac27a2cd55cfb9e0783\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\7836a736d6b95fcdff4bc2fe922c8b17\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\7836a736d6b95fcdff4bc2fe922c8b17\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\836d3968070ab62a086b67f1c6e551d1\sp2gdr\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\836d3968070ab62a086b67f1c6e551d1\sp2qfe\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\85edc023096735764b42f7ffe25be521\msiexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\88fdd08cff3165ea248229dabb1bb718\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\88fdd08cff3165ea248229dabb1bb718\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9093e8d3e790b5dec631e4416d3eb283\sp2gdr\msmsgs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9093e8d3e790b5dec631e4416d3eb283\sp2qfe\msmsgs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9093e8d3e790b5dec631e4416d3eb283\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9093e8d3e790b5dec631e4416d3eb283\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9c33f79f1ccc143cdb6301de7496f087\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\9c33f79f1ccc143cdb6301de7496f087\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\ba9db119144ce9819b1207b8813c5f09\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\ba9db119144ce9819b1207b8813c5f09\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c18f704c05de93348e71fb7005eeea05\sp2gdr\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c18f704c05de93348e71fb7005eeea05\sp2qfe\iedw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c9057d3faf4a326a2fefff7bde9fec31\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c9057d3faf4a326a2fefff7bde9fec31\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c9bf12dbe4014749ca9bd94c51618107\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\c9bf12dbe4014749ca9bd94c51618107\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\cadf7c8240793a561791dc3bd3e91a5e\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\cadf7c8240793a561791dc3bd3e91a5e\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\d0cba3879be069dcb3baf4851afcf42d\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\d0cba3879be069dcb3baf4851afcf42d\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\e85f60fa51e40d03873c40d08cf4725c\spuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\e85f60fa51e40d03873c40d08cf4725c\update\update.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\ee626d72680ff2619246a1cf5516f892\sp2gdr\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SoftwareDistribution\Download\ee626d72680ff2619246a1cf5516f892\sp2qfe\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\SOUNDMAN.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\ST6UNST.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\accwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\actmovie.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ahui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\alg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\arp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\asr_fmt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\asr_ldm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\asr_pfu.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\at.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\atmadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\attrib.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\auditusr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\AVASTSS.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\blastcln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\bootcfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\bootok.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\bootvrfy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cacls.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\calc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\charmap.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\chkdsk.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\chkntfs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cidaemon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cipher.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cisvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ckcnv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cleanmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cliconfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\clipbrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\clipsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cmd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cmdl32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cmmon32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cmstp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Com\comrepl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Com\comrereg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\comp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\compact.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\comsdupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\conime.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\control.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\convert.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\cscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ctfmon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dcomcnfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ddeshare.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\defrag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dfrgfat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dfrgntfs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\diantz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\diskpart.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\diskperf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\arp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\asr_ldm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\attrib.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\bckgzm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\bootcfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\bootok.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\bootvrfy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cacls.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\calc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cb32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\change.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\charmap.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chglogon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chgport.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chgusr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chkdsk.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chkntfs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\chkrzm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cidaemon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cintsetp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\ckcnv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\comp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\compact.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\comrereg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\control.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\convert.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\convlog.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cplexe.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\cprofile.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\dcomcnfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\diskperf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\dllhst3g.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\doskey.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\drvqry.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\drwtsn32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\esentutl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\eventvwr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\evtrig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\EXCH_regtrace.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\expand.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\fc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\find.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\finger.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\fixmapi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\flattemp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\forcedos.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\freecell.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\fsutil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\fxssend.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\getmac.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\gpupdate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\help.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\helphost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\hostname.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\hrtzzm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\icwtutor.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\iisreset.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\iissync.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imekrmig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imepadsv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpdadm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpdct.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpdsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpmig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjprw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjpuex.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imjputy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imkrinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\imscinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\inetmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\ipsec6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\isignup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\label.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\lights.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\lnkstub.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\lodctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\logagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\logoff.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\lpq.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\lpr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\migisol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\migrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mountvol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mplayer2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mpnotify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mrinfo.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\msg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mshearts.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\msinfo32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\msoobe.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\msswchx.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\mtstocom.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\nbtstat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\notiflag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\ntsd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\nwscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\oemig50.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\osuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\pathping.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\pentnt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\ping6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\pintlphr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\print.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\qappsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\query.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\quser.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\qwinsta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rasautou.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rasdial.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\recover.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\regedt32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\regini.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\register.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\regwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\relog.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\replace.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\reset.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\route.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\routemon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rsm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rsmsink.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rsmui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rsopprov.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rsvp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\runas.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rvsezm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\rwinsta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sapisvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\setup50.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\setup_wm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sfc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\shadow.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\shvlzm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sndvol32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sort.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\srdiag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\subst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\syncapp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\sysinfo.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\syskey.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\systray.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\taskkill.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tasklist.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\taskman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tcmsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tcpsvcs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tftp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tintlphr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tintsetp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tracert6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tscon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tsdiscon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tskill.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tsprof.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\tsshutdn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\typeperf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\unlodctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\unregmp2.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\unsecapp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\verifier.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\vssadmin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\w32tm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\wabmig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\wb32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\winhstb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\winmgmt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\winmine.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\winmsd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\wmplayer.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\wmpstub.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\write.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\wupdmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllcache\zclientm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllhost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dllhst3g.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dmadmin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dmremote.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\doskey.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dplaysvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dpnsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dpvsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\driverquery.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\drwtsn32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dumprep.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dvdplay.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dvdupgrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dwwin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\dxdiag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\esentutl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\eudcedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\eventcreate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\eventtriggers.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\eventvwr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\expand.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\extrac32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\faxpatch.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\find.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\findstr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\finger.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fixmapi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fltmc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fontview.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\forcedos.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\freecell.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fsquirt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\fsutil.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ftp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\getmac.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\gpresult.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\gpupdate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\grpconv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\help.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\hh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\hostname.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ie4uinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\iexpress.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\imapi.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ipconfig.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ipsec6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ipv6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ipxroute.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\java.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\javaw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\javaws.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\keystone.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\label.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lights.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lnkstub.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\locator.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lodctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\logagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\logman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\logoff.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\logon.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\logonui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lpq.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lpr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\lsass.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Macromed\Shockwave 10\SwInit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Macromed\Shockwave 10\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\magnify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\makecab.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mbrcpl.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\migisol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\migpwd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mmc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\MMTray.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mnmsrvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mobsync.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mountvol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mplay32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mpnotify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mqbkup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mqsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mqtgsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mrinfo.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\msdtc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\msg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mshearts.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mshta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\msiexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\msiregmv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mspaint.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\msswchx.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mstinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mstsc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\mtstocom.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\narrator.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nbtstat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nddeapir.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\NeroCheck.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\net.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\net1.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\netdde.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\netsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\netsh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\netstat.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Nod32cc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\notepad.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\npcopyv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\npdownv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\npp\nppagent.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nslookup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ntbackup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ntsd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ntvdm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvappbar.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvcolor.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvdspsch.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvsvc32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvudisp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvugart.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvuide.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\NVUninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvunrm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nvusmb.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\nwscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\odbcad32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\odbcconf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\oobe\msoobe.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\oobe\oobebaln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\openfiles.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\osk.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\osuninst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\packager.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\pathping.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\pentnt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\perfmon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ping.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ping6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\powercfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\print.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\progman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\proquota.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\proxycfg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\pxhpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\qappsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\qprocess.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\QuickTime\QTPluginInstaller.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\QuickTime\QuickTimeUpdateHelper.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\qwinsta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rasautou.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rasdial.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rasphone.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rcimlby.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rcp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rdpclip.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rdsaddin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rdshost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\recover.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\reg.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\regedt32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\regini.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\regsvr32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\regwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\relog.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\replace.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\reset.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Restore\rstrui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\Restore\srdiag.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rexec.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\route.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\routemon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsh.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsmsink.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsmui.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsnotify.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsopprov.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rsvp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rtcshare.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\RTLCPL.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\runas.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rundll32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\runonce.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\rwinsta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\savedump.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\scardsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\schtasks.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\scrnsave.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sdbinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\secedit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\services.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sessmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sethc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\setup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sfc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\shadow.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\shmgrate.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\shrpubw.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\shutdown.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sigverif.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\skeys.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\slrundll.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\slserv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\smbinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\smlogsvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sndrec32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sndvol32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sol.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sort.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spdwnwxp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spider.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spiisupd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spnpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\3\ZSHP2600.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\3\ZSPOOL32.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\3\ZUNINST.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSHP2600.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZSPOOL32.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\hewlett_packardhp_co67f9\ZUNINST.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\zshp2600.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\ZSPOOL32.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spool\drivers\w32x86\ZUNINST.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spoolsv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\spupdwxp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ss3dfo.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssbezier.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssflwbox.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssmarque.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssmypics.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssmyst.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sspipes.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ssstars.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sstext3d.scr Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\stimon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\subst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\svchost.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\syncapp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\syskey.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\sysocmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\systeminfo.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\systray.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\taskkill.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tasklist.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\taskman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\taskmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tcmsetup.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tcpsvcs.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\telnet.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tftp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tlntadmn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tlntsess.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tlntsvr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tourstart.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tracerpt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tracert.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tracert6.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tscon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tscupgrd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tsdiscon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tskill.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\tsshutdn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\typeperf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\UAService7.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\UniClear.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\unlodctr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\UNWISE.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\upnpcont.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\ups.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\URTTEMP\regtlib.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\userinit.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usmt\migload.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usmt\migwiz.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usmt\migwiz_a.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usrmlnka.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usrprbda.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\usrshuta.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\utilman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\uwdf.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\verifier.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\vssadmin.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\vssvc.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\w32tm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\mofcomp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\scrcons.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\unsecapp.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\wbemtest.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\winmgmt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\wmiadap.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\wmiapsrv.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\wmic.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wbem\wmiprvse.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wdfmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wextract.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wiaacmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\winhlp32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\winlogon.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\winmine.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\winmsd.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\winver.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\WISPTIS.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wmpstub.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wpabaln.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wpnpinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\write.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wscntfy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wscript.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\wupdmgr.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\xcopy.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\xmlinst.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\xpsp1hfm.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\zhhp2600.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\system32\zshp2600.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\taskman.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Temp\AtiCimUn.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\twunk_32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\uinst001.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\UnGins.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\UninstallFirefox.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\unvise32.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\unvise32qt.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\Vf2KUist.EXE Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\wb\Mplaynow.exe Infected: Virus.Win32.Virut.n 1
D:\backup\WINDOWS\winhlp32.exe Infected: Virus.Win32.Virut.n 1
D:\BSPlayer\BS.player.Pro.v142H.Retail\AboutUS.exe Infected: Virus.Win32.Virut.n 1
D:\BSPlayer\BS.player.Pro.v142H.Retail\bsplayer.exe Infected: Virus.Win32.Virut.n 1
D:\BSPlayer\BS.player.Pro.v142H.Retail\keygen.exe Infected: Virus.Win32.Virut.n 1
D:\Command & Conquer 3 Kane's Wrath\#readme#\CC3-dummy\regsetup.exe Infected: Virus.Win32.Virut.n 1
D:\Command & Conquer 3 Kane's Wrath\#readme#\regsetup.exe Infected: Virus.Win32.Virut.n 1
D:\Command & Conquer 3 Kane's Wrath\WorldBuilder.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\cstrike\addons\amxmodx\scripting\amxxpc.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\cstrike\addons\amxmodx\scripting\compile.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\cstrike\addons\amxmodx\scripting\sasm.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\Dedicated Server\cstrike\addons\amx\examples\sc.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\Dedicated Server\hlds.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\Dedicated Server\hltv.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\hlds.exe Infected: Virus.Win32.Virut.n 1
D:\csserv\hltv.exe Infected: Virus.Win32.Virut.n 1
D:\cwshredder.exe Infected: Virus.Win32.Virut.n 1
D:\Downloads\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f\iw3sp.exe Infected: Virus.Win32.Virut.n 1
D:\Downloads\Call_Of_Duty_4_Crackfix_And_Keygen-Razor1911\rzr-cd4f\rzr-cod4.exe Infected: Virus.Win32.Virut.n 1

The scan was stopped by the user.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users