Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with virus.win32.virut.ce


  • This topic is locked This topic is locked
3 replies to this topic

#1 benbird

benbird

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:01:19 PM

Posted 09 March 2009 - 06:23 PM

hello gurus! I've been finding a bunch of trojans lately, virus.win32.virut.ce being the latest. some other's found are:
windows.delf.uc
win32.agent.icb
microsoft.windowssecuritycenter_disabled
virtumonde


anti virus progams i used were spybot, avg, super anti spyware and kaspersky.

not sure how to cure this.

some symptoms have been:
-computer hanging, something to do with winlogin
-task bar doesn't come up. i have to end explorer.exe and then restart it.

DDS and Kaspersky reports included below respectively. thanks for your help! benbird


DDS (Ver_09-02-01.01) - NTFSx86
Run by Ben Vega at 16:01:58.54 on Mon 03/09/2009
Internet Explorer: 6.0.2900.2180
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.3062.2283 [GMT -8:00]

AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\Toshiba\IVP\swupdate\swupdtmr.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
C:\Program Files\Turtle Beach\AudioAdvantageMicro\TBAA.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\System32\MAFWTray.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SmartPCTools\Registry Repair Wizard\RCHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Documents and Settings\Ben Vega\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.talti.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
{302b9d2b-46d4-486b-a10b-e475327117cf}
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\ievkbd.dll
BHO: Google plugin: {684ee1db-cd52-4ca9-9ccf-93d5f6b419ba} - kjsvc32.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_11\bin\ssv.dll
BHO: {802f2e82-9bd1-4cf8-bd34-611081e61c9a} - c:\windows\system32\volubopa.dll
BHO: {a7327c09-b521-4edb-8509-7d2660c9ec98} - Viewpoint Toolbar BHO
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Easy-WebPrint: {327c2873-e90d-4c37-aa9d-10ac9baba46c} - c:\program files\canon\easy-webprint\Toolband.dll
TB: Viewpoint Toolbar: {f8ad5aa5-d966-4667-9daf-2561d68b2012} - c:\program files\common files\viewpoint\toolbar runtime\3.8.0\IEViewBar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Registry Repair Wizard Scheduler] "c:\program files\smartpctools\registry repair wizard\RCHelper.exe" /startup
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [TPSMain] TPSMain.exe
mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe
mRun: [CeEKEY] c:\program files\toshiba\e-key\CeEKey.exe
mRun: [Turtle Beach Audio Advantage Micro] "c:\program files\turtle beach\audioadvantagemicro\TBAA.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [Acronis Scheduler2 Service] "c:\program files\common files\acronis\schedule2\schedhlp.exe"
mRun: [TrueImageMonitor.exe] c:\program files\acronis\trueimagehome\TrueImageMonitor.exe
mRun: [AcronisTimounterMonitor] c:\program files\acronis\trueimagehome\TimounterMonitor.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [M-Audio Taskbar Icon] c:\windows\system32\MAFWTray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe"
mRun: [budinufufo] Rundll32.exe "c:\windows\system32\luyozutu.dll",s
dRun: [MySpaceIM] c:\program files\myspace\im\MySpaceIM.exe
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~1.lnk - c:\windows\installer\{ac76ba86-1033-f400-7760-000000000003}\_SC_Acrobat.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobea~2.lnk - c:\program files\adobe\acrobat 8.0\acrobat\AdobeCollabSync.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
dPolicies-explorer: NoSetActiveDesktop = 1 (0x1)
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Easy-WebPrint Add To Print List - c:\program files\canon\easy-webprint\Resource.dll/RC_AddToList.html
IE: Easy-WebPrint High Speed Print - c:\program files\canon\easy-webprint\Resource.dll/RC_HSPrint.html
IE: Easy-WebPrint Preview - c:\program files\canon\easy-webprint\Resource.dll/RC_Preview.html
IE: Easy-WebPrint Print - c:\program files\canon\easy-webprint\Resource.dll/RC_Print.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - c:\program files\yahoo!\messenger\YahooMessenger.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_11\bin\ssv.dll
IE: {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - c:\program files\kaspersky lab\kaspersky anti-virus 2009\SCIEPlgn.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: imdds.dll
Trusted Zone: turbotax.com
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
Notify: klogon - c:\windows\system32\klogon.dll
Notify: psfus - psqlpwd.dll
Notify: WB - c:\progra~1\stardock\object~1\window~1\fastload.dll
AppInit_DLLs: c:\windows\system32\pomiduvi.dll,kuqivl.dll,c:\windows\system32\,c:\windows\system32\tukusoki.dll,c:\windows\system32\vutuleku.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} - c:\windows\system32\iprepair.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
LSA: Authentication Packages = msv1_0 relog_ap
LSA: Notification Packages = scecli psqlpwd PGPpwflt c:\windows\system32\pomiduvi.dll c:\windows\system32\vutuleku.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\benveg~1\applic~1\mozilla\firefox\profiles\obuksh7y.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - component: c:\documents and settings\ben vega\application data\mozilla\firefox\profiles\obuksh7y.default\extensions\piclens@cooliris.com\components\coolirisstub.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava11.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava12.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava13.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava14.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJava32.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPJPI150_11.dll
FF - plugin: c:\program files\java\jre1.5.0_11\bin\NPOJI610.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmozax.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npmusicn.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npqtplugin8.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npyaxmpb.dll
FF - plugin: c:\program files\quicktime\plugins\npqtplugin8.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll

---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service

============= SERVICES / DRIVERS ===============

R0 kl1;Kl1;c:\windows\system32\drivers\kl1.sys [2008-7-21 121872]
R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-1-29 33808]
R0 pgpfs;PGP File Sharing;c:\windows\system32\drivers\PGPfsfd.sys [2008-2-26 115768]
R0 PGPwded;PGPwded Storage Filter Service;c:\windows\system32\drivers\PGPwded.sys [2008-2-26 204856]
R1 Asapi;Asapi;c:\windows\system32\drivers\asapi.sys [2006-8-26 11264]
R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2008-11-20 7040]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2009-3-9 226832]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-2-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-2-17 55024]
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};c:\program files\cyberlink\powerdvd\000.fcl [2007-2-17 13560]
R2 AVP;Kaspersky Anti-Virus;c:\program files\kaspersky lab\kaspersky anti-virus 2009\avp.exe [2008-11-11 206088]
R2 FdRedir;FdRedir;c:\program files\common files\protector suite ql\drivers\FdRedir.sys [2006-5-5 13568]
R2 FileDisk2;FileDisk Protector Kernel Driver;c:\program files\common files\protector suite ql\drivers\filedisk.sys [2006-5-5 33024]
R2 PGPdisk;PGPdisk;c:\windows\system32\drivers\PGPdisk.sys [2008-2-26 245816]
R2 PGPsdkDriver;PGPsdkDriver;c:\windows\system32\drivers\PGPsdk.sys [2008-2-26 40504]
R2 smihlp;SMI helper driver;c:\program files\protector suite ql\smihlp.sys [2006-5-5 3456]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\viewpointservice.exe [2007-2-16 28672]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2006-8-21 33792]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2008-4-30 24592]
R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-2-17 7408]
S2 ejcaktmqwo;ejcaktmqwo;\??\c:\windows\system32\drivers\xikwr.sys --> c:\windows\system32\drivers\xikwr.sys [?]
S3 cmudau32;Audio Advantage Micro Interface;c:\windows\system32\drivers\cmudaxu.sys [2007-2-2 1391104]
S3 CrystalSysInfo;CrystalSysInfo;c:\program files\mediacoder\SysInfo.sys [2007-9-25 15152]
S3 MAFW;MAFW;c:\windows\system32\drivers\mafw.sys [2009-3-5 193032]
S3 PCIUtil;PCI Utility;\??\c:\docume~1\benveg~1\locals~1\temp\pciutil.sys --> c:\docume~1\benveg~1\locals~1\temp\PCIUtil.sys [?]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2007-6-27 531200]
S3 WSIMD;wsimd Service;c:\windows\system32\drivers\wsimd.sys --> c:\windows\system32\drivers\wsimd.sys [?]
S4 0008311203952949mcinstcleanup;0008311203952949mcinstcleanup; [x]

=============== Created Last 30 ================

2009-03-09 15:52 0 a--sh--- c:\windows\klif.spi
2009-03-09 15:26 1,049,088 a------- c:\windows\OLD4.tmp
2009-03-09 13:53 577,024 a------- c:\windows\system32\bgvfrj
2009-03-09 13:53 105,984 a------- c:\windows\system32\11.tmp
2009-03-09 13:53 40 a------- c:\windows\system32\10.tmp
2009-03-09 13:03 577,024 a------- c:\windows\system32\mzqsq
2009-03-09 13:03 105,984 a------- c:\windows\system32\B.tmp
2009-03-09 12:53 577,024 a------- c:\windows\system32\eorwwe
2009-03-09 12:53 105,984 a------- c:\windows\system32\A.tmp
2009-03-09 12:45 577,024 a------- c:\windows\system32\kdltfhbr
2009-03-09 12:45 105,984 a------- c:\windows\system32\70.tmp
2009-03-09 12:45 40 a------- c:\windows\system32\6F.tmp
2009-03-09 12:45 101,287 a------- c:\windows\system32\drivers\klin.dat
2009-03-09 12:45 89,601 a------- c:\windows\system32\drivers\klick.dat
2009-03-09 12:43 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Kaspersky Lab
2009-03-09 12:34 577,024 a------- c:\windows\system32\rtkqim
2009-03-09 12:34 105,984 a------- c:\windows\system32\2E.tmp
2009-03-09 12:34 40 a------- c:\windows\system32\2D.tmp
2009-03-09 10:41 577,024 a------- c:\windows\system32\tbtxfmolnb
2009-03-09 03:39 577,024 a------- c:\windows\system32\nbfbdves
2009-03-09 03:38 105,984 a------- c:\windows\system32\34.tmp
2009-03-09 03:38 40 a------- c:\windows\system32\33.tmp
2009-03-08 21:22 577,024 a------- c:\windows\system32\upbgt
2009-03-08 20:49 577,024 a------- c:\windows\system32\egtkbmk
2009-03-08 20:48 105,984 a------- c:\windows\system32\20A.tmp
2009-03-08 20:48 40 a------- c:\windows\system32\209.tmp
2009-03-08 20:37 577,024 a------- c:\windows\system32\cjhtdaa
2009-03-08 20:37 105,984 a------- c:\windows\system32\1EB.tmp
2009-03-08 20:37 40 a------- c:\windows\system32\1EA.tmp
2009-03-08 20:30 577,024 a------- c:\windows\system32\lyjopa
2009-03-08 20:30 105,984 a------- c:\windows\system32\7.tmp
2009-03-08 20:19 577,024 a------- c:\windows\system32\aytkrrpz
2009-03-08 20:19 105,984 a------- c:\windows\system32\6.tmp
2009-03-08 18:03 44,032 a------- c:\windows\system32\kjsvc32.dll
2009-03-08 17:49 11,264 a------- c:\windows\system32\imdds.dll
2009-03-08 17:49 1 a------- c:\windows\system32\bb1.dat
2009-03-08 17:34 577,024 a------- c:\windows\system32\vhdyjb
2009-03-08 17:34 105,984 a------- c:\windows\system32\D.tmp
2009-03-08 17:34 40 a------- c:\windows\system32\C.tmp
2009-03-06 15:13 577,024 a------- c:\windows\system32\kexzsrqw
2009-03-06 15:13 105,984 a------- c:\windows\system32\5.tmp
2009-03-06 06:35 577,024 a------- c:\windows\system32\kyguz
2009-03-06 06:35 105,984 a------- c:\windows\system32\4.tmp
2009-03-06 05:05 577,024 a------- c:\windows\system32\vlrkrxdug
2009-03-06 05:05 105,984 a------- c:\windows\system32\1F.tmp
2009-03-06 05:05 40 a------- c:\windows\system32\1E.tmp
2009-03-05 23:05 1,038,336 a------- c:\windows\system32\drivers\nrv10.bcd
2009-03-05 23:05 941,840 a------- c:\windows\system32\drivers\projectMix.bcd
2009-03-05 23:05 193,032 a------- c:\windows\system32\drivers\mafw.sys
2009-03-05 23:05 25,096 a------- c:\windows\system32\mafwasio.dll
2009-03-05 23:04 2,515,312 a------- c:\windows\system32\fwfmdio.dll
2009-03-05 23:04 1,296,904 a------- c:\windows\system32\MAFWCpl.exe
2009-03-05 23:04 1,247,232 a------- c:\windows\system32\drivers\fwadat.bcd
2009-03-05 23:04 1,138,688 a------- c:\windows\system32\drivers\Ozonic.bcd
2009-03-05 23:04 1,134,592 a------- c:\windows\system32\drivers\fwap.bcd
2009-03-05 23:04 941,944 a------- c:\windows\system32\drivers\fw1814.bcd
2009-03-05 23:04 252,424 a------- c:\windows\system32\maFwTray.exe
2009-03-05 23:04 27,144 a------- c:\windows\system32\MAFWPnl.dll
2009-03-05 23:04 27,144 a------- c:\windows\system32\mafw.cpl
2009-03-05 23:04 11,784 a------- c:\windows\system32\MAFWCoIn.dll
2009-03-05 23:04 1,119,232 a------- c:\windows\system32\drivers\FW410.bcd
2009-03-05 23:04 1,106,944 a------- c:\windows\system32\drivers\FWSolo.bcd
2009-03-05 23:04 <DIR> --d----- c:\program files\M-Audio
2009-03-05 22:14 44,032 a------- c:\windows\system32\kmsvc32.dll
2009-03-05 22:14 100 a------- c:\windows\system32\wh
2009-03-05 22:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spectrasonics
2009-03-05 22:08 577,024 a------- c:\windows\system32\xbqgbc
2009-03-05 22:08 105,984 a------- c:\windows\system32\1C.tmp
2009-03-05 22:08 40 a------- c:\windows\system32\1B.tmp
2009-03-05 22:01 577,024 a------- c:\windows\system32\kpmym
2009-03-05 22:01 105,984 a------- c:\windows\system32\18.tmp
2009-03-05 22:01 40 a------- c:\windows\system32\17.tmp
2009-03-05 21:42 577,024 a------- c:\windows\system32\lesly
2009-03-05 21:42 105,984 a------- c:\windows\system32\F.tmp
2009-03-05 21:42 40 a------- c:\windows\system32\E.tmp
2009-03-05 21:40 577,024 a------- c:\windows\system32\uagputg
2009-03-05 21:40 105,984 a------- c:\windows\system32\9.tmp
2009-03-05 21:28 262,144 a------- c:\windows\system32\nvtpm32.dll
2009-03-05 21:28 40 a------- c:\windows\system32\2.tmp
2009-03-05 03:21 28,288 ac------ c:\windows\system32\dllcache\xjis.nls
2009-03-05 03:19 1,158,818 ac------ c:\windows\system32\dllcache\korwbrkr.lex
2009-03-05 03:18 66,082 ac------ c:\windows\system32\dllcache\c_20423.nls
2009-03-05 03:16 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-03-05 03:16 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-03-05 03:16 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-03-05 03:16 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-03-05 03:16 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-03-05 03:16 36,864 ac------ c:\windows\system32\dllcache\isignup.exe
2009-03-04 23:03 13,753 a----r-- c:\windows\SET93.tmp
2009-03-04 23:03 1,086,058 a----r-- c:\windows\SET87.tmp
2009-03-04 23:03 1,042,903 a----r-- c:\windows\SET84.tmp
2009-03-04 08:23 1,394 a------- c:\windows\system32\ahtn.htm
2009-03-04 08:23 469 a------- c:\windows\system32\win32hlp.cnf
2009-03-04 08:23 47,104 a------- c:\windows\system32\998.exe
2009-03-04 07:09 105,984 a------- c:\windows\system32\4C.tmp
2009-03-04 07:09 40 a------- c:\windows\system32\4B.tmp
2009-03-03 00:53 577,024 a------- c:\windows\system32\awix
2009-03-02 17:08 577,024 a------- c:\windows\system32\norfmm
2009-03-02 17:08 577,024 a------- c:\windows\system32\rnlckgx
2009-03-02 16:50 577,024 a------- c:\windows\system32\zvjpzy
2009-03-02 13:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-03-02 13:47 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-03-02 13:47 <DIR> --d----- c:\docume~1\benveg~1\applic~1\SUPERAntiSpyware.com
2009-03-02 09:15 0 a------- c:\windows\mqcd.dbt
2009-03-02 09:15 <DIR> --d----- c:\docume~1\benveg~1\applic~1\comidle
2009-03-02 09:15 32,768 a------- c:\windows\system32\odjan.wa
2009-03-02 09:15 28,672 a------- c:\windows\system32\kdoqmn.sr
2009-03-02 09:14 32,768 a------- c:\windows\system32\kei1w.an
2009-03-02 09:14 28,672 a------- c:\windows\system32\doqkm.zt
2009-03-02 09:14 77,312 a------- c:\windows\system32\rkoq.pxf
2009-03-02 09:14 105,984 a------- c:\windows\system32\azton.mt

==================== Find3M ====================

2009-03-09 14:11 283,648 a------- c:\windows\winhlp32.exe
2009-03-09 14:11 109,056 a--sh--- c:\windows\system32\vutuleku.dll
2009-03-09 14:11 102,400 a------- c:\windows\system32\wscript.exe
2009-03-09 14:11 8,192 a------- c:\windows\system32\winhlp32.exe
2009-03-09 12:59 33,808 a------- c:\windows\system32\drivers\klbg.sys
2009-03-06 04:43 577,024 a------- c:\windows\system32\user32.DLL
2009-03-05 03:37 519,680 a------- c:\windows\system32\winlogon.exe
2009-01-06 11:17 23,428 ac------ c:\windows\system32\emptyregdb.dat
2009-01-04 20:17 77,607 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-01-02 09:01 1,307,356 a--sh--- c:\windows\system32\ochgqyvr.tmp
2007-03-07 09:21 92,064 ac------ c:\documents and settings\ben vega\mqdmmdm.sys
2007-03-07 09:21 79,328 ac------ c:\documents and settings\ben vega\mqdmserd.sys
2007-03-07 09:21 9,232 ac------ c:\documents and settings\ben vega\mqdmmdfl.sys
2007-03-07 09:21 5,936 ac------ c:\documents and settings\ben vega\mqdmwhnt.sys
2007-03-07 09:21 4,048 ac------ c:\documents and settings\ben vega\mqdmcr.sys
2007-03-07 09:21 66,656 ac------ c:\documents and settings\ben vega\mqdmbus.sys
2007-03-07 09:21 25,600 ac------ c:\documents and settings\ben vega\usbsermptxp.sys
2007-03-07 09:21 22,768 ac------ c:\documents and settings\ben vega\usbsermpt.sys
2007-03-07 09:21 6,208 ac------ c:\documents and settings\ben vega\mqdmcmnt.sys
0000-00-00 00:00 125,917 a--sh--- c:\windows\system32\luyozutu.dll

============= FINISH: 16:03:42.04 ===============

KASPERSKY REPORT

Date: Today (events: 477)
Protection (events: 477)
3/9/2009 3:52:45 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 3:52:45 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 3:52:45 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\intel\wireless\bin\ifrmewrk.exe
3/9/2009 3:52:45 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 3:52:44 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 3:52:24 PM Will be deleted on system restart: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:52:15 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:52:10 PM Deleted: Virus.Win32.Virut.ce Kaspersky Anti-Virus HKLM\System\ControlSet006\Services\ALG\ALG
3/9/2009 3:52:08 PM Deleted: Virus.Win32.Virut.ce Kaspersky Anti-Virus HKLM\System\ControlSet001\Services\ALG\ALG
3/9/2009 3:52:06 PM Will be deleted on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:26:31 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:25:51 PM Untreated: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll Skipped by user
3/9/2009 3:25:51 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:25:51 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe Skipped by user
3/9/2009 3:25:51 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:25:50 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe Skipped by user
3/9/2009 3:25:50 PM Threats have been detected Kaspersky Anti-Virus
3/9/2009 3:25:50 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:23:55 PM Protection is not running Kaspersky Anti-Virus
3/9/2009 3:21:39 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
3/9/2009 3:21:39 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
3/9/2009 3:21:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 3:21:38 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 3:21:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 3:21:38 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 3:21:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\ifrmewrk.exe
3/9/2009 3:21:38 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\ifrmewrk.exe
3/9/2009 3:21:38 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe
3/9/2009 3:21:37 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\apoint2k\apoint.exe
3/9/2009 3:21:37 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\apoint2k\apoint.exe
3/9/2009 3:21:37 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 3:21:37 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 3:21:18 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 3:21:17 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 3:21:15 PM Will be disinfected on system restart: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:21:15 PM Disinfected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:21:15 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:21:10 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:21:10 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:21:09 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:21:09 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:21:04 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:21:04 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:21:03 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:21:03 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:20:57 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:20:07 PM Untreated: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll Skipped by user
3/9/2009 3:20:07 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 3:20:06 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe Skipped by user
3/9/2009 3:20:06 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe
3/9/2009 3:20:05 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe Skipped by user
3/9/2009 3:20:05 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe
3/9/2009 3:20:05 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe Skipped by user
3/9/2009 3:20:05 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 3:20:05 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe Skipped by user
3/9/2009 3:20:05 PM Threats have been detected Kaspersky Anti-Virus
3/9/2009 3:20:05 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 3:17:41 PM Protection is not running Kaspersky Anti-Virus
3/9/2009 2:11:36 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe
3/9/2009 2:11:36 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe
3/9/2009 2:11:20 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\winhlp32.exe
3/9/2009 2:11:20 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\winhlp32.exe
3/9/2009 2:11:20 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wuauclt.exe
3/9/2009 2:11:20 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wuauclt.exe
3/9/2009 2:11:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wscript.exe
3/9/2009 2:11:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wscript.exe
3/9/2009 2:11:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wscript.exe
3/9/2009 2:11:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wscript.exe
3/9/2009 2:11:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\winhlp32.exe
3/9/2009 2:11:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\winhlp32.exe
3/9/2009 2:11:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wbem\wmiprvse.exe
3/9/2009 2:11:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wbem\wmiprvse.exe
3/9/2009 2:11:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wbem\wmiapsrv.exe
3/9/2009 2:11:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\wbem\wmiapsrv.exe
3/9/2009 2:10:59 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\vutuleku.dll
3/9/2009 2:10:59 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\vutuleku.dll
3/9/2009 2:10:59 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\vssvc.exe
3/9/2009 2:10:59 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\vssvc.exe
3/9/2009 2:10:39 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\volubopa.dll
3/9/2009 2:10:39 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\volubopa.dll
3/9/2009 2:10:39 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\usmt\migwiz.exe
3/9/2009 2:10:39 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\usmt\migwiz.exe
3/9/2009 2:10:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\userinit.exe
3/9/2009 2:10:38 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\userinit.exe
3/9/2009 2:10:38 PM Will be disinfected on system restart: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 2:10:38 PM Disinfected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 2:10:38 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 2:10:22 PM Detected: Trojan.Win32.Patched.dr Kaspersky Anti-Virus c:\windows\system32\user32.dll
3/9/2009 2:10:22 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ups.exe
3/9/2009 2:10:22 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ups.exe
3/9/2009 2:10:21 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tscupgrd.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tscupgrd.exe
3/9/2009 2:10:21 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsmain.exe
3/9/2009 2:10:21 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsmain.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsmain.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsmain.exe
3/9/2009 2:10:21 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsbattm.exe
3/9/2009 2:10:21 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsbattm.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsbattm.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\tpsbattm.exe
3/9/2009 2:10:21 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\smlogsvc.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\smlogsvc.exe
3/9/2009 2:10:21 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\shmgrate.exe
3/9/2009 2:10:21 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\shmgrate.exe
3/9/2009 2:10:20 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\sessmgr.exe
3/9/2009 2:10:20 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\sessmgr.exe
3/9/2009 2:10:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rundll32.exe
3/9/2009 2:10:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rundll32.exe
3/9/2009 2:10:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rsvp.exe
3/9/2009 2:10:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rsvp.exe
3/9/2009 2:10:19 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\regsvr32.exe
3/9/2009 2:10:19 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\regsvr32.exe
3/9/2009 2:10:18 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rasphone.exe
3/9/2009 2:10:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\rasphone.exe
3/9/2009 2:10:18 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\progman.exe
3/9/2009 2:10:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\progman.exe
3/9/2009 2:10:18 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ntsd.exe
3/9/2009 2:10:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ntsd.exe
3/9/2009 2:10:18 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe
3/9/2009 2:10:18 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe
3/9/2009 2:10:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe
3/9/2009 2:10:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\notepad.exe
3/9/2009 2:10:17 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\netdde.exe
3/9/2009 2:10:17 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\netdde.exe
3/9/2009 2:10:17 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mspaint.exe
3/9/2009 2:10:17 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mspaint.exe
3/9/2009 2:10:17 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\msiexec.exe
3/9/2009 2:10:17 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\msiexec.exe
3/9/2009 2:10:17 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mshta.exe
3/9/2009 2:10:17 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mshta.exe
3/9/2009 2:10:16 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\msdtc.exe
3/9/2009 2:10:16 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\msdtc.exe
3/9/2009 2:10:16 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mnmsrvc.exe
3/9/2009 2:10:16 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mnmsrvc.exe
3/9/2009 2:10:16 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mmc.exe
3/9/2009 2:10:16 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\mmc.exe
3/9/2009 2:10:15 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\logon.scr
3/9/2009 2:10:15 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\logon.scr
3/9/2009 2:10:15 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\locator.exe
3/9/2009 2:10:15 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\locator.exe
3/9/2009 2:10:15 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\java.exe
3/9/2009 2:10:15 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\java.exe
3/9/2009 2:10:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\imapi.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\imapi.exe
3/9/2009 2:10:14 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxtray.exe
3/9/2009 2:10:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxtray.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxtray.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxtray.exe
3/9/2009 2:10:14 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxpers.exe
3/9/2009 2:10:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxpers.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxpers.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\igfxpers.exe
3/9/2009 2:10:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ieudinit.exe
3/9/2009 2:10:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ieudinit.exe
3/9/2009 2:10:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ie4uinit.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ie4uinit.exe
3/9/2009 2:10:13 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\hkcmd.exe
3/9/2009 2:10:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\hkcmd.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\hkcmd.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\hkcmd.exe
3/9/2009 2:10:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\fontview.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\fontview.exe
3/9/2009 2:10:13 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dvdramsv.exe
3/9/2009 2:10:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dvdramsv.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dvdramsv.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dvdramsv.exe
3/9/2009 2:10:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\drwtsn32.exe
3/9/2009 2:10:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\drwtsn32.exe
3/9/2009 2:10:12 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dmadmin.exe
3/9/2009 2:10:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dmadmin.exe
3/9/2009 2:10:12 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dllhost.exe
3/9/2009 2:10:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\dllhost.exe
3/9/2009 2:10:12 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe
3/9/2009 2:10:12 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe
3/9/2009 2:10:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe
3/9/2009 2:10:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\ctfmon.exe
3/9/2009 2:10:12 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\clipsrv.exe
3/9/2009 2:10:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\clipsrv.exe
3/9/2009 2:10:11 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\clipbrd.exe
3/9/2009 2:10:11 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\clipbrd.exe
3/9/2009 2:10:11 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\cisvc.exe
3/9/2009 2:10:11 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\cisvc.exe
3/9/2009 2:10:11 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 2:10:11 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 2:10:11 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 2:10:11 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\alg.exe
3/9/2009 2:10:10 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\accwiz.exe
3/9/2009 2:10:10 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\system32\accwiz.exe
3/9/2009 2:10:10 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\regedit.exe
3/9/2009 2:10:10 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\regedit.exe
3/9/2009 2:10:10 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\pchealth\helpctr\binaries\msconfig.exe
3/9/2009 2:10:10 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\pchealth\helpctr\binaries\msconfig.exe
3/9/2009 2:10:09 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\pchealth\helpctr\binaries\helpctr.exe
3/9/2009 2:10:09 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\pchealth\helpctr\binaries\helpctr.exe
3/9/2009 2:10:09 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\notepad.exe
3/9/2009 2:10:09 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\notepad.exe
3/9/2009 2:10:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\network diagnostic\xpnetdiag.exe
3/9/2009 2:10:08 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\network diagnostic\xpnetdiag.exe
3/9/2009 2:10:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\inf\unregmp2.exe
3/9/2009 2:10:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\inf\unregmp2.exe
3/9/2009 2:10:07 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\hh.exe
3/9/2009 2:10:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\hh.exe
3/9/2009 2:10:07 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 2:10:07 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 2:10:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 2:10:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\explorer.exe
3/9/2009 2:10:06 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\alcmtr.exe
3/9/2009 2:10:06 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\alcmtr.exe
3/9/2009 2:10:06 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\alcmtr.exe
3/9/2009 2:10:06 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\windows\alcmtr.exe
3/9/2009 2:10:06 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\toshiba\ivp\swupdate\swupdtmr.exe
3/9/2009 2:10:05 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\toshiba\ivp\swupdate\swupdtmr.exe
3/9/2009 2:10:05 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\toshiba\ivp\swupdate\swupdtmr.exe
3/9/2009 2:10:05 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\toshiba\ivp\swupdate\swupdtmr.exe
3/9/2009 2:10:04 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\yahoo!\yahoo! widget engine\yahoowidgets.exe
3/9/2009 2:10:04 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\yahoo!\yahoo! widget engine\yahoowidgets.exe
3/9/2009 2:10:03 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\pinball\pinball.exe
3/9/2009 2:10:03 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\pinball\pinball.exe
3/9/2009 2:10:03 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\hypertrm.exe
3/9/2009 2:10:03 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\hypertrm.exe
3/9/2009 2:10:02 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\dialer.exe
3/9/2009 2:10:02 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\dialer.exe
3/9/2009 2:10:02 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\accessories\wordpad.exe
3/9/2009 2:10:02 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows nt\accessories\wordpad.exe
3/9/2009 2:10:01 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmpnetwk.exe
3/9/2009 2:10:01 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmpnetwk.exe
3/9/2009 2:10:01 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmplayer.exe
3/9/2009 2:10:01 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmplayer.exe
3/9/2009 2:10:01 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmplayer.exe
3/9/2009 2:10:01 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\wmplayer.exe
3/9/2009 2:10:01 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\mplayer2.exe
3/9/2009 2:10:01 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\windows media player\mplayer2.exe
3/9/2009 2:10:00 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\winamp\winamp.exe
3/9/2009 2:10:00 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\winamp\winamp.exe
3/9/2009 2:10:00 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\viewpoint\common\viewpointservice.exe
3/9/2009 2:10:00 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\viewpoint\common\viewpointservice.exe
3/9/2009 2:10:00 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\viewpoint\common\viewpointservice.exe
3/9/2009 2:10:00 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\viewpoint\common\viewpointservice.exe
3/9/2009 2:10:00 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\turtle beach\audioadvantagemicro\tbaa.exe
3/9/2009 2:10:00 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\turtle beach\audioadvantagemicro\tbaa.exe
3/9/2009 2:10:00 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\turtle beach\audioadvantagemicro\tbaa.exe
3/9/2009 2:09:59 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\turtle beach\audioadvantagemicro\tbaa.exe
3/9/2009 2:09:59 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba controls\tfncky.exe
3/9/2009 2:09:59 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba controls\tfncky.exe
3/9/2009 2:09:58 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba assist\tintouch.exe
3/9/2009 2:09:58 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba assist\tintouch.exe
3/9/2009 2:09:58 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba assist\tintouch.exe
3/9/2009 2:09:58 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toshiba assist\tintouch.exe
3/9/2009 2:09:58 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toscdspd\toscdspd.exe
3/9/2009 2:09:58 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\toscdspd\toscdspd.exe
3/9/2009 2:09:57 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\speech system nls\toswbrn.exe
3/9/2009 2:09:57 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\speech system nls\toswbrn.exe
3/9/2009 2:09:57 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\speech system nls\tosvcen.exe
3/9/2009 2:09:57 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\speech system nls\tosvcen.exe
3/9/2009 2:09:56 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\sd format\tossdfmt.exe
3/9/2009 2:09:56 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\sd format\tossdfmt.exe
3/9/2009 2:09:56 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\pcdiag\pcdiag.exe
3/9/2009 2:09:56 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\pcdiag\pcdiag.exe
3/9/2009 2:09:56 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\e-key\ceekey.exe
3/9/2009 2:09:42 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\e-key\ceekey.exe
3/9/2009 2:09:42 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\e-key\ceekey.exe
3/9/2009 2:09:42 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\e-key\ceekey.exe
3/9/2009 2:09:41 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\ndstray.exe
3/9/2009 2:09:41 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\ndstray.exe
3/9/2009 2:09:41 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsvcs.exe
3/9/2009 2:09:41 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsvcs.exe
3/9/2009 2:09:41 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsvcs.exe
3/9/2009 2:09:41 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsvcs.exe
3/9/2009 2:09:41 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsserv.exe
3/9/2009 2:09:41 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\configfree\cfsserv.exe
3/9/2009 2:09:40 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\wirelessftp1.exe
3/9/2009 2:09:40 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\wirelessftp1.exe
3/9/2009 2:09:39 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\wirelessftp.exe
3/9/2009 2:09:39 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\wirelessftp.exe
3/9/2009 2:09:39 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc1.exe
3/9/2009 2:09:39 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc1.exe
3/9/2009 2:09:39 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:38 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:38 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:37 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:37 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtproc.exe
3/9/2009 2:09:36 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng1.exe
3/9/2009 2:09:36 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng1.exe
3/9/2009 2:09:36 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng.exe
3/9/2009 2:09:36 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng.exe
3/9/2009 2:09:36 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng.exe
3/9/2009 2:09:35 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\tosbtmng.exe
3/9/2009 2:09:35 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\eccenter1.exe
3/9/2009 2:09:35 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\eccenter1.exe
3/9/2009 2:09:34 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\eccenter.exe
3/9/2009 2:09:34 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\eccenter.exe
3/9/2009 2:09:34 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\bip_camera1.exe
3/9/2009 2:09:34 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\bip_camera1.exe
3/9/2009 2:09:33 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\bip_camera.exe
3/9/2009 2:09:33 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\toshiba\bluetooth toshiba stack\bip_camera.exe
3/9/2009 2:09:32 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\syncrosoft\pos\h2o\cledx.exe
3/9/2009 2:09:32 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\syncrosoft\pos\h2o\cledx.exe
3/9/2009 2:09:32 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\swish minimax2\swishminimax2.exe
3/9/2009 2:09:32 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\swish minimax2\swishminimax2.exe
3/9/2009 2:09:31 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\swish jukebox\swishjukebox.exe
3/9/2009 2:09:31 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\swish jukebox\swishjukebox.exe
3/9/2009 2:09:31 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\superantispyware\superantispyware.exe
3/9/2009 2:09:30 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\superantispyware\superantispyware.exe
3/9/2009 2:09:30 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\superantispyware\superantispyware.exe
3/9/2009 2:09:29 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\superantispyware\superantispyware.exe
3/9/2009 2:09:29 PM Will be disinfected on system restart: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\stardock\object desktop\windowblinds\wbload.exe
3/9/2009 2:09:28 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\stardock\object desktop\windowblinds\wbload.exe
3/9/2009 2:09:28 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\stardock\object desktop\windowblinds\wbload.exe
3/9/2009 2:09:28 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\stardock\object desktop\windowblinds\wbload.exe
3/9/2009 2:09:27 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\quicktime\qttask.exe
3/9/2009 2:09:27 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\quicktime\qttask.exe
3/9/2009 2:09:27 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\quicktime\pictureviewer.exe
3/9/2009 2:09:27 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\quicktime\pictureviewer.exe
3/9/2009 2:09:27 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\wabmig.exe
3/9/2009 2:09:27 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\wabmig.exe
3/9/2009 2:09:26 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\wab.exe
3/9/2009 2:09:26 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\wab.exe
3/9/2009 2:09:26 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\setup50.exe
3/9/2009 2:09:26 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\setup50.exe
3/9/2009 2:09:26 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\msimn.exe
3/9/2009 2:09:26 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\outlook express\msimn.exe
3/9/2009 2:09:26 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\netmeeting\conf.exe
3/9/2009 2:09:26 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\netmeeting\conf.exe
3/9/2009 2:09:22 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\native instruments\guitar rig 2\guitarrig 2.exe
3/9/2009 2:09:18 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\native instruments\guitar rig 2\guitarrig 2.exe
3/9/2009 2:09:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\napster\napster.exe
3/9/2009 2:09:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\napster\napster.exe
3/9/2009 2:09:14 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\shvlzm.exe
3/9/2009 2:09:14 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\shvlzm.exe
3/9/2009 2:09:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\rvsezm.exe
3/9/2009 2:09:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\rvsezm.exe
3/9/2009 2:09:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\hrtzzm.exe
3/9/2009 2:09:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\hrtzzm.exe
3/9/2009 2:09:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\chkrzm.exe
3/9/2009 2:09:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\chkrzm.exe
3/9/2009 2:09:13 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\bckgzm.exe
3/9/2009 2:09:13 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\msn gaming zone\windows\bckgzm.exe
3/9/2009 2:09:12 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\movie maker\moviemk.exe
3/9/2009 2:09:12 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\movie maker\moviemk.exe
3/9/2009 2:09:11 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\motorola phone tools\mphonetools.exe
3/9/2009 2:09:11 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\motorola phone tools\mphonetools.exe
3/9/2009 2:09:10 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\messenger\msmsgs.exe
3/9/2009 2:09:10 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\messenger\msmsgs.exe
3/9/2009 2:09:09 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mediacoder\mediacoder.exe
3/9/2009 2:09:09 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mediacoder\mediacoder.exe
3/9/2009 2:09:09 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mastersplitter\mstsplit.exe
3/9/2009 2:09:09 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mastersplitter\mstsplit.exe
3/9/2009 2:09:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mach5 software\kremlin\kremlin decrypt.exe
3/9/2009 2:09:08 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\mach5 software\kremlin\kremlin decrypt.exe
3/9/2009 2:09:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaws.exe
3/9/2009 2:09:08 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaws.exe
3/9/2009 2:09:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaw.exe
3/9/2009 2:09:08 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaw.exe
3/9/2009 2:09:08 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\iexplore.exe
3/9/2009 2:09:08 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\iexplore.exe
3/9/2009 2:09:07 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\isignup.exe
3/9/2009 2:09:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\isignup.exe
3/9/2009 2:09:07 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\inetwiz.exe
3/9/2009 2:09:07 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\inetwiz.exe
3/9/2009 2:09:07 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\icwconn2.exe
3/9/2009 2:08:58 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\icwconn2.exe
3/9/2009 2:08:58 PM Disinfected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\icwconn1.exe
3/9/2009 2:08:53 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\internet explorer\connection wizard\icwconn1.exe
3/9/2009 2:07:01 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\buena vista interactive\tron 2.0\tron.exe
3/9/2009 2:07:01 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\faststone maxview\maxview.exe
3/9/2009 2:07:00 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\adobe\adobe illustrator cs2\support files\contents\windows\illustrator.exe
3/9/2009 2:06:56 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\dvd-ram\winxp\dvd-ram driver\dvdform.exe
3/9/2009 2:06:55 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\canon\canoscan toolbox ver4.0\cstbox.exe
3/9/2009 2:06:55 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\canon\easy-photoprint\bjezprn.exe
3/9/2009 2:06:55 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\canon\easy-photoprint\bjezplus.exe
3/9/2009 2:06:55 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\adobe\adobe photoshop cs3\photoshop.exe
3/9/2009 2:06:44 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\intel\wireless\bin\s24evmon.exe
3/9/2009 2:06:44 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe
3/9/2009 2:06:44 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\common files\adobe systems shared\service\adobelmsvc.exe
3/9/2009 2:06:44 PM Restored from quarantine Kaspersky Anti-Virus c:\documents and settings\ben vega\application data\comidle\comidle.exe
3/9/2009 2:06:44 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\cursorxp\cursorxp.exe
3/9/2009 2:06:43 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\intel\wireless\bin\iwrap.exe
3/9/2009 2:06:43 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\allume systems\stuffit\stuffit.exe
3/9/2009 2:06:42 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\arcsoft\software suite\photostudio\photostudio.exe
3/9/2009 2:06:42 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\arcsoft\software suite\greeting card creator\greeting card.exe
3/9/2009 2:06:42 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\divx\divx player\divx player.exe
3/9/2009 2:06:41 PM Restored from quarantine Kaspersky Anti-Virus c:\program files\cursorxp\curxputil.exe
3/9/2009 2:06:40 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe Written to report
3/9/2009 2:06:40 PM Untreated: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe Written to report
3/9/2009 2:06:40 PM Detected: Virus.Win32.Virut.ce Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe
3/9/2009 1:04:46 PM Databases are corrupted Kaspersky Anti-Virus
3/9/2009 1:03:27 PM Some components cannot be enabled Kaspersky Anti-Virus
3/9/2009 1:03:27 PM Databases are obsolete Kaspersky Anti-Virus
3/9/2009 1:02:28 PM Threats have been detected Kaspersky Anti-Virus
3/9/2009 1:00:46 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaw.exe
3/9/2009 1:00:46 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\java\jre1.5.0_11\bin\javaw.exe
3/9/2009 1:00:46 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\internet explorer\iexplore.exe
3/9/2009 1:00:46 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\internet explorer\iexplore.exe
3/9/2009 1:00:43 PM Disinfected: Type_Win32 Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\IntelZeroConfig
3/9/2009 1:00:35 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\intel\wireless\bin\zcfgsvc.exe
3/9/2009 1:00:35 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 1:00:11 PM Will be quarantined on system restart: Type_Win32 Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 12:59:51 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\intel\wireless\bin\regsrvc.exe
3/9/2009 12:59:51 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\intel\wireless\bin\ifrmewrk.exe
3/9/2009 12:59:28 PM Cannot be quarantined: Heur.Invader Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 12:59:09 PM Will be quarantined on system restart: Heur.Invader Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 12:58:53 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\googletalk
3/9/2009 12:58:48 PM Detected: Heur.Invader Kaspersky Anti-Virus c:\program files\google\google talk\googletalk.exe
3/9/2009 12:58:42 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\dxuFile\shell\open\command
3/9/2009 12:58:42 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\dpsFile\shell\open\command
3/9/2009 12:58:42 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\divxTicketFile\shell\open\command
3/9/2009 12:58:42 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\divxFile\shell\open\command
3/9/2009 12:58:42 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\divFile\shell\open\command
3/9/2009 12:58:30 PM Detected: Heur.Invader Kaspersky Anti-Virus c:\program files\divx\divx player\divx player.exe
3/9/2009 12:58:23 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 12:57:58 PM Will be quarantined on system restart: Type_Win32 Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 12:57:47 PM Deleted: Type_Win32 Kaspersky Anti-Virus HKLM\System\ControlSet006\Services\RichVideo\RichVideo
3/9/2009 12:57:46 PM Deleted: Type_Win32 Kaspersky Anti-Virus HKLM\System\ControlSet001\Services\RichVideo\RichVideo
3/9/2009 12:57:41 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\cyberlink\shared files\richvideo.exe
3/9/2009 12:57:37 PM Disinfected: Type_Win32 Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\CurExSchemeFile\shell\open\command
3/9/2009 12:57:35 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\cursorxp\curxputil.exe
3/9/2009 12:57:18 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apoint.exe
3/9/2009 12:57:02 PM Will be quarantined on system restart: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apoint.exe
3/9/2009 12:56:50 PM Disinfected: Type_Win32 Kaspersky Anti-Virus HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\Apoint.exe
3/9/2009 12:56:48 PM Disinfected: Type_Win32 Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Apoint
3/9/2009 12:56:37 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apoint.exe
3/9/2009 12:56:24 PM Cannot be quarantined: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 12:56:23 PM Will be quarantined on system restart: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 12:56:20 PM Detected: Type_Win32 Kaspersky Anti-Virus c:\program files\apoint2k\apntex.exe
3/9/2009 12:56:20 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\StuffIt.exe
3/9/2009 12:56:17 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\StuffIt.ArchiveSearch.File\shell\open\command
3/9/2009 12:56:12 PM Detected: Heur.Invader Kaspersky Anti-Virus c:\program files\allume systems\stuffit\stuffit.exe
3/9/2009 12:56:12 PM Deleted: Heur.Invader Kaspersky Anti-Virus c:\program files\adobe\adobe utilities\extendscript toolkit 2\extendscript toolkit 2.exe
3/9/2009 12:56:07 PM Disinfected: Heur.Invader Kaspersky Anti-Virus HKEY_LOCAL_MACHINE\Software\Classes\JSXFile\shell\open\command
3/9/2009 12:55:55 PM Detected: Heur.Invader Kaspersky Anti-Virus c:\program files\adobe\adobe utilities\extendscript toolkit 2\extendscript toolkit 2.exe
3/9/2009 12:53:07 PM Threats have been detected Kaspersky Anti-Virus
3/9/2009 12:52:21 PM Databases are obsolete Kaspersky Anti-Virus
Protection (events: 477)
3/9/2009 3:25:39 PM Task started Kaspersky Anti-Virus Files and Memory
3/9/2009 3:19:29 PM Task started Kaspersky Anti-Virus Files and Memory
3/9/2009 2:06:39 PM Task started Kaspersky Anti-Virus Files and Memory
3/9/2009 1:03:27 PM Task cannot be started Kaspersky Anti-Virus Files and Memory Object not found
3/9/2009 1:02:28 PM Task started Kaspersky Anti-Virus Files and Memory
3/9/2009 12:52:21 PM Task started Kaspersky Anti-Virus Files and Memory
Protection (events: 477)
3/9/2009 3:25:39 PM Task started Kaspersky Anti-Virus Email and IM
3/9/2009 3:19:29 PM Task started Kaspersky Anti-Virus Email and IM
3/9/2009 2:06:39 PM Task started Kaspersky Anti-Virus Email and IM
3/9/2009 1:03:27 PM Task cannot be started Kaspersky Anti-Virus Email and IM Object not found
3/9/2009 1:02:28 PM Task started Kaspersky Anti-Virus Email and IM
3/9/2009 12:52:21 PM Task started Kaspersky Anti-Virus Email and IM
Protection (events: 477)
3/9/2009 3:25:39 PM Task started Kaspersky Anti-Virus Web Traffic
3/9/2009 3:19:29 PM Task started Kaspersky Anti-Virus Web Traffic
3/9/2009 3:17:41 PM Task cannot be started Kaspersky Anti-Virus Web Traffic Object not found
3/9/2009 3:17:39 PM Task cannot be started Kaspersky Anti-Virus Web Traffic Object not found
3/9/2009 2:06:39 PM Task cannot be started Kaspersky Anti-Virus Web Traffic Object not found
3/9/2009 1:03:28 PM Task cannot be started Kaspersky Anti-Virus Web Traffic Object not found
3/9/2009 1:02:28 PM Task started Kaspersky Anti-Virus Web Traffic
3/9/2009 12:52:21 PM Task started Kaspersky Anti-Virus Web Traffic
Protection (events: 477)
3/9/2009 3:25:39 PM Task started Kaspersky Anti-Virus Anti-Phishing
3/9/2009 3:19:29 PM Task started Kaspersky Anti-Virus Anti-Phishing
3/9/2009 1:02:28 PM Task started Kaspersky Anti-Virus Anti-Phishing
3/9/2009 12:52:21 PM Task started Kaspersky Anti-Virus Anti-Phishing
Protection (events: 477)
3/9/2009 3:16:05 PM Denied Windows Explorer Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
3/9/2009 12:58:52 PM Denied APOINT.EXE Open C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
Protection (events: 477)
3/9/2009 3:25:39 PM Task started Kaspersky Anti-Virus Proactive Defense
3/9/2009 3:19:29 PM Task started Kaspersky Anti-Virus Proactive Defense
3/9/2009 1:02:28 PM Task started Kaspersky Anti-Virus Proactive Defense
3/9/2009 12:52:21 PM Task started Kaspersky Anti-Virus Proactive Defense
Protection (events: 477)
3/9/2009 1:02:26 PM Invalid key Kaspersky Anti-Virus
Protection (events: 477)
3/9/2009 12:52:22 PM Task started Kaspersky Anti-Virus Quick Scan
Protection (events: 477)
3/9/2009 2:07:35 PM Task completed Kaspersky Anti-Virus Update
3/9/2009 2:06:49 PM Task started Kaspersky Anti-Virus Update
3/9/2009 2:06:40 PM Task completed Kaspersky Anti-Virus Update
3/9/2009 2:05:19 PM Task started Kaspersky Anti-Virus Update
3/9/2009 1:04:46 PM Task completed Kaspersky Anti-Virus Update Not all components were updated
3/9/2009 1:03:33 PM Task started Kaspersky Anti-Virus Update
3/9/2009 12:52:37 PM Task started Kaspersky Anti-Virus Update

Attached Files



BC AdBot (Login to Remove)

 


#2 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 20 March 2009 - 02:00 PM

Hello.

Virut infections = Format

There's no way to cure this infection. Even if we do remove anything your computer will be very unstable and will require to be reinstalled and then you will probably need to format anyways as the infection may still be there. Take a read below.

Posted ImageVirut File Infector Warning

Your system is infected with a polymorphic file infector called Virut and also has IRC bot functionality. Virut is capable of infecting all the machine's executable files (.exe) and screensaver files (.scr) and also web pages (.html and .htm). However, the problem is that the virus has a number of bugs in its code, and as a result, it may misinfect a proportion of executable files and therefore, the files are corrupted beyond repair. In addition, when it infects, sometimes it will destroy the file it tries to latch onto.

For these reasons, you really can't truly fix Virut. You will need to reinstall and format the operating system on this machine. As of now, security experts suggest that a clean Reinstall then Reformat is the only way to clean the infection and it is the only way to return the machine to its normal working state.

A Format right off the bat, without doing a reinstall is fine as well

Backup all your documents and important items (personal data, work documents, pictures etc..) only. DO NOT backup any executable files (softwares) and screensavers (*.scr) or any web pages (*.html or *.htm). It attempts to infect any accessed .exe or .scr or .html/.htm files by appending itself to the executable.

Also, try to avoid backing up compressed files (zip/cab/rar) files that have .exe or .scr files inside them. Virut can penetrate and infect .exe files inside compressed files too.

More information on Virut can be found over here and here

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#3 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 23 March 2009 - 03:24 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 5-7 days the topic will need to be closed.

Thanks for understanding. :thumbup2:

With Regards,
Extremeboy
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.

#4 extremeboy

extremeboy

  • Malware Response Team
  • 12,975 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 25 March 2009 - 02:35 PM

Hello.

Due to Lack of feedback, this topic is now Closed.

If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic in the Hijackthis-Malware Removal forum.

With Regards,
Extremeboy

Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. Help requests via the PM system will be ignored.

If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.

The help you receive here is always free but if you wish to show your appreciation, you may wish to Posted Image.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users