I'm posting part of the log Kasperky's tool created, removed the events section out of two reasons:
huge and
contains all filenames present on my computer. As I expected, it finished at about 06.30 [or maybe just waited for me to wakeup to delete the only threat it found].
Here it the log:
======================================================================================
Scan
----
Scanned: 495220
Detected: 1
Untreated: 0
Start time: 4/22/2009 10:19:07 PM
Duration: 08:15:39
Finish time: 4/23/2009 6:34:46 AM
Detected
--------
Status Object
------ ------
deleted: Trojan program Trojan-Downloader.MSIL.Agent.dz File: D:\Downloads\Antivirus\ESET Smart Security 4 + NEW PATCH !\Marsu-fix.EXE/p.exe
Events
------
Time Name Status Reason
---- ---- ------ ------
*************************************************************************************************
Statistics
----------
Object Scanned Detected Untreated Deleted Moved to Quarantine Archives Packed files Password protected Corrupted
------ ------- -------- --------- ------- ------------------- -------- ------------ ------------------ ---------
Settings
--------
Parameter Value
--------- -----
Security Level Recommended
Action Prompt for action when the scan is complete
Run mode Manually
File types Scan all files
Scan only new and changed files No
Scan archives All
Scan embedded OLE objects All
Skip if object is larger than No
Skip if scan takes longer than No
Parse email formats No
Scan password-protected archives No
Enable iChecker technology No
Enable iSwift technology No
Show detected threats on "Detected" tab Yes
Rootkits search Yes
Deep rootkits search No
Use heuristic analyzer Yes
Quarantine
----------
Status Object Size Added
------ ------ ---- -----
Backup
------
Status Object Size
------ ------ ----
======================================================================================
That's it. No sign of Virus:win32.virut.ce.
BTW, this tool was the only that found it on my computer, others, like I have said, did not find anything except some "harmless" [from my point of view], easy to remove threats, which were packed inside some patches/keygens. The file mentioned above, found by this tool, was downloaded by me and I knew about it, like i know almost all the infected files on my system.
Also, last night I have scanned my wife's computer, same situation there: one threat, somewhere in an old recycle bin, but was not virut and was deleted eventually.
I wish I would have saved one copy of junkpoly/virut on a CD for testing it in a virtual machine and findout what else could remove it, if kaspersky really cleans it without needing to delete the files [couse it gave me that option but prefered to delete all infected files] and if the infection comes back later on that virtual system. This way one could know if a disinfection removes the virus leaving clean files behind. I would do that in a virtual system only
.
So far so good, no alarms, no unusual behaviour.