Вирусы на другом компьютере

**Dimochka** · 14.10.2008, 11:52

Вирусы попали и на другой компьютер. Все тоже самое. На рабочем столе написано опасность.

virusinfo_syscure.zip

virusinfo_syscheck.zip

hijackthis.log

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Гриша** · 14.10.2008, 12:53

Пофиксить

Код:

F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe
O2 - BHO: (no name) - {E401626E-17DF-48C1-AB17-93AA25EEBCFF} - C:\WINDOWS\system32\appmg.dll
O4 - HKCU\..\Run: [system] c:\SVCHOST.exe
O4 - HKCU\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe
O4 - HKCU\..\Run: [winlogon] C:\Documents and Settings\lunegov\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)

AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".

Код:

begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 QuarantineFile('C:\WINDOWS\system32\comaddi.dll','');
 QuarantineFile('C:\WINDOWS\system32\clbcat.dll','');
 QuarantineFile('C:\WINDOWS\system32\ciod.dll','');
 QuarantineFile('C:\WINDOWS\system32\cfgmgr3.dll','');
 QuarantineFile('C:\WINDOWS\system32\cewmd.dll','');
 QuarantineFile('C:\WINDOWS\system32\certmg.dll','');
 QuarantineFile('C:\WINDOWS\system32\ccfgn.dll','');
 QuarantineFile('C:\WINDOWS\system32\capesnp.dll','');
 QuarantineFile('C:\WINDOWS\system32\camoch.dll','');
 QuarantineFile('C:\WINDOWS\system32\avica.dll','');
 QuarantineFile('C:\WINDOWS\system32\atkctr.dll','');
 QuarantineFile('C:\WINDOWS\system32\appmgmt.dll','');
 QuarantineFile('C:\WINDOWS\system32\appmg.dll','');
 QuarantineFile('C:\WINDOWS\system32\apcup.dll','');
 QuarantineFile('C:\WINDOWS\system32\apcu.dll','');
 QuarantineFile('C:\WINDOWS\system32\amstrea.dll','');
 QuarantineFile('C:\WINDOWS\system32\adsldpr.dll','');
 QuarantineFile('C:\WINDOWS\system32\adsldpm.dll','');
 QuarantineFile('C:\WINDOWS\system32\adsldpi.dll','');
 QuarantineFile('C:\WINDOWS\system32\actxprx.dll','');
 QuarantineFile('C:\WINDOWS\system32\AcSignIco.dll','');
 QuarantineFile('C:\WINDOWS\system32\AcSignIc.dll','');
 QuarantineFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Tree.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Nicha.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\ywpml.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\yfdwh.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\xvovf.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\wxjxx.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\wmdtx.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\vljtm.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\vipdm.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\uyopi.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\uogvx.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\tacas.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\shfxq.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\rebwp.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\qimhg.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\pavvz.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mohei.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mfdgq.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mavfo.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\ibobo.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\hpmyk.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\fqxad.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\dsxll.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\darto.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\cdyeu.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bivjz.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bipsp.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bgcbv.exe','');
 QuarantineFile('c:\windows\system32\appmg.dll','');
 QuarantineFile('c:\SVCHOST.exe','');
 QuarantineFile('C:\WINDOWS\system32\lphc3ljj0en1n.exe','');
 QuarantineFile('C:\WINDOWS\system32\drivers\services.exe','');
 QuarantineFile('C:\WINDOWS\system32\csrcs.exe','');
 QuarantineFile('C:\WINDOWS\system32\SVOHOST.exe','');
 QuarantineFile('C:\Documents and Settings\lunegov\svchost.exe','');
 DeleteService('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');
 QuarantineFile('C:\WINDOWS\TEMP\A8DA.tmp','');
 DeleteService('Network Driver Interface');
 QuarantineFile('G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\svchost.exe','');
 DeleteFile('G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\svchost.exe');
 DeleteFile('C:\WINDOWS\TEMP\A8DA.tmp');
 DeleteFile('C:\Documents and Settings\lunegov\svchost.exe');
 DeleteFile('C:\WINDOWS\system32\SVOHOST.exe');
 DeleteFile('C:\WINDOWS\system32\blphc3ljj0en1n.scr');
 DeleteFile('C:\WINDOWS\system32\csrcs.exe');
 DeleteFile('C:\WINDOWS\system32\drivers\services.exe');
 DeleteFile('C:\WINDOWS\system32\lphc3ljj0en1n.exe');
 DeleteFile('c:\SVCHOST.exe');
 DeleteFile('c:\windows\system32\appmg.dll');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\bgcbv.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\bipsp.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\bivjz.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\cdyeu.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\darto.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\dsxll.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\fqxad.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\hpmyk.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ibobo.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\mavfo.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\mfdgq.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\mohei.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\pavvz.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\puldt.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\qimhg.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\rebwp.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\shfxq.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\tacas.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\uogvx.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\uyopi.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\vipdm.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\vljtm.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\wmdtx.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\wxjxx.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\xvovf.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\yfdwh.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ywpml.exe');
 DeleteFile('C:\WINDOWS\system32\AcSignIc.dll');
 DeleteFile('C:\WINDOWS\system32\AcSignIco.dll');
 DeleteFile('C:\WINDOWS\system32\actxprx.dll');
 DeleteFile('C:\WINDOWS\system32\adsldpf.dll');
 DeleteFile('C:\WINDOWS\system32\adsldpi.dll');
 DeleteFile('C:\WINDOWS\system32\adsldpm.dll');
 DeleteFile('C:\WINDOWS\system32\adsldpr.dll');
 DeleteFile('C:\WINDOWS\system32\amstrea.dll');
 DeleteFile('C:\WINDOWS\system32\apcu.dll');
 DeleteFile('C:\WINDOWS\system32\apcup.dll');
 DeleteFile('C:\WINDOWS\system32\appmg.dll');
 DeleteFile('C:\WINDOWS\system32\appmgmt.dll');
 DeleteFile('C:\WINDOWS\system32\atkctr.dll');
 DeleteFile('C:\WINDOWS\system32\autodis.dll');
 DeleteFile('C:\WINDOWS\system32\avica.dll');
 DeleteFile('C:\WINDOWS\system32\camoc.dll');
 DeleteFile('C:\WINDOWS\system32\camoch.dll');
 DeleteFile('C:\WINDOWS\system32\capesnp.dll');
 DeleteFile('C:\WINDOWS\system32\ccfgn.dll');
 DeleteFile('C:\WINDOWS\system32\certmg.dll');
 DeleteFile('C:\WINDOWS\system32\cewmd.dll');
 DeleteFile('C:\WINDOWS\system32\cfgmgr3.dll');
 DeleteFile('C:\WINDOWS\system32\ciod.dll');
 DeleteFile('C:\WINDOWS\system32\clbcat.dll');
 DeleteFile('C:\WINDOWS\system32\comaddi.dll');
BC_ImportALL;  
ExecuteSysClean;
BC_Activate;
ExecuteRepair(5 );
ExecuteRepair(6 );
RegKeyStrParamWrite('HKEY_USERS','.DEFAULT\Control Panel\Desktop','Wallpaper','');    
RebootWindows(true);
end.

Пришлите карантин по правилам и повторите логи...

**Dimochka** · 18.10.2008, 13:26

Компьютер нормально работал 2 дня. Потом он вообще перестал запускаться. Сейчас вроде бы заходит. Куча вирусов.

virusinfo_syscure.zip

virusinfo_syscheck.zip

hijackthis.log

**Гриша** · 18.10.2008, 15:10

Елки-палки, вы еще логи бы через год предоставили

Отключите восстановление системы!

AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".

Код:

begin
ClearQuarantine;    
SearchRootkit(true, true);
SetAVZGuardStatus(True);
 DelBHO('{BCE97A72-640B-4DED-923F-8196FC01F76B}');
 DelBHO('{A4657622-7B0E-43A0-BEAF-51B11A8F7396}');
 DelBHO('{6E49BE9F-9C3C-4D92-921E-6A3F181E1A41}');
 DelBHO('{4AEB25BE-964A-3E1F-BA33-E2D186D44BDB}');
 DeleteService('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');
 QuarantineFile('C:\WINDOWS\TEMP\A8DA.tmp','');
 QuarantineFile('C:\WINDOWS\system32\yayaabxV.dll','');
 QuarantineFile('C:\WINDOWS\system32\xxyyvwwT.dll','');
 QuarantineFile('C:\WINDOWS\System32\rdzkyb.dll','');
 QuarantineFile('C:\WINDOWS\system32\ltwtkhah.dll','');
 DeleteFile('C:\WINDOWS\system32\ltwtkhah.dll');
 DeleteFile('C:\WINDOWS\System32\rdzkyb.dll');
 DeleteFile('C:\WINDOWS\system32\xxyyvwwT.dll');
 DeleteFile('C:\WINDOWS\system32\yayaabxV.dll');
 DeleteFile('C:\WINDOWS\TEMP\A8DA.tmp');
 DeleteFile('C:\WINDOWS\system32\blphc3ljj0en1n.scr');
 DeleteFile('C:\WINDOWS\system32\rdzkyb.dll');
 DeleteFile('xxyyvwwT.dll');
 DeleteFile('C:\WINDOWS\system32\mwb34530.dll');
 DeleteFile('C:\WINDOWS\system32\appmgmt.dll');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\abpfx.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\bhkix.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ceinx.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\dquoo.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ipvhs.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\jfpbc.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\kwlkt.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\lrjln.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\msthk.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\nmpji.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\oapkb.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ppulz.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\qysil.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ttsle.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ukmdb.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\vpufs.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\vtguf.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\xfnws.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\xnrzg.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\xulun.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\ydirv.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\yoffh.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Cookies\yzlpy.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Андреев\Рефераты\Ресурсоведение\75971.zip');
 DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\Sound Forge\axdlplug-1.5.0.0-0147-setup.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Nicha.exe');
 DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Tree.exe');
 DeleteFile('C:\Program Files\IMAGINE 8.6\Bin\NTx86\resampleprocess.exe');
 DeleteFile('C:\Program Files\Trend Micro\HijackThis\backups\backup-20081014-152418-395.dll');
 DeleteFile('C:\WINDOWS\system32\AcSignIco.dll');
 DeleteFile('C:\WINDOWS\system32\adsnd.dll');
 DeleteFile('C:\WINDOWS\system32\atl7.dll');
 DeleteFile('C:\WINDOWS\system32\cewmd.dll');
 DeleteFile('C:\WINDOWS\system32\cfgbken.dll');
 DeleteFile('C:\WINDOWS\system32\cmsetAC.dll');
 DeleteFile('C:\WINDOWS\system32\cmsetACm.dll');
 DeleteFile('C:\WINDOWS\system32\cnbjmo.dll');
 DeleteFile('C:\WINDOWS\system32\comrep.dll');
 DeleteFile('C:\WINDOWS\system32\comsna.dll');
 DeleteFile('C:\WINDOWS\system32\comsvc.dll');     
BC_ImportALL;
ExecuteSysClean;
BC_DeleteSvc('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');    
BC_Activate;
ExecuteRepair(5 );
ExecuteRepair(6 );
RegKeyStrParamWrite('HKCU','Control Panel\International','sTimeFormat','H:mm:ss');
RegKeyStrParamWrite('HKEY_USERS','.DEFAULT\Control Panel\Desktop','Wallpaper','');
RebootWindows(true);
end.

Повторите логи...

**CyberHelper** · 22.02.2009, 08:39

Статистика проведенного лечения:

Получено карантинов: 1
Обработано файлов: 173
В ходе лечения обнаружены вредоносные программы:
1. c:\\documents and settings\\lunegov\\cookies\\bgcbv.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
2. c:\\documents and settings\\lunegov\\cookies\\bipsp.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
3. c:\\documents and settings\\lunegov\\cookies\\bivjz.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
4. c:\\documents and settings\\lunegov\\cookies\\cdyeu.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
5. c:\\documents and settings\\lunegov\\cookies\\darto.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
6. c:\\documents and settings\\lunegov\\cookies\\dsxll.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
7. c:\\documents and settings\\lunegov\\cookies\\fqxad.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
8. c:\\documents and settings\\lunegov\\cookies\\hpmyk.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
9. c:\\documents and settings\\lunegov\\cookies\\ibobo.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
10. c:\\documents and settings\\lunegov\\cookies\\mavfo.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
11. c:\\documents and settings\\lunegov\\cookies\\mfdgq.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
12. c:\\documents and settings\\lunegov\\cookies\\mohei.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
13. c:\\documents and settings\\lunegov\\cookies\\pavvz.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
14. c:\\documents and settings\\lunegov\\cookies\\puldt.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
15. c:\\documents and settings\\lunegov\\cookies\\qimhg.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
16. c:\\documents and settings\\lunegov\\cookies\\rebwp.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
17. c:\\documents and settings\\lunegov\\cookies\\shfxq.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
18. c:\\documents and settings\\lunegov\\cookies\\tacas.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
19. c:\\documents and settings\\lunegov\\cookies\\uogvx.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
20. c:\\documents and settings\\lunegov\\cookies\\uyopi.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
21. c:\\documents and settings\\lunegov\\cookies\\vipdm.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
22. c:\\documents and settings\\lunegov\\cookies\\vljtm.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
23. c:\\documents and settings\\lunegov\\cookies\\wmdtx.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
24. c:\\documents and settings\\lunegov\\cookies\\wxjxx.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
25. c:\\documents and settings\\lunegov\\cookies\\xvovf.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
26. c:\\documents and settings\\lunegov\\cookies\\yfdwh.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
27. c:\\documents and settings\\lunegov\\cookies\\ywpml.exe - Trojan.Win32.Agent.agvi (DrWEB: BackDoor.Minirem.90)
28. c:\\windows\\system32\\acsignic.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
29. c:\\windows\\system32\\acsignico.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
30. c:\\windows\\system32\\actxprx.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
31. c:\\windows\\system32\\adsldpf.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
32. c:\\windows\\system32\\adsldpi.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
33. c:\\windows\\system32\\adsldpm.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
34. c:\\windows\\system32\\adsldpr.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
35. c:\\windows\\system32\\amstrea.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
36. c:\\windows\\system32\\apcu.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
37. c:\\windows\\system32\\apcup.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
38. c:\\windows\\system32\\appmg.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
39. c:\\windows\\system32\\appmgmt.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
40. c:\\windows\\system32\\atkctr.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
41. c:\\windows\\system32\\autodis.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
42. c:\\windows\\system32\\avica.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
43. c:\\windows\\system32\\camoc.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
44. c:\\windows\\system32\\camoch.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
45. c:\\windows\\system32\\capesnp.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
46. c:\\windows\\system32\\ccfgn.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
47. c:\\windows\\system32\\certmg.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
48. c:\\windows\\system32\\cewmd.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
49. c:\\windows\\system32\\cfgmgr3.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
50. c:\\windows\\system32\\ciod.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
51. c:\\windows\\system32\\clbcat.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)
52. c:\\windows\\system32\\comaddi.dll - Trojan.Win32.BHO.hbz (DrWEB: Trojan.DownLoad.7649)

Вирусы на другом компьютере (заявка № 31995)

Опции темы

Вирусы на другом компьютере

Опять проблемы

Итог лечения

Похожие темы

ICQ: ваша учетная запись используется на другом компьютереICQ: ваша учетная запись используется на другом компьютере

Порно баннер на другом компьютере

На другом компьютере на флешке возникают файлы autorun.inf, autorun.exe, зараженные win32.hllm.autoruner.based

такое же сообщение на другом компьютере

Есть ли тут вирусы,как на другом компе после лечения Win32/Adware.Virtumonde+Win32/PrivacyRemover.M64 ?

Ваши права в разделе