Вирусы на компьютере

Printable View

15.06.2011, 08:49
Karhu

Вирусы на компьютере

В диспетчере задач появилось много нежелательных процессов, компьютер периодически тормозит. Посмотрите пожалуйста. Заранее спасибо.
PS Утилиту HijackThis не смог скачать,написал, что не может соединиться с удаленным сервером. Поэтому прикладываю логи только AVZ
15.06.2011, 08:51
Info_bot

Уважаемый(ая) [B]Karhu[/B], спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы, в самое ближайшее время, ответят на Ваш запрос.

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста [URL="http://virusinfo.info/donate/"]поддержите проект[/URL].
15.06.2011, 09:12
Karhu

UPD Добавляю лог HijackThis
15.06.2011, 21:11
thyrex

Выполните скрипт в AVZ
[code]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\Documents and Settings\Admin\bnet.exe','');
QuarantineFile('C:\WINDOWS\system32\87.exe','');
QuarantineFile('C:\WINDOWS\system32\80.exe','');
QuarantineFile('C:\WINDOWS\system32\78.exe','');
QuarantineFile('C:\WINDOWS\system32\77.exe','');
QuarantineFile('C:\WINDOWS\system32\76.exe','');
QuarantineFile('C:\WINDOWS\system32\75.exe','');
QuarantineFile('C:\WINDOWS\system32\74.exe','');
QuarantineFile('C:\WINDOWS\system32\73.exe','');
QuarantineFile('C:\WINDOWS\system32\72.exe','');
QuarantineFile('C:\WINDOWS\system32\71.exe','');
QuarantineFile('C:\WINDOWS\system32\70.exe','');
QuarantineFile('C:\WINDOWS\system32\63.exe','');
QuarantineFile('C:\WINDOWS\system32\62.exe','');
QuarantineFile('C:\WINDOWS\system32\61.exe','');
QuarantineFile('C:\WINDOWS\system32\57.exe','');
QuarantineFile('C:\WINDOWS\system32\53.exe','');
QuarantineFile('C:\WINDOWS\system32\52.exe','');
QuarantineFile('C:\WINDOWS\system32\51.exe','');
QuarantineFile('C:\WINDOWS\system32\50.exe','');
QuarantineFile('C:\WINDOWS\system32\47.exe','');
QuarantineFile('C:\WINDOWS\system32\45.exe','');
QuarantineFile('C:\WINDOWS\system32\44.exe','');
QuarantineFile('C:\WINDOWS\system32\42.exe','');
QuarantineFile('C:\WINDOWS\system32\40.exe','');
QuarantineFile('C:\WINDOWS\system32\38.exe','');
QuarantineFile('C:\WINDOWS\system32\37.exe','');
QuarantineFile('C:\WINDOWS\system32\36.exe','');
QuarantineFile('C:\WINDOWS\system32\34.exe','');
QuarantineFile('C:\WINDOWS\system32\32.exe','');
QuarantineFile('C:\WINDOWS\system32\31.exe','');
QuarantineFile('C:\WINDOWS\system32\26.exe','');
QuarantineFile('C:\WINDOWS\system32\24.exe','');
QuarantineFile('C:\WINDOWS\system32\23.exe','');
QuarantineFile('C:\WINDOWS\system32\20.exe','');
QuarantineFile('C:\WINDOWS\system32\18.exe','');
QuarantineFile('C:\WINDOWS\system32\14.exe','');
QuarantineFile('C:\WINDOWS\system32\11.exe','');
QuarantineFile('C:\WINDOWS\system32\10.exe','');
QuarantineFile('C:\WINDOWS\system32\08.exe','');
QuarantineFile('C:\WINDOWS\system32\06.exe','');
QuarantineFile('C:\WINDOWS\system32\05.exe','');
QuarantineFile('C:\WINDOWS\system32\03.exe','');
QuarantineFile('C:\WINDOWS\system32\02.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Local Settings\Temp\IH1CC2.tmp','');
QuarantineFile('C:\WINDOWS\system32\00.exe','');
QuarantineFile('c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe','');
QuarantineFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe','');
QuarantineFile('C:\Documents and Settings\Admin\Application Data\Rllylp.exe','');
TerminateProcessByName('c:\documents and settings\admin\Рабочий стол\{612dd773-54c8-4a36-9047-281268ca0ea7}.exe');
QuarantineFile('c:\documents and settings\admin\Рабочий стол\{612dd773-54c8-4a36-9047-281268ca0ea7}.exe','');
TerminateProcessByName('c:\windows\aadrive32.exe');
QuarantineFile('c:\windows\aadrive32.exe','');
DeleteFile('c:\windows\aadrive32.exe');
DeleteFile('c:\documents and settings\admin\Рабочий стол\{612dd773-54c8-4a36-9047-281268ca0ea7}.exe');
DeleteFile('C:\Documents and Settings\Admin\Application Data\Rllylp.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Rllylp');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1413\syitm.exe,explorer.exe,C:\Documents and Settings\Admin\Application Data\bowcav.exe');
DeleteFile('C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','12CFG214-K641-12SF-N85P');
RegKeyParamDel('HKEY_CURRENT_USER','Software\Microsoft\Windows\CurrentVersion\Run','Tnaww');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run','Microsoft Driver Setup');
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows\CurrentVersion\Run','Microsoft Driver Setup');
DeleteFile('c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe');
DeleteFile('C:\WINDOWS\system32\00.exe');
DeleteFile('C:\Documents and Settings\Admin\Local Settings\Temp\IH1CC2.tmp');
DeleteFile('C:\WINDOWS\system32\02.exe');
DeleteFile('C:\WINDOWS\system32\03.exe');
DeleteFile('C:\WINDOWS\system32\05.exe');
DeleteFile('C:\WINDOWS\system32\06.exe');
DeleteFile('C:\WINDOWS\system32\08.exe');
DeleteFile('C:\WINDOWS\system32\10.exe');
DeleteFile('C:\WINDOWS\system32\11.exe');
DeleteFile('C:\WINDOWS\system32\14.exe');
DeleteFile('C:\WINDOWS\system32\18.exe');
DeleteFile('C:\WINDOWS\system32\20.exe');
DeleteFile('C:\WINDOWS\system32\23.exe');
DeleteFile('C:\WINDOWS\system32\24.exe');
DeleteFile('C:\WINDOWS\system32\26.exe');
DeleteFile('C:\WINDOWS\system32\31.exe');
DeleteFile('C:\WINDOWS\system32\32.exe');
DeleteFile('C:\WINDOWS\system32\34.exe');
DeleteFile('C:\WINDOWS\system32\36.exe');
DeleteFile('C:\WINDOWS\system32\37.exe');
DeleteFile('C:\WINDOWS\system32\38.exe');
DeleteFile('C:\WINDOWS\system32\40.exe');
DeleteFile('C:\WINDOWS\system32\42.exe');
DeleteFile('C:\WINDOWS\system32\44.exe');
DeleteFile('C:\WINDOWS\system32\45.exe');
DeleteFile('C:\WINDOWS\system32\47.exe');
DeleteFile('C:\WINDOWS\system32\50.exe');
DeleteFile('C:\WINDOWS\system32\51.exe');
DeleteFile('C:\WINDOWS\system32\52.exe');
DeleteFile('C:\WINDOWS\system32\53.exe');
DeleteFile('C:\WINDOWS\system32\57.exe');
DeleteFile('C:\WINDOWS\system32\61.exe');
DeleteFile('C:\WINDOWS\system32\62.exe');
DeleteFile('C:\WINDOWS\system32\63.exe');
DeleteFile('C:\WINDOWS\system32\70.exe');
DeleteFile('C:\WINDOWS\system32\71.exe');
DeleteFile('C:\WINDOWS\system32\72.exe');
DeleteFile('C:\WINDOWS\system32\73.exe');
DeleteFile('C:\WINDOWS\system32\74.exe');
DeleteFile('C:\WINDOWS\system32\75.exe');
DeleteFile('C:\WINDOWS\system32\76.exe');
DeleteFile('C:\WINDOWS\system32\77.exe');
DeleteFile('C:\WINDOWS\system32\78.exe');
DeleteFile('C:\WINDOWS\system32\80.exe');
DeleteFile('C:\WINDOWS\system32\87.exe');
DeleteFile('C:\Documents and Settings\Admin\bnet.exe');
BC_ImportAll;
ExecuteSysClean;
BC_Activate;
RegKeyParamDel('HKEY_LOCAL_MACHINE','Software\Microsoft\Windows NT\CurrentVersion\Winlogon','Taskman');
RebootWindows(true);
end. [/code]Компьютер перезагрузится.

Пришлите карантин согласно [B]Приложения 3[/B] правил по красной ссылке [COLOR="Red"][U][B]Прислать запрошенный карантин[/B][/U][/COLOR] вверху темы

Сделайте новые логи

Сделайте лог [url="http://virusinfo.info/showpost.php?p=457118&postcount=1"]полного сканирования МВАМ[/url]
17.06.2011, 11:37
Karhu

Карантин выслал.
Выкладываю логи:
17.06.2011, 20:30
polword

1.[URL="http://virusinfo.info/showpost.php?p=493584&postcount=2"]удалите[/URL] в [B]MBAM[/B]
[CODE]
Зараженные папки:
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar (Trojan.Agent) -> No action taken.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413 (Worm.AutoRun) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) -> No action taken.

Зараженные файлы:
c:\documents and settings\Admin\cdqj.exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\dddqj.exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\ddqj.exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\dgjdd.exe (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\djdd.exe (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\dqw.exe (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\fbd.exe (Trojan.FakeAV) -> No action taken.
c:\documents and settings\Admin\application data\10.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\11.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\12.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\13.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\14.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\15.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\16.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\17.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\18.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\19.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\1A.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\1B.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\1C.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\1D.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\1E.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\1F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\20.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\21.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\22.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\23.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\789.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\8.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\9.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\A.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\B.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\BF.tmp (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\application data\C.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\D.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\E.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\25.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\26.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\27.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\27F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\28.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\29.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\2A.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\2B.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\2C.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\2D.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\2E.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\2F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\3.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\30.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\31.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\32.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\33.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\34.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\35.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\36.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\3A.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\3B.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\3C.tmp (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\application data\3D.tmp (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\application data\3E.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\3F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\4.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\40.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\42F.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\44.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\45.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\46.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\47.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\48.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\49.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\24.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\37.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\4A.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\5D.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\787.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\4B.tmp (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\application data\4C.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\4D.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\4E.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\4F.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\5.tmp (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\application data\50.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\51.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\52.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\53.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\54.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\55.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\56.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\57.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\58.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\59.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\5A.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\5B.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\5BE.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\5C.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\5D7.tmp (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\5E.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\5F.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\60.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\61.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\62.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\63.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\64.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\65.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\66.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\67.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\68.tmp (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\application data\69.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6A.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6B.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6C.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6D.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6E.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\6F.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\7.tmp (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\application data\70.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\application data\78.tmp (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\0YO4ERK6\nghef[1].exe (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\9LSPN21L\xngng[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\9LSPN21L\xngng[2].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\9LSPN21L\ngzzzzz[1].exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\DHT45XN8\hgydng[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\DHT45XN8\jchbswng[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\DHT45XN8\nndewhj[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\TW2KS0OD\3800fe[1].exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5\TW2KS0OD\cgwhwng[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00002.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00003.dta (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00004.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00005.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00006.dta (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00007.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00008.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00009.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00010.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00011.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00012.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00013.dta (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00014.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00015.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00016.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00017.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00018.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00019.dta (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00020.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00021.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00022.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00023.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00024.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00026.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00027.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00028.dta (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00029.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00030.dta (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00031.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00032.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00033.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00034.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00035.dta (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00036.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00037.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00038.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00039.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00040.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00041.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00042.dta (Worm.Palevo) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00043.dta (Rootkit.TDSS) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00044.dta (Malware.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00046.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00047.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00048.dta (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00049.dta (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\рабочий стол\virusinfo\avz4\avz4\quarantine\2011-06-17\avz00051.dta (Rootkit.TDSS) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\dci[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\dci[2].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\d[1].exe (Trojan.FakeAlert) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\h[1].exe (Rootkit.TDSS) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\m[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\q[1].exe (Worm.Palevo) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\PSRAMUWJ\z[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\b[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\dci[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\t[1].exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\w[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\w[2].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XTMSB9HJ\z[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\f[1].exe (Worm.Palevo) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\k[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\o[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\o[2].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\q[1].exe (Worm.Palevo) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\q[2].exe (Worm.Palevo) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\q[3].exe (Worm.Palevo) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\XX9QNW85\z[1].exe (Trojan.Agent.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\b[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\dci[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\m[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\o[1].exe (Malware.Gen) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\s[1].exe (Trojan.Agent) -> No action taken.
c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\YA4XVYJR\w[1].exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\ghdrive32.exe (Trojan.Agent) -> No action taken.
c:\WINDOWS\system32\46.exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\system32\83.exe (Trojan.Agent.Gen) -> No action taken.
c:\WINDOWS\system32\84.exe (Trojan.Downloader) -> No action taken.
c:\WINDOWS\system32\88.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\Admin\local settings\Temp\eraseme_37553.exe (Trojan.Agent) -> No action taken.
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\after.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\dir.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\dot.gif (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\htmlayout.dll (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\key (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\logo.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\logo2.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\logo2_.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\log_o.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\myriadwebpro-condensed.ttf (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-h-scroll-next.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-h-scroll-prev.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-scroll-back.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-scroll-base.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-scroll-slider.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-v-scroll-next.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\sb-v-scroll-prev.png (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\scroll.css (Trojan.Agent) -> No action taken.
c:\documents and settings\Admin\application data\winxrar\xsendexe.tmp (Trojan.Agent) -> No action taken.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413\Desktop.ini (Worm.AutoRun) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) -> No action taken.
[/CODE]

2.[URL="http://virusinfo.info/showthread.php?t=7239"]Выполните скрипт в AVZ[/URL]
[CODE]
begin
DeleteFileMask(GetAVZDirectory + 'Quarantine', '*.*', true);
DeleteFileMask('c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5', '*.*', true);
DeleteFileMask('c:\documents and settings\Admin\local settings\temporary internet files\Content.IE5', '*.*', true);
ExecuteWizard('TSW', 2, 2, true);
ExecuteWizard('SCU', 2, 2, true);
RebootWindows(true);
end.[/CODE]

После перезагрузки:
- Сделайте повторные логи по [URL="http://virusinfo.info/pravila.html"]правилам[/URL] п.2 и 3 раздела Диагностика.([COLOR="Blue"]virusinfo_syscheck.zip;hijackthis.log[/COLOR])
- Сделайте лог [URL="http://virusinfo.info/showpost.php?p=457118&postcount=1"][COLOR="Blue"][B]MBAM[/B][/COLOR][/URL]
- сделайте лог [URL="http://virusinfo.info/showthread.php?t=58309"][COLOR="Blue"][B]Combofix[/B][/COLOR][/URL]
18.06.2011, 20:30
CyberHelper

Итог лечения

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]155[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\\documents and settings\\admin\\application data\\rllylp.exe - [B]Backdoor.Win32.Ruskill.au[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Trojan.Generic.KD.219665, NOD32: Win32/Dorkbot.A worm )[*] c:\\recycler\\s-1-5-21-0243556031-888888379-781863308-1413\\syitm.exe - [B]Trojan-Downloader.Win32.Injecter.fyj[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6204989 )[*] c:\\recycler\\s-1-5-21-0243936033-3052116371-381863308-1811\\vsbntlo.exe - [B]Trojan.Win32.Scar.eaex[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6225004, AVAST4: Win32:Downloader-HYN [Trj] )[*] c:\\windows\\aadrive32.exe - [B]Trojan.Win32.Agent.hurx[/B] ( DrWEB: Trojan.Inject.44780, BitDefender: Trojan.Generic.KD.236026, NOD32: IRC/SdBot trojan, AVAST4: Win32:Dorkbot [Wrm] )[*] c:\\windows\\system32\\00.exe - [B]Trojan.Win32.Pincav.bgri[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6480688, AVAST4: Win32:FakeAV-BZM [Trj] )[*] c:\\windows\\system32\\02.exe - [B]Backdoor.Win32.Floder.hs[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Backdoor.Generic.677443, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\03.exe - [B]Trojan.Win32.Agent.hurx[/B] ( DrWEB: Trojan.Inject.44780, BitDefender: Trojan.Generic.KD.236026, AVAST4: Win32:Dorkbot [Wrm] )[*] c:\\windows\\system32\\05.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\06.exe - [B]Trojan.Win32.Pincav.bgri[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6480688, AVAST4: Win32:FakeAV-BZM [Trj] )[*] c:\\windows\\system32\\08.exe - [B]Backdoor.Win32.Floder.he[/B] ( DrWEB: BackDoor.Ddoser.131, BitDefender: Trojan.Generic.KD.223857, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\10.exe - [B]Trojan.Win32.Pincav.bgri[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6480688, AVAST4: Win32:FakeAV-BZM [Trj] )[*] c:\\windows\\system32\\11.exe - [B]Backdoor.Win32.Floder.hs[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Backdoor.Generic.677443, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\14.exe - [B]Backdoor.Win32.Floder.hc[/B] ( DrWEB: Trojan.Inject.40263, BitDefender: Trojan.Generic.KD.220787, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:SdBot-HAR [Trj] )[*] c:\\windows\\system32\\18.exe - [B]Trojan.Win32.Pincav.bgri[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6480688, AVAST4: Win32:FakeAV-BZM [Trj] )[*] c:\\windows\\system32\\20.exe - [B]Trojan.Win32.Agent.hurx[/B] ( DrWEB: Trojan.Inject.44780, BitDefender: Trojan.Generic.KD.236026, AVAST4: Win32:Dorkbot [Wrm] )[*] c:\\windows\\system32\\23.exe - [B]Backdoor.Win32.Floder.hs[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Backdoor.Generic.677443, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\24.exe - [B]Trojan.Win32.Menti.gktf[/B] ( DrWEB: BackDoor.Siggen.31020, BitDefender: Worm.Generic.333900, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\26.exe - [B]Trojan.Win32.Menti.gktf[/B] ( DrWEB: BackDoor.Siggen.31020, BitDefender: Worm.Generic.333900, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\31.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\32.exe - [B]Backdoor.Win32.Floder.is[/B] ( DrWEB: BackDoor.Ddoser.213, BitDefender: Trojan.Generic.KD.252582, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\34.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\36.exe - [B]Backdoor.Win32.Floder.is[/B] ( DrWEB: BackDoor.Ddoser.213, BitDefender: Trojan.Generic.KD.252582, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\37.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\38.exe - [B]Trojan.Win32.Pincav.bgqt[/B] ( DrWEB: Trojan.DownLoader6.6622, BitDefender: Trojan.Generic.KDV.248908, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\42.exe - [B]Backdoor.Win32.Floder.he[/B] ( DrWEB: BackDoor.Ddoser.131, BitDefender: Trojan.Generic.KD.223857, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\44.exe - [B]Trojan.MSIL.Crypt.do[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6649408, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\45.exe - [B]Backdoor.Win32.Floder.he[/B] ( DrWEB: BackDoor.Ddoser.131, BitDefender: Trojan.Generic.KD.223857, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\47.exe - [B]Trojan.Win32.Menti.glsg[/B] ( DrWEB: Trojan.Packed.21648, BitDefender: Gen:Variant.Graftor.17660, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\50.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\51.exe - [B]Backdoor.Win32.Floder.is[/B] ( DrWEB: BackDoor.Ddoser.213, BitDefender: Trojan.Generic.KD.252582, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\52.exe - [B]Trojan.Win32.Pincav.bgri[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6480688, AVAST4: Win32:FakeAV-BZM [Trj] )[*] c:\\windows\\system32\\53.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\57.exe - [B]Trojan.Win32.Menti.gktf[/B] ( DrWEB: BackDoor.Siggen.31020, BitDefender: Worm.Generic.333900, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\61.exe - [B]Trojan.MSIL.Crypt.do[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6649408, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\62.exe - [B]Trojan.Win32.Agent.hurs[/B] ( DrWEB: BackDoor.Siggen.29895, BitDefender: Trojan.Generic.KD.233913, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Vexral-G [Wrm] )[*] c:\\windows\\system32\\63.exe - [B]Backdoor.Win32.Floder.is[/B] ( DrWEB: BackDoor.Ddoser.213, BitDefender: Trojan.Generic.KD.252582, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\70.exe - [B]Backdoor.Win32.Floder.ha[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Trojan.Generic.KD.219665 )[*] c:\\windows\\system32\\71.exe - [B]Backdoor.Win32.Floder.hs[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Backdoor.Generic.677443, NOD32: Win32/AutoRun.KS worm, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\72.exe - [B]Trojan.Win32.Menti.gktf[/B] ( DrWEB: BackDoor.Siggen.31020, BitDefender: Worm.Generic.333900, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\73.exe - [B]Backdoor.Win32.Floder.ha[/B] ( DrWEB: BackDoor.IRC.Bot.896, BitDefender: Trojan.Generic.KD.219665 )[*] c:\\windows\\system32\\74.exe - [B]Backdoor.Win32.Floder.hl[/B] ( DrWEB: Trojan.Packed.21650, BitDefender: Trojan.Generic.KD.225550, AVAST4: Win32:SdBot-HAS [Trj] )[*] c:\\windows\\system32\\75.exe - [B]Trojan.MSIL.Crypt.ew[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6158973, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\76.exe - [B]Trojan.Win32.Agent.hurx[/B] ( DrWEB: Trojan.Inject.44780, BitDefender: Trojan.Generic.KD.236026, AVAST4: Win32:Dorkbot [Wrm] )[*] c:\\windows\\system32\\77.exe - [B]Backdoor.Win32.Floder.hl[/B] ( DrWEB: Trojan.Packed.21650, BitDefender: Trojan.Generic.KD.225550, AVAST4: Win32:SdBot-HAS [Trj] )[*] c:\\windows\\system32\\78.exe - [B]Trojan.MSIL.Crypt.ho[/B] ( DrWEB: Win32.HLLW.Autoruner.47443, BitDefender: Trojan.Generic.6703019, AVAST4: MSIL:Dropper-KX [Drp] )[*] c:\\windows\\system32\\80.exe - [B]Backdoor.Win32.Floder.is[/B] ( DrWEB: BackDoor.Ddoser.213, BitDefender: Trojan.Generic.KD.252582, AVAST4: Win32:Malware-gen )[*] c:\\windows\\system32\\87.exe - [B]Trojan.Win32.Pincav.bgsm[/B] ( DrWEB: Trojan.Packed.21754, BitDefender: Trojan.Generic.6254750, AVAST4: Win32:Kryptik-DCG [Trj] )[/LIST][/LIST]