Вирусы на другом компьютере

Вирусы попали и на другой компьютер. Все тоже самое. На рабочем столе написано опасность.

[ATTACH]84472[/ATTACH]

[ATTACH]84473[/ATTACH]

[ATTACH]84474[/ATTACH]

[URL="http://virusinfo.info/showthread.php?t=4491"]Пофиксить[/URL]

[CODE]F2 - REG:system.ini: Shell=Explorer.exe csrcs.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe
O2 - BHO: (no name) - {E401626E-17DF-48C1-AB17-93AA25EEBCFF} - C:\WINDOWS\system32\appmg.dll
O4 - HKCU\..\Run: [system] c:\SVCHOST.exe
O4 - HKCU\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe
O4 - HKCU\..\Run: [winlogon] C:\Documents and Settings\lunegov\svchost.exe
O4 - HKLM\..\Policies\Explorer\Run: [csrcs] C:\WINDOWS\system32\csrcs.exe
O9 - Extra button: (no name) - {8DAE90AD-4583-4977-9DD4-4360F7A45C74} - (no file)[/CODE]

[URL="http://virusinfo.info/showthread.php?t=7239"]AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".[/URL]

[CODE]begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\comaddi.dll','');
QuarantineFile('C:\WINDOWS\system32\clbcat.dll','');
QuarantineFile('C:\WINDOWS\system32\ciod.dll','');
QuarantineFile('C:\WINDOWS\system32\cfgmgr3.dll','');
QuarantineFile('C:\WINDOWS\system32\cewmd.dll','');
QuarantineFile('C:\WINDOWS\system32\certmg.dll','');
QuarantineFile('C:\WINDOWS\system32\ccfgn.dll','');
QuarantineFile('C:\WINDOWS\system32\capesnp.dll','');
QuarantineFile('C:\WINDOWS\system32\camoch.dll','');
QuarantineFile('C:\WINDOWS\system32\avica.dll','');
QuarantineFile('C:\WINDOWS\system32\atkctr.dll','');
QuarantineFile('C:\WINDOWS\system32\appmgmt.dll','');
QuarantineFile('C:\WINDOWS\system32\appmg.dll','');
QuarantineFile('C:\WINDOWS\system32\apcup.dll','');
QuarantineFile('C:\WINDOWS\system32\apcu.dll','');
QuarantineFile('C:\WINDOWS\system32\amstrea.dll','');
QuarantineFile('C:\WINDOWS\system32\adsldpr.dll','');
QuarantineFile('C:\WINDOWS\system32\adsldpm.dll','');
QuarantineFile('C:\WINDOWS\system32\adsldpi.dll','');
QuarantineFile('C:\WINDOWS\system32\actxprx.dll','');
QuarantineFile('C:\WINDOWS\system32\AcSignIco.dll','');
QuarantineFile('C:\WINDOWS\system32\AcSignIc.dll','');
QuarantineFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Tree.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Nicha.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\ywpml.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\yfdwh.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\xvovf.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\wxjxx.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\wmdtx.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\vljtm.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\vipdm.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\uyopi.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\uogvx.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\tacas.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\shfxq.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\rebwp.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\qimhg.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\pavvz.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mohei.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mfdgq.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\mavfo.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\ibobo.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\hpmyk.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\fqxad.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\dsxll.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\darto.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\cdyeu.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bivjz.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bipsp.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\Cookies\bgcbv.exe','');
QuarantineFile('c:\windows\system32\appmg.dll','');
QuarantineFile('c:\SVCHOST.exe','');
QuarantineFile('C:\WINDOWS\system32\lphc3ljj0en1n.exe','');
QuarantineFile('C:\WINDOWS\system32\drivers\services.exe','');
QuarantineFile('C:\WINDOWS\system32\csrcs.exe','');
QuarantineFile('C:\WINDOWS\system32\SVOHOST.exe','');
QuarantineFile('C:\Documents and Settings\lunegov\svchost.exe','');
DeleteService('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');
QuarantineFile('C:\WINDOWS\TEMP\A8DA.tmp','');
DeleteService('Network Driver Interface');
QuarantineFile('G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\svchost.exe','');
DeleteFile('G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1015\svchost.exe');
DeleteFile('C:\WINDOWS\TEMP\A8DA.tmp');
DeleteFile('C:\Documents and Settings\lunegov\svchost.exe');
DeleteFile('C:\WINDOWS\system32\SVOHOST.exe');
DeleteFile('C:\WINDOWS\system32\blphc3ljj0en1n.scr');
DeleteFile('C:\WINDOWS\system32\csrcs.exe');
DeleteFile('C:\WINDOWS\system32\drivers\services.exe');
DeleteFile('C:\WINDOWS\system32\lphc3ljj0en1n.exe');
DeleteFile('c:\SVCHOST.exe');
DeleteFile('c:\windows\system32\appmg.dll');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\bgcbv.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\bipsp.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\bivjz.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\cdyeu.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\darto.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\dsxll.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\fqxad.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\hpmyk.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ibobo.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\mavfo.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\mfdgq.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\mohei.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\pavvz.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\puldt.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\qimhg.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\rebwp.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\shfxq.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\tacas.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\uogvx.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\uyopi.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\vipdm.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\vljtm.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\wmdtx.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\wxjxx.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\xvovf.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\yfdwh.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ywpml.exe');
DeleteFile('C:\WINDOWS\system32\AcSignIc.dll');
DeleteFile('C:\WINDOWS\system32\AcSignIco.dll');
DeleteFile('C:\WINDOWS\system32\actxprx.dll');
DeleteFile('C:\WINDOWS\system32\adsldpf.dll');
DeleteFile('C:\WINDOWS\system32\adsldpi.dll');
DeleteFile('C:\WINDOWS\system32\adsldpm.dll');
DeleteFile('C:\WINDOWS\system32\adsldpr.dll');
DeleteFile('C:\WINDOWS\system32\amstrea.dll');
DeleteFile('C:\WINDOWS\system32\apcu.dll');
DeleteFile('C:\WINDOWS\system32\apcup.dll');
DeleteFile('C:\WINDOWS\system32\appmg.dll');
DeleteFile('C:\WINDOWS\system32\appmgmt.dll');
DeleteFile('C:\WINDOWS\system32\atkctr.dll');
DeleteFile('C:\WINDOWS\system32\autodis.dll');
DeleteFile('C:\WINDOWS\system32\avica.dll');
DeleteFile('C:\WINDOWS\system32\camoc.dll');
DeleteFile('C:\WINDOWS\system32\camoch.dll');
DeleteFile('C:\WINDOWS\system32\capesnp.dll');
DeleteFile('C:\WINDOWS\system32\ccfgn.dll');
DeleteFile('C:\WINDOWS\system32\certmg.dll');
DeleteFile('C:\WINDOWS\system32\cewmd.dll');
DeleteFile('C:\WINDOWS\system32\cfgmgr3.dll');
DeleteFile('C:\WINDOWS\system32\ciod.dll');
DeleteFile('C:\WINDOWS\system32\clbcat.dll');
DeleteFile('C:\WINDOWS\system32\comaddi.dll');
BC_ImportALL;
ExecuteSysClean;
BC_Activate;
ExecuteRepair(5 );
ExecuteRepair(6 );
RegKeyStrParamWrite('HKEY_USERS','.DEFAULT\Control Panel\Desktop','Wallpaper','');
RebootWindows(true);
end.
[/CODE]

Пришлите карантин по правилам и повторите логи...

Компьютер нормально работал 2 дня. Потом он вообще перестал запускаться. Сейчас вроде бы заходит. Куча вирусов.

[ATTACH]85527[/ATTACH]

[ATTACH]85528[/ATTACH]

[ATTACH]85529[/ATTACH]

Елки-палки, вы еще логи бы через год предоставили :)

Отключите восстановление системы!

[URL="http://virusinfo.info/showthread.php?t=7239"]AVZ, меню "Файл - Выполнить скрипт" -- Скопировать ниже написанный скрипт-- Нажать кнопку "Запустить".[/URL]

[CODE]begin
ClearQuarantine;
SearchRootkit(true, true);
SetAVZGuardStatus(True);
DelBHO('{BCE97A72-640B-4DED-923F-8196FC01F76B}');
DelBHO('{A4657622-7B0E-43A0-BEAF-51B11A8F7396}');
DelBHO('{6E49BE9F-9C3C-4D92-921E-6A3F181E1A41}');
DelBHO('{4AEB25BE-964A-3E1F-BA33-E2D186D44BDB}');
DeleteService('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');
QuarantineFile('C:\WINDOWS\TEMP\A8DA.tmp','');
QuarantineFile('C:\WINDOWS\system32\yayaabxV.dll','');
QuarantineFile('C:\WINDOWS\system32\xxyyvwwT.dll','');
QuarantineFile('C:\WINDOWS\System32\rdzkyb.dll','');
QuarantineFile('C:\WINDOWS\system32\ltwtkhah.dll','');
DeleteFile('C:\WINDOWS\system32\ltwtkhah.dll');
DeleteFile('C:\WINDOWS\System32\rdzkyb.dll');
DeleteFile('C:\WINDOWS\system32\xxyyvwwT.dll');
DeleteFile('C:\WINDOWS\system32\yayaabxV.dll');
DeleteFile('C:\WINDOWS\TEMP\A8DA.tmp');
DeleteFile('C:\WINDOWS\system32\blphc3ljj0en1n.scr');
DeleteFile('C:\WINDOWS\system32\rdzkyb.dll');
DeleteFile('xxyyvwwT.dll');
DeleteFile('C:\WINDOWS\system32\mwb34530.dll');
DeleteFile('C:\WINDOWS\system32\appmgmt.dll');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\abpfx.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\bhkix.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ceinx.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\dquoo.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ipvhs.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\jfpbc.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\kwlkt.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\lrjln.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\msthk.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\nmpji.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\oapkb.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ppulz.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\qysil.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ttsle.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ukmdb.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\vpufs.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\vtguf.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\xfnws.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\xnrzg.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\xulun.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\ydirv.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\yoffh.exe');
DeleteFile('C:\Documents and Settings\lunegov\Cookies\yzlpy.exe');
DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Андреев\Рефераты\Ресурсоведение\75971.zip');
DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\Sound Forge\axdlplug-1.5.0.0-0147-setup.exe');
DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Nicha.exe');
DeleteFile('C:\Documents and Settings\lunegov\Мои документы\Слащев\MY DOCUMENTS\РУКОКРЫЛЫЕ\Лет мыши\ИНФОРМАЦИЯ\Интернет\Tree.exe');
DeleteFile('C:\Program Files\IMAGINE 8.6\Bin\NTx86\resampleprocess.exe');
DeleteFile('C:\Program Files\Trend Micro\HijackThis\backups\backup-20081014-152418-395.dll');
DeleteFile('C:\WINDOWS\system32\AcSignIco.dll');
DeleteFile('C:\WINDOWS\system32\adsnd.dll');
DeleteFile('C:\WINDOWS\system32\atl7.dll');
DeleteFile('C:\WINDOWS\system32\cewmd.dll');
DeleteFile('C:\WINDOWS\system32\cfgbken.dll');
DeleteFile('C:\WINDOWS\system32\cmsetAC.dll');
DeleteFile('C:\WINDOWS\system32\cmsetACm.dll');
DeleteFile('C:\WINDOWS\system32\cnbjmo.dll');
DeleteFile('C:\WINDOWS\system32\comrep.dll');
DeleteFile('C:\WINDOWS\system32\comsna.dll');
DeleteFile('C:\WINDOWS\system32\comsvc.dll');
BC_ImportALL;
ExecuteSysClean;
BC_DeleteSvc('{DEF85C80-216A-43ab-AF70-1665EDBE2780}');
BC_Activate;
ExecuteRepair(5 );
ExecuteRepair(6 );
RegKeyStrParamWrite('HKCU','Control Panel\International','sTimeFormat','H:mm:ss');
RegKeyStrParamWrite('HKEY_USERS','.DEFAULT\Control Panel\Desktop','Wallpaper','');
RebootWindows(true);
end.[/CODE]

Повторите логи...

Статистика проведенного лечения:
[LIST][*]Получено карантинов: [B]1[/B][*]Обработано файлов: [B]173[/B][*]В ходе лечения обнаружены вредоносные программы:
[LIST=1][*] c:\\documents and settings\\lunegov\\cookies\\bgcbv.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\bipsp.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\bivjz.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\cdyeu.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\darto.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\dsxll.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\fqxad.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\hpmyk.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\ibobo.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\mavfo.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\mfdgq.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\mohei.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\pavvz.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\puldt.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\qimhg.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\rebwp.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\shfxq.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\tacas.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\uogvx.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\uyopi.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\vipdm.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\vljtm.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\wmdtx.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\wxjxx.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\xvovf.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\yfdwh.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\documents and settings\\lunegov\\cookies\\ywpml.exe - [B]Trojan.Win32.Agent.agvi[/B] (DrWEB: BackDoor.Minirem.90)[*] c:\\windows\\system32\\acsignic.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\acsignico.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\actxprx.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\adsldpf.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\adsldpi.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\adsldpm.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\adsldpr.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\amstrea.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\apcu.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\apcup.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\appmg.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\appmgmt.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\atkctr.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\autodis.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\avica.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\camoc.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\camoch.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\capesnp.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\ccfgn.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\certmg.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\cewmd.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\cfgmgr3.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\ciod.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\clbcat.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[*] c:\\windows\\system32\\comaddi.dll - [B]Trojan.Win32.BHO.hbz[/B] (DrWEB: Trojan.DownLoad.7649)[/LIST][/LIST]