Aide pour Trojan TR/Crypt.XPACK.Gen : ssqNFUOi.dll
Dernière réponse : dans Sécurité
Bonjour
Mon antivirus Antivir detecte un cheval de troie qu'il n'arrive pas à supprimer
C:\WINDOWS\SYSTEM32\ssqNFUOi.dll
Is the Trojan Horse TR/Crypt.XPACK.Gen
Voici le rapport Combofix :
ComboFix 08-05-25.3 - manu51p 2008-05-26 14:18:13.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.488 [GMT 2:00]
Running from: C:\Documents and Settings\manu51p\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))
.
2008-05-26 14:17 . 2008-05-26 14:17 371,200 --a------ C:\WINDOWS\system32\khfDWMCu.dll
2008-05-26 10:42 . 2008-05-26 10:42 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-25 23:51 . 2008-05-25 23:51 6,696 --a------ C:\upload_moi_WIN-1.tar.gz
2008-05-25 18:57 . 2008-05-25 18:57 <DIR> d-------- C:\Program Files\Avira
2008-05-25 18:57 . 2008-05-25 18:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-25 15:42 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-05-25 15:42 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-05-25 15:42 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-05-25 15:42 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-05-25 15:42 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-05-25 15:41 . 2008-05-25 15:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-05-25 00:19 . 2008-05-25 00:19 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-05-25 00:18 . 2008-05-25 00:19 <DIR> d-------- C:\WFDB
2008-05-25 00:18 . 2008-05-25 00:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-05-25 00:18 . 2007-02-26 20:20 49,152 --a------ C:\WINDOWS\system32\TempDel.EXE
2008-05-25 00:18 . 2005-01-06 16:55 9,446 --a------ C:\WINDOWS\system32\drivers\WFIOCTL.sys
2008-05-24 23:22 . 2008-05-25 19:41 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-24 22:36 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
2008-05-24 22:36 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll
2008-05-24 22:36 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll
2008-05-24 22:36 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll
2008-05-24 22:36 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-05-24 22:36 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll
2008-05-24 22:36 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll
2008-05-24 22:34 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-05-24 22:32 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-24 22:01 . 2008-05-24 23:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-24 21:46 . 2008-05-24 21:57 <DIR> d-------- C:\VIDEO
2008-05-24 20:13 . 2008-05-24 20:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-24 20:12 . 2008-05-24 20:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-24 19:39 . 2008-05-24 19:39 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-05-24 19:37 . 2008-03-01 15:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-24 19:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-24 19:37 . 2007-03-08 07:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-24 19:37 . 2008-03-01 15:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-24 19:37 . 2008-03-01 15:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-24 19:37 . 2008-03-01 15:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-24 19:37 . 2008-03-01 15:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-24 19:37 . 2008-03-01 15:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-24 19:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-24 19:34 . 2008-05-24 19:37 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-24 19:22 . 2008-05-24 19:22 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-05-24 19:18 . 2008-05-24 19:18 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-05-24 19:18 . 2008-05-24 19:20 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-24 19:06 . 2008-05-24 19:09 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\en
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\l2schemas
2008-05-24 18:20 . 2008-05-24 18:23 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-24 18:16 . 2007-08-10 20:46 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-24 18:06 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-24 18:05 . 2004-08-03 22:29 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-05-24 17:53 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-05-24 17:53 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-05-24 17:53 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-05-24 17:53 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-05-24 17:53 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-05-24 15:48 . 2008-05-24 15:48 <DIR> d-------- C:\Program Files\compression
2008-05-24 15:48 . 2006-07-30 21:26 516,096 --a------ C:\WINDOWS\system32\WBOCX.OCX
2008-05-24 15:48 . 2006-07-30 21:26 50,688 --a------ C:\WINDOWS\system32\WBHELP2.DLL
2008-05-24 15:47 . 2008-05-24 15:47 12,800 -----c--- C:\WINDOWS\system32\dllcache\WgaTray.exe
2008-05-24 15:47 . 2008-05-24 15:47 3,584 -----c--- C:\WINDOWS\system32\dllcache\WgaLogon.dll
2008-05-24 15:46 . 2004-08-04 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-24 15:36 . 2008-05-24 15:37 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-24 15:25 . 2006-04-20 15:20 19,456 --a------ C:\WINDOWS\system32\drivers\wf2ktunr.sys
2008-05-24 15:25 . 2008-04-13 20:39 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2008-05-24 15:24 . 2008-04-13 20:46 19,200 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2008-05-24 15:24 . 2008-04-14 02:12 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2008-05-24 15:24 . 2008-04-13 20:46 15,232 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2008-05-24 15:23 . 2008-04-13 20:46 85,248 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2008-05-24 15:23 . 2008-04-13 20:46 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2008-05-24 15:23 . 2008-04-13 20:46 11,136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2008-05-24 15:23 . 2008-04-13 20:46 10,880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2008-05-24 15:14 . 2008-04-14 02:12 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2008-05-24 15:14 . 2008-04-14 02:12 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2008-05-24 15:14 . 2008-04-14 02:12 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-05-24 15:14 . 2008-04-14 02:12 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-05-24 15:14 . 2008-04-14 02:12 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2008-05-24 15:14 . 2008-04-14 02:12 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2008-05-24 15:14 . 2008-04-14 02:12 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax
2008-05-24 15:13 . 2006-04-20 14:50 59,776 --a------ C:\WINDOWS\system32\drivers\wf2kvcap.sys
2008-05-24 15:13 . 2006-04-20 14:49 9,600 --a------ C:\WINDOWS\system32\drivers\wf2kXbar.sys
2008-05-24 15:13 . 2002-06-03 22:52 2,238 --a------ C:\WINDOWS\system32\WFDRV.ico
2008-05-24 15:12 . 2008-05-24 15:12 <DIR> d-------- C:\WINDOWS\system32\WinFox
2008-05-24 15:12 . 2008-05-24 15:13 <DIR> d-------- C:\WINDOWS\system32\WinFast
2008-05-24 15:12 . 1998-10-07 13:08 327,168 --a------ C:\WINDOWS\IsUn040c.exe
2008-05-24 15:12 . 2002-11-28 21:27 9,613 --a------ C:\WINDOWS\system32\drivers\WINFOXIO.sys
2008-05-24 15:04 . 2008-05-24 15:04 <DIR> d-------- C:\WINDOWS\WinFast
2008-05-24 14:37 . 2008-05-24 14:37 <DIR> d---s---- C:\Documents and Settings\manu51p\UserData
2008-05-24 14:33 . 2008-05-25 00:18 <DIR> d-------- C:\Program Files\Video
2008-05-24 14:32 . 2008-05-24 14:32 56,320 --a------ C:\WINDOWS\system32\ssqNFUOi.dll
2008-05-24 14:24 . 2008-05-24 14:24 <DIR> d-------- C:\Program Files\uTorrent
2008-05-24 13:11 . 2008-05-24 13:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-05-24 13:08 . 2008-05-24 13:09 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-05-24 13:07 . 2008-05-24 13:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-24 13:06 . 2006-10-22 12:22 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-24 13:06 . 2008-05-26 12:44 88,566 --a------ C:\WINDOWS\system32\nvapps.xml
2008-05-24 13:06 . 2006-10-22 12:22 17,056 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-24 13:05 . 2008-05-24 13:05 <DIR> d-------- C:\NVIDIA
2008-05-24 13:05 . 2006-10-22 15:06 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-05-24 12:51 . 2008-05-24 12:51 <DIR> d-------- C:\Program Files\MSI
2008-05-24 12:51 . 1998-10-02 19:00 327,168 --a------ C:\WINDOWS\IsUninst.exe
2008-05-24 12:46 . 2008-05-24 13:07 <DIR> d-------- C:\WINDOWS\nview
2008-05-24 12:31 . 2008-05-24 12:31 25 --a------ C:\WINDOWS\mixerdef.ini
2008-05-24 12:29 . 2008-05-24 12:29 <DIR> d-------- C:\Program Files\C-Media
2008-05-24 12:29 . 2008-05-24 14:32 <DIR> d-------- C:\download
2008-05-24 12:20 . 2002-07-10 08:41 80,896 -ra------ C:\WINDOWS\system32\drivers\NVENET.sys
2008-05-24 12:20 . 2002-07-10 08:41 1,024 -ra------ C:\WINDOWS\system32\drivers\jedih2rx.bin
2008-05-24 12:20 . 2002-07-10 08:41 122 -ra------ C:\WINDOWS\system32\drivers\ramsed.bin
2008-05-24 12:20 . 2002-07-10 08:41 42 -ra------ C:\WINDOWS\system32\drivers\jedireg.pat
2008-05-24 12:19 . 2000-03-29 16:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-05-24 12:19 . 2008-05-24 12:19 2,626 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-05-24 11:55 . 2008-05-25 19:39 <DIR> d-------- C:\Program Files\Antivirus
2008-05-24 11:39 . 2008-05-24 11:39 <DIR> d-------- C:\Program Files\TechCity Solutions
2008-05-24 11:39 . 2008-05-25 00:19 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-05-24 11:38 . 2008-05-24 13:05 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-05-24 11:38 . 2008-05-24 21:42 <DIR> d-------- C:\Program Files\Alice
2008-05-24 04:29 . 2008-05-25 19:36 <DIR> d-------- C:\Documents and Settings\manu51p
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-13 03:53 . 2008-05-13 03:53 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-13 03:53 . 2008-05-13 03:53 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 16:54 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-13 01:53 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-13 01:53 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-05-13 01:53 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-05-13 01:53 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-05-13 01:53 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-04-14 03:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 03:42 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 03:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 00:13 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 00:11 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 00:10 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:27 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
2008-04-13 18:46 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 18:46 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:43 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys
2008-04-13 18:41 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 18:39 92,544 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
.
((((((((((((((((((((((((((((( snapshot@2008-05-26_ 0.07.20.17 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-25 22:05:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 10:43:49 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 10:44:01 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_5a0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E23136A1-1AC4-4D1B-926F-5D537CFFF359}]
2008-05-24 14:32 56320 --a------ C:\WINDOWS\system32\ssqNFUOi.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 02:12 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 02:12 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 1818624 C:\WINDOWS\mixer.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2008-04-30 18:30 498176]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AliceSAV"="C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 17:57 81408]
"tcactive"="C:\Program Files\Antivirus\The Cleaner\tca.exe" [2004-04-09 09:26 631808]
"tcmonitor"="C:\Program Files\Antivirus\The Cleaner\tcm.exe" [2004-03-13 13:48 388096]
"WinFast Schedule"="C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe" [2007-10-18 13:47 876544]
"a-squared"="C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe" [2008-05-12 09:02 1961104]
"Anti Trojan Elite"="C:\Program Files\Antivirus\Anti Trojan Elite\TJEnder.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:12 15360]
"Spyware Doctor"="" []
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{E23136A1-1AC4-4D1B-926F-5D537CFFF359}"= C:\WINDOWS\system32\ssqNFUOi.dll [2008-05-24 14:32 56320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqNFUOi]
ssqNFUOi.dll 2008-05-24 14:32 56320 C:\WINDOWS\system32\ssqNFUOi.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Pvb15.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 14:50]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 15:20]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 14:49]
R3 wfioctl;WFIOCTL;C:\Program Files\Video\Winfast\WFTVFM\WFIOCTL.SYS [2005-01-06 16:55]
S3 ate_procmon;ATE_PROCMON;C:\Program Files\Antivirus\Anti Trojan Elite\ATEPMon.sys []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-26 14:20:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\ssqNFUOi.dll
.
Completion time: 2008-05-26 14:21:03
ComboFix-quarantined-files.txt 2008-05-26 12:20:57
ComboFix2.txt 2008-05-26 09:43:23
Pre-Run: 11,035,226,112 bytes free
Post-Run: 11,023,290,368 bytes free
307
Pourriez vous m'aider à comprendre ce rapport ou à supprimer ce trojan
Mon antivirus Antivir detecte un cheval de troie qu'il n'arrive pas à supprimer
C:\WINDOWS\SYSTEM32\ssqNFUOi.dll
Is the Trojan Horse TR/Crypt.XPACK.Gen
Voici le rapport Combofix :
ComboFix 08-05-25.3 - manu51p 2008-05-26 14:18:13.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.488 [GMT 2:00]
Running from: C:\Documents and Settings\manu51p\Desktop\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((( Files Created from 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))
.
2008-05-26 14:17 . 2008-05-26 14:17 371,200 --a------ C:\WINDOWS\system32\khfDWMCu.dll
2008-05-26 10:42 . 2008-05-26 10:42 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-25 23:51 . 2008-05-25 23:51 6,696 --a------ C:\upload_moi_WIN-1.tar.gz
2008-05-25 18:57 . 2008-05-25 18:57 <DIR> d-------- C:\Program Files\Avira
2008-05-25 18:57 . 2008-05-25 18:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-25 15:42 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-05-25 15:42 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-05-25 15:42 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-05-25 15:42 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-05-25 15:42 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-05-25 15:41 . 2008-05-25 15:41 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-05-25 00:19 . 2008-05-25 00:19 <DIR> d-------- C:\Program Files\Common Files\Ulead Systems
2008-05-25 00:18 . 2008-05-25 00:19 <DIR> d-------- C:\WFDB
2008-05-25 00:18 . 2008-05-25 00:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Ulead Systems
2008-05-25 00:18 . 2007-02-26 20:20 49,152 --a------ C:\WINDOWS\system32\TempDel.EXE
2008-05-25 00:18 . 2005-01-06 16:55 9,446 --a------ C:\WINDOWS\system32\drivers\WFIOCTL.sys
2008-05-24 23:22 . 2008-05-25 19:41 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-24 22:36 . 2008-03-05 15:56 3,786,760 --a------ C:\WINDOWS\system32\D3DX9_37.dll
2008-05-24 22:36 . 2008-03-05 15:56 1,420,824 --a------ C:\WINDOWS\system32\D3DCompiler_37.dll
2008-05-24 22:36 . 2008-03-05 16:03 479,752 --a------ C:\WINDOWS\system32\XAudio2_0.dll
2008-05-24 22:36 . 2008-02-05 23:07 462,864 --a------ C:\WINDOWS\system32\d3dx10_37.dll
2008-05-24 22:36 . 2007-10-22 03:39 267,272 --a------ C:\WINDOWS\system32\xactengine2_10.dll
2008-05-24 22:36 . 2008-03-05 16:03 238,088 --a------ C:\WINDOWS\system32\xactengine3_0.dll
2008-05-24 22:36 . 2008-03-05 16:00 25,608 --a------ C:\WINDOWS\system32\X3DAudio1_3.dll
2008-05-24 22:34 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2008-05-24 22:32 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-24 22:01 . 2008-05-24 23:16 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-24 21:46 . 2008-05-24 21:57 <DIR> d-------- C:\VIDEO
2008-05-24 20:13 . 2008-05-24 20:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-24 20:12 . 2008-05-24 20:12 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-24 19:39 . 2008-05-24 19:39 118 --a------ C:\WINDOWS\system32\MRT.INI
2008-05-24 19:37 . 2008-03-01 15:06 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-05-24 19:37 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-05-24 19:37 . 2007-03-08 07:10 991,232 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-05-24 19:37 . 2008-03-01 15:06 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-05-24 19:37 . 2008-03-01 15:06 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-05-24 19:37 . 2008-03-01 15:06 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-05-24 19:37 . 2008-03-01 15:06 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-05-24 19:37 . 2008-03-01 15:06 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-05-24 19:37 . 2008-02-22 12:00 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-05-24 19:34 . 2008-05-24 19:37 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-05-24 19:22 . 2008-05-24 19:22 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2008-05-24 19:18 . 2008-05-24 19:18 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-05-24 19:18 . 2008-05-24 19:20 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-24 19:06 . 2008-05-24 19:09 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\en
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\system32\bits
2008-05-24 18:22 . 2008-05-24 18:22 <DIR> d-------- C:\WINDOWS\l2schemas
2008-05-24 18:20 . 2008-05-24 18:23 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-05-24 18:16 . 2007-08-10 20:46 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-24 18:06 . 2004-08-03 22:41 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2008-05-24 18:05 . 2004-08-03 22:29 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-05-24 17:53 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-05-24 17:53 . 2007-07-30 19:18 34,136 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-05-24 17:53 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-05-24 17:53 . 2007-07-30 19:19 25,944 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-05-24 17:53 . 2007-07-30 19:18 20,312 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-05-24 15:48 . 2008-05-24 15:48 <DIR> d-------- C:\Program Files\compression
2008-05-24 15:48 . 2006-07-30 21:26 516,096 --a------ C:\WINDOWS\system32\WBOCX.OCX
2008-05-24 15:48 . 2006-07-30 21:26 50,688 --a------ C:\WINDOWS\system32\WBHELP2.DLL
2008-05-24 15:47 . 2008-05-24 15:47 12,800 -----c--- C:\WINDOWS\system32\dllcache\WgaTray.exe
2008-05-24 15:47 . 2008-05-24 15:47 3,584 -----c--- C:\WINDOWS\system32\dllcache\WgaLogon.dll
2008-05-24 15:46 . 2004-08-04 14:00 4,224 --a------ C:\WINDOWS\system32\beep.sys
2008-05-24 15:36 . 2008-05-24 15:37 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-24 15:25 . 2006-04-20 15:20 19,456 --a------ C:\WINDOWS\system32\drivers\wf2ktunr.sys
2008-05-24 15:25 . 2008-04-13 20:39 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2008-05-24 15:24 . 2008-04-13 20:46 19,200 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2008-05-24 15:24 . 2008-04-14 02:12 16,384 --a------ C:\WINDOWS\system32\ipsink.ax
2008-05-24 15:24 . 2008-04-13 20:46 15,232 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2008-05-24 15:23 . 2008-04-13 20:46 85,248 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2008-05-24 15:23 . 2008-04-13 20:46 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2008-05-24 15:23 . 2008-04-13 20:46 11,136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2008-05-24 15:23 . 2008-04-13 20:46 10,880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2008-05-24 15:14 . 2008-04-14 02:12 91,136 --a------ C:\WINDOWS\system32\kswdmcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 91,136 --a--c--- C:\WINDOWS\system32\dllcache\kswdmcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 61,952 --a------ C:\WINDOWS\system32\kstvtune.ax
2008-05-24 15:14 . 2008-04-14 02:12 61,952 --a--c--- C:\WINDOWS\system32\dllcache\kstvtune.ax
2008-05-24 15:14 . 2008-04-14 02:12 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2008-05-24 15:14 . 2008-04-14 02:12 53,760 --a--c--- C:\WINDOWS\system32\dllcache\vfwwdm32.dll
2008-05-24 15:14 . 2008-04-14 02:12 43,008 --a------ C:\WINDOWS\system32\ksxbar.ax
2008-05-24 15:14 . 2008-04-14 02:12 43,008 --a--c--- C:\WINDOWS\system32\dllcache\ksxbar.ax
2008-05-24 15:14 . 2008-04-14 02:12 28,672 --a------ C:\WINDOWS\system32\vidcap.ax
2008-05-24 15:14 . 2008-04-14 02:12 28,672 --a--c--- C:\WINDOWS\system32\dllcache\vidcap.ax
2008-05-24 15:13 . 2006-04-20 14:50 59,776 --a------ C:\WINDOWS\system32\drivers\wf2kvcap.sys
2008-05-24 15:13 . 2006-04-20 14:49 9,600 --a------ C:\WINDOWS\system32\drivers\wf2kXbar.sys
2008-05-24 15:13 . 2002-06-03 22:52 2,238 --a------ C:\WINDOWS\system32\WFDRV.ico
2008-05-24 15:12 . 2008-05-24 15:12 <DIR> d-------- C:\WINDOWS\system32\WinFox
2008-05-24 15:12 . 2008-05-24 15:13 <DIR> d-------- C:\WINDOWS\system32\WinFast
2008-05-24 15:12 . 1998-10-07 13:08 327,168 --a------ C:\WINDOWS\IsUn040c.exe
2008-05-24 15:12 . 2002-11-28 21:27 9,613 --a------ C:\WINDOWS\system32\drivers\WINFOXIO.sys
2008-05-24 15:04 . 2008-05-24 15:04 <DIR> d-------- C:\WINDOWS\WinFast
2008-05-24 14:37 . 2008-05-24 14:37 <DIR> d---s---- C:\Documents and Settings\manu51p\UserData
2008-05-24 14:33 . 2008-05-25 00:18 <DIR> d-------- C:\Program Files\Video
2008-05-24 14:32 . 2008-05-24 14:32 56,320 --a------ C:\WINDOWS\system32\ssqNFUOi.dll
2008-05-24 14:24 . 2008-05-24 14:24 <DIR> d-------- C:\Program Files\uTorrent
2008-05-24 13:11 . 2008-05-24 13:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-05-24 13:08 . 2008-05-24 13:09 8 --a------ C:\WINDOWS\system32\nvModes.dat
2008-05-24 13:07 . 2008-05-24 13:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-24 13:06 . 2006-10-22 12:22 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-24 13:06 . 2008-05-26 12:44 88,566 --a------ C:\WINDOWS\system32\nvapps.xml
2008-05-24 13:06 . 2006-10-22 12:22 17,056 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-24 13:05 . 2008-05-24 13:05 <DIR> d-------- C:\NVIDIA
2008-05-24 13:05 . 2006-10-22 15:06 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-05-24 12:51 . 2008-05-24 12:51 <DIR> d-------- C:\Program Files\MSI
2008-05-24 12:51 . 1998-10-02 19:00 327,168 --a------ C:\WINDOWS\IsUninst.exe
2008-05-24 12:46 . 2008-05-24 13:07 <DIR> d-------- C:\WINDOWS\nview
2008-05-24 12:31 . 2008-05-24 12:31 25 --a------ C:\WINDOWS\mixerdef.ini
2008-05-24 12:29 . 2008-05-24 12:29 <DIR> d-------- C:\Program Files\C-Media
2008-05-24 12:29 . 2008-05-24 14:32 <DIR> d-------- C:\download
2008-05-24 12:20 . 2002-07-10 08:41 80,896 -ra------ C:\WINDOWS\system32\drivers\NVENET.sys
2008-05-24 12:20 . 2002-07-10 08:41 1,024 -ra------ C:\WINDOWS\system32\drivers\jedih2rx.bin
2008-05-24 12:20 . 2002-07-10 08:41 122 -ra------ C:\WINDOWS\system32\drivers\ramsed.bin
2008-05-24 12:20 . 2002-07-10 08:41 42 -ra------ C:\WINDOWS\system32\drivers\jedireg.pat
2008-05-24 12:19 . 2000-03-29 16:17 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-05-24 12:19 . 2008-05-24 12:19 2,626 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-05-24 11:55 . 2008-05-25 19:39 <DIR> d-------- C:\Program Files\Antivirus
2008-05-24 11:39 . 2008-05-24 11:39 <DIR> d-------- C:\Program Files\TechCity Solutions
2008-05-24 11:39 . 2008-05-25 00:19 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2008-05-24 11:38 . 2008-05-24 13:05 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2008-05-24 11:38 . 2008-05-24 21:42 <DIR> d-------- C:\Program Files\Alice
2008-05-24 04:29 . 2008-05-25 19:36 <DIR> d-------- C:\Documents and Settings\manu51p
2008-05-16 11:58 . 2008-05-16 11:58 12,632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-05-13 03:53 . 2008-05-13 03:53 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-13 03:53 . 2008-05-13 03:53 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-23 16:54 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-13 01:53 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-05-13 01:53 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-05-13 01:53 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-05-13 01:53 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2008-05-13 01:53 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2008-05-13 01:53 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2008-04-14 03:42 985,088 ----a-w C:\WINDOWS\system32\setupapi.dll
2008-04-14 03:42 11,264 ----a-w C:\WINDOWS\system32\spnpinst.exe
2008-04-14 03:41 423,936 ----a-w C:\WINDOWS\system32\licdll.dll
2008-04-14 00:25 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-14 00:16 329,728 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-14 00:13 92,424 ----a-w C:\WINDOWS\system32\rdpdd.dll
2008-04-14 00:13 87,176 ----a-w C:\WINDOWS\system32\rdpwsx.dll
2008-04-14 00:13 40,840 ----a-w C:\WINDOWS\system32\drivers\termdd.sys
2008-04-14 00:13 299,520 ----a-w C:\WINDOWS\system32\drmclien.dll
2008-04-14 00:13 21,896 ----a-w C:\WINDOWS\system32\drivers\tdtcp.sys
2008-04-14 00:13 139,656 ----a-w C:\WINDOWS\system32\drivers\rdpwd.sys
2008-04-14 00:13 12,168 ----a-w C:\WINDOWS\system32\tsddd.dll
2008-04-14 00:13 12,040 ----a-w C:\WINDOWS\system32\drivers\tdpipe.sys
2008-04-14 00:11 997,376 ----a-w C:\WINDOWS\system32\msgina.dll
2008-04-14 00:10 53,279 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-14 00:10 4,126 ----a-w C:\WINDOWS\system32\msdxmlc.dll
2008-04-14 00:10 3,584 ----a-w C:\WINDOWS\system32\msafd.dll
2008-04-14 00:10 102,912 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 19:30 1,845,632 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 19:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 19:27 2,188,928 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 19:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 19:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 19:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 19:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 19:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 19:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 19:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 19:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 19:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 19:18 52,480 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 19:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 19:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 19:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 19:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 19:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 19:15 64,512 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 19:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 19:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 19:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 19:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 19:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 19:00 30,080 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 19:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 19:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 18:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 18:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 18:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 18:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 18:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 18:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 18:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 18:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 18:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 18:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 18:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 18:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 18:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 18:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 18:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 18:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 18:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 18:55 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 18:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 18:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 18:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 18:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 18:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 18:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 18:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
2008-04-13 18:51 59,904 ----a-w C:\WINDOWS\system32\drivers\atmarpc.sys
2008-04-13 18:51 55,808 ----a-w C:\WINDOWS\system32\drivers\atmlane.sys
2008-04-13 18:51 101,120 ------w C:\WINDOWS\system32\drivers\bthpan.sys
2008-04-13 18:46 59,136 ------w C:\WINDOWS\system32\drivers\rfcomm.sys
2008-04-13 18:46 37,888 ------w C:\WINDOWS\system32\drivers\bthmodem.sys
2008-04-13 18:46 36,480 ------w C:\WINDOWS\system32\drivers\bthprint.sys
2008-04-13 18:46 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 18:46 25,600 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 18:46 25,344 ----a-w C:\WINDOWS\system32\drivers\sonydcam.sys
2008-04-13 18:46 18,944 ------w C:\WINDOWS\system32\drivers\bthusb.sys
2008-04-13 18:46 17,024 ------w C:\WINDOWS\system32\drivers\bthenum.sys
2008-04-13 18:46 121,984 ------w C:\WINDOWS\system32\drivers\usbvideo.sys
2008-04-13 18:44 81,664 ----a-w C:\WINDOWS\system32\drivers\videoprt.sys
2008-04-13 18:44 799,744 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 18:44 20,992 ----a-w C:\WINDOWS\system32\drivers\vga.sys
2008-04-13 18:44 17,664 ----a-w C:\WINDOWS\system32\watchdog.sys
2008-04-13 18:44 153,344 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 18:43 9,728 ------w C:\WINDOWS\system32\comsdupd.exe
2008-04-13 18:43 14,208 ------w C:\WINDOWS\system32\drivers\wacompen.sys
2008-04-13 18:43 12,800 ----a-w C:\WINDOWS\system32\spiisupd.exe
2008-04-13 18:43 12,672 ------w C:\WINDOWS\system32\drivers\mutohpen.sys
2008-04-13 18:41 52,352 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 18:39 92,544 ----a-w C:\WINDOWS\system32\drivers\mqac.sys
.
((((((((((((((((((((((((((((( snapshot@2008-05-26_ 0.07.20.17 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-25 22:05:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 10:43:49 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 10:44:01 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_5a0.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E23136A1-1AC4-4D1B-926F-5D537CFFF359}]
2008-05-24 14:32 56320 --a------ C:\WINDOWS\system32\ssqNFUOi.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 02:12 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2008-04-14 02:12 1695232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C-Media Mixer"="Mixer.exe" [2002-10-15 18:00 1818624 C:\WINDOWS\mixer.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-10-22 12:22 7700480]
"nwiz"="nwiz.exe" [2006-10-22 12:22 1622016 C:\WINDOWS\system32\nwiz.exe]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2008-04-30 18:30 498176]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-10-22 12:22 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"AliceSAV"="C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 17:57 81408]
"tcactive"="C:\Program Files\Antivirus\The Cleaner\tca.exe" [2004-04-09 09:26 631808]
"tcmonitor"="C:\Program Files\Antivirus\The Cleaner\tcm.exe" [2004-03-13 13:48 388096]
"WinFast Schedule"="C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe" [2007-10-18 13:47 876544]
"a-squared"="C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe" [2008-05-12 09:02 1961104]
"Anti Trojan Elite"="C:\Program Files\Antivirus\Anti Trojan Elite\TJEnder.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 02:12 15360]
"Spyware Doctor"="" []
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{E23136A1-1AC4-4D1B-926F-5D537CFFF359}"= C:\WINDOWS\system32\ssqNFUOi.dll [2008-05-24 14:32 56320]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqNFUOi]
ssqNFUOi.dll 2008-05-24 14:32 56320 C:\WINDOWS\system32\ssqNFUOi.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Pvb15.sys]
@="Driver"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 BT848;WinFast TV2000 XP WDM Video Capture;C:\WINDOWS\system32\drivers\wf2kvcap.sys [2006-04-20 14:50]
R2 tv2ktunr;WinFast TV2000 XP WDM TVTuner;C:\WINDOWS\system32\drivers\wf2ktunr.sys [2006-04-20 15:20]
R2 Tv2kXbar;WinFast TV2000 XP WDM Crossbar;C:\WINDOWS\system32\drivers\wf2kxbar.sys [2006-04-20 14:49]
R3 wfioctl;WFIOCTL;C:\Program Files\Video\Winfast\WFTVFM\WFIOCTL.SYS [2005-01-06 16:55]
S3 ate_procmon;ATE_PROCMON;C:\Program Files\Antivirus\Anti Trojan Elite\ATEPMon.sys []
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-26 14:20:07
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\ssqNFUOi.dll
.
Completion time: 2008-05-26 14:21:03
ComboFix-quarantined-files.txt 2008-05-26 12:20:57
ComboFix2.txt 2008-05-26 09:43:23
Pre-Run: 11,035,226,112 bytes free
Post-Run: 11,023,290,368 bytes free
307
Pourriez vous m'aider à comprendre ce rapport ou à supprimer ce trojan
Autres pages sur : aide trojan crypt xpack gen ssqnfuoi dll
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
Afin de lancer la recherche, clic sur"Rechercher".
Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]
AIDE : Tuto en images sur MBAM
Bonjour et merci pour votre aide
J'ai fait un premier scan en mode sans echec , il a detecté le trojan et m'a demandé de redémarrer pour l'effacer
Réapparition du trojan dès le redémarrage
J'ai fait un deuxième scan en mode normal , il a redétecté le trojan et m'a demandé de redémarrer pour l'effacer
Réapparition du trojan au premier démarrage mais après un deuxième démarrage il n'est plus détecté
Voici le premier rapport :
Malwarebytes' Anti-Malware 1.12
Database version: 788
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objects scanned: 67746
Time elapsed: 35 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 3
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Unloaded module successfully.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnfuoi (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\khfDWMCu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Le deuxième rapport :
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 788
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 68821
Temps écoulé: 15 minute(s), 22 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnfuoi (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Delete on reboot.
Pourriez vous m'aider a savoir s'il y a des risques que ce trojan réapparaisse après plusieurs démarrages
J'ai fait un premier scan en mode sans echec , il a detecté le trojan et m'a demandé de redémarrer pour l'effacer
Réapparition du trojan dès le redémarrage
J'ai fait un deuxième scan en mode normal , il a redétecté le trojan et m'a demandé de redémarrer pour l'effacer
Réapparition du trojan au premier démarrage mais après un deuxième démarrage il n'est plus détecté
Voici le premier rapport :
Malwarebytes' Anti-Malware 1.12
Database version: 788
Scan type: Full Scan (C:\|D:\|E:\|F:\|G:\|H:\|)
Objects scanned: 67746
Time elapsed: 35 minute(s), 19 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 3
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Unloaded module successfully.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnfuoi (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\Search Bar (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\SearchMigratedDefaultURL (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl\w\ (Trojan.Zlob) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchURL (Trojan.Zlob) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\khfDWMCu.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
Le deuxième rapport :
Malwarebytes' Anti-Malware 1.12
Version de la base de données: 788
Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 68821
Temps écoulé: 15 minute(s), 22 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 3
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Unloaded module successfully.
Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ssqnfuoi (Trojan.Vundo) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e23136a1-1ac4-4d1b-926f-5d537cfff359} (Trojan.Vundo) -> Quarantined and deleted successfully.
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
C:\WINDOWS\system32\ssqNFUOi.dll (Trojan.Vundo) -> Delete on reboot.
Pourriez vous m'aider a savoir s'il y a des risques que ce trojan réapparaisse après plusieurs démarrages
Voici le rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 20:41:27, on 27/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe
C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Antivirus\a-squared Anti-Malware\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\compression\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\manu51p\LOCALS~1\Temp\_PA37\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\Antivirus\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\Antivirus\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Antivirus\Anti Trojan Elite\TJEnder.exe :NO
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: wgalogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2antimalware) - Emsi Software GmbH - C:\Program Files\Antivirus\a-squared Anti-Malware\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (uleadburninghelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
J'espère que ce rapport pourra vous aider a savoir si le trojan est bien éliminé
Logfile of HijackThis v1.99.1
Scan saved at 20:41:27, on 27/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe
C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Nokia\Nokia PC Suite 6\PCSync2.exe
C:\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Antivirus\a-squared Anti-Malware\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\compression\PowerArchiver\POWERARC.EXE
C:\DOCUME~1\manu51p\LOCALS~1\Temp\_PA37\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AliceSAV] C:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
O4 - HKLM\..\Run: [tcactive] C:\Program Files\Antivirus\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\Antivirus\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\Video\Winfast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [a-squared] "C:\Program Files\Antivirus\a-squared Anti-Malware\a2guard.exe" /d=60
O4 - HKLM\..\Run: [Anti Trojan Elite] C:\Program Files\Antivirus\Anti Trojan Elite\TJEnder.exe :NO
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [international] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512b-b978-451d-a0d8-fcfdf33e833c} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: wgalogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Anti-Malware Service (a2antimalware) - Emsi Software GmbH - C:\Program Files\Antivirus\a-squared Anti-Malware\a2service.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (uleadburninghelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
J'espère que ce rapport pourra vous aider a savoir si le trojan est bien éliminé
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumEradiquer tr crypt.xpack.gen trojan
- ForumTrojan horse tr crypt.xpack.gen
- ForumTr crypt xpack gen
- ForumInfection troyen tr crypt xpack gen
- ForumPc infecte avec tr crypt xpack gen
- ForumInfeste par tr crypt.xpack gen
- ForumTr crypt xpack.gen
- ForumTr crypt.xpack.gen' trojan
- ForumTrojan tr crypt.zpack.gen
- ForumTrojan tr crypt.zpack.gen detecte
- Voir plus
