Ajoute les lignes suivantes sur HijackThis :
Ajoute le fichier suivant :O4 - HKLM\..\Run: [Microsoft DLL Suspension] dllsuspend.exe
Scan du fichier :C:\Windows\system32\dllsuspend.exe
Détecté en Backdoor.Win32.IRCBot.ayu par Kaspersky.File Picture-003.JPEG_www.myspace.com received on 01.04.2008 18:30:26 (CET)
Current status: finished
Result: 5/32 (15.62%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
AhnLab-V3 2008.1.4.11 2008.01.04 -
AntiVir 7.6.0.46 2008.01.04 TR/Crypt.XPACK.Gen
Authentium 4.93.8 2008.01.04 -
Avast 4.7.1098.0 2008.01.03 -
AVG 7.5.0.516 2008.01.04 -
BitDefender 7.2 2008.01.04 -
CAT-QuickHeal 9.00 2008.01.04 -
ClamAV 0.91.2 2008.01.04 -
DrWeb 4.44.0.09170 2008.01.04 -
eSafe 7.0.15.0 2008.01.03 Suspicious File
eTrust-Vet 31.3.5430 2008.01.04 -
Ewido 4.0 2008.01.04 -
FileAdvisor 1 2008.01.04 -
Fortinet 3.14.0.0 2008.01.04 -
F-Prot 4.4.2.54 2008.01.04 -
F-Secure 6.70.13030.0 2008.01.04 -
Ikarus T3.1.1.15 2008.01.04 -
Kaspersky 7.0.0.125 2008.01.04 -
McAfee 5200 2008.01.04 -
Microsoft 1.3109 2008.01.04 -
NOD32v2 2765 2008.01.04 -
Norman 5.80.02 2008.01.04 -
Panda 9.0.0.4 2008.01.03 Suspicious file
Prevx1 V2 2008.01.04 -
Rising 20.25.42.00 2008.01.04 -
Sophos 4.24.0 2008.01.04 Mal/Emogen-N
Sunbelt 2.2.907.0 2008.01.04 -
Symantec 10 2008.01.04 -
TheHacker 6.2.9.180 2008.01.04 -
VBA32 3.12.2.5 2008.01.02 -
VirusBuster 4.3.26:9 2008.01.04 -
Webwasher-Gateway 6.6.2 2008.01.04 Trojan.Crypt.XPACK.Gen
Additional information
File size: 72192 bytes
MD5: 0fae1b30bf6dba2706220323373ab2fe
SHA1: d582d3f3b3900459bd003d206bf0e2bf8c93d69a
PEiD: -
packers: EXECryptor
packers: Execryptor