[Virus] Smab(0).dll
jtb
Messages postés
154
Statut
Membre
-
jtb Messages postés 154 Statut Membre -
jtb Messages postés 154 Statut Membre -
Bonjour à tous ! :-)
Je me pense infecté par les fichier smab.dll et Smab0.dll. C'est Spy Sweeper qui m'a mis la puce à l'oreille. J'ai donc analysé Smab.dll et Smab0.dll (tous deux se trouvent dans system32) par Virus total. Voici les rapport :
Smab0.dll (fichier caché + fichier système) :
AhnLab-V3 2008.7.26.0 2008.07.28 -
AntiVir 7.8.1.12 2008.07.28 -
Authentium 5.1.0.4 2008.07.28 -
Avast 4.8.1195.0 2008.07.27 -
AVG 8.0.0.130 2008.07.27 -
BitDefender 7.2 2008.07.28 -
CAT-QuickHeal 9.50 2008.07.25 -
ClamAV 0.93.1 2008.07.28 -
DrWeb 4.44.0.09170 2008.07.28 -
eSafe 7.0.17.0 2008.07.27 Suspicious File
eTrust-Vet 31.6.5983 2008.07.26 -
Ewido 4.0 2008.07.27 -
F-Prot 4.4.4.56 2008.07.28 -
F-Secure 7.60.13501.0 2008.07.28 -
Fortinet 3.14.0.0 2008.07.26 -
GData 2.0.7306.1023 2008.07.28 -
Ikarus T3.1.1.34.0 2008.07.28 -
Kaspersky 7.0.0.125 2008.07.28 -
McAfee 5347 2008.07.25 -
Microsoft 1.3704 2008.07.28 -
NOD32v2 3301 2008.07.27 -
Norman 5.80.02 2008.07.25 -
Panda 9.0.0.4 2008.07.27 -
PCTools 4.4.2.0 2008.07.27 -
Prevx1 V2 2008.07.28 -
Rising 20.55.01.00 2008.07.28 -
Sophos 4.31.0 2008.07.28 -
Sunbelt 3.1.1536.1 2008.07.25 -
Symantec 10 2008.07.28 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.28 -
ViRobot 2008.7.26.1311 2008.07.28 -
VirusBuster 4.5.11.0 2008.07.27 -
Webwasher-Gateway 6.6.2 2008.07.28 Win32.Malware.gen!88 (suspicious)
Information additionnelle
File size: 27648 bytes
MD5...: 2cdfdd3019e885d32c0d7c47ec33f8b3
SHA1..: fa2c7ec1478056ba921c10b433359ef302b3eddd
SHA256: d4ceed9eeecab9ec14b0bbe3bff53285719295d2c6ba235496c7526890b0a6d2
SHA512: 5f4c9b451d8f2329465e61bbdb9b51fa7ac7207174595cbd16af6709cd36ea92
65270b58249b1cf1060c70c04ac8fb534580fbb28e5a38a61d0e3402e73dce5a
PEiD..: PECompact 2.xx --> BitSum Technologies
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001000
timedatestamp.....: 0x46495058 (Tue May 15 06:16:56 2007)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x14000 0x4800 7.98 1ff33590ef20d67a1b10a5ce2fc53d96
.rsrc 0x15000 0x2000 0x2000 6.70 341f7944f03a8a170e0549e0cf9e9f9e
.reloc 0x17000 0x200 0x200 0.21 8f5b39eaff78f4364554d021fa93976c
( 3 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
> msvcrt.dll: __dllonexit
> WSOCK32.DLL: WSAGetLastError
( 115 exports )
pthreadCancelableTimedWait, pthreadCancelableWait, pthread_attr_destroy, pthread_attr_getdetachstate, pthread_attr_getinheritsched, pthread_attr_getschedparam, pthread_attr_getschedpolicy, pthread_attr_getscope, pthread_attr_getstackaddr, pthread_attr_getstacksize, pthread_attr_init, pthread_attr_setdetachstate, pthread_attr_setinheritsched, pthread_attr_setschedparam, pthread_attr_setschedpolicy, pthread_attr_setscope, pthread_attr_setstackaddr, pthread_attr_setstacksize, pthread_barrier_destroy, pthread_barrier_init, pthread_barrier_wait, pthread_barrierattr_destroy, pthread_barrierattr_getpshared, pthread_barrierattr_init, pthread_barrierattr_setpshared, pthread_cancel, pthread_cond_broadcast, pthread_cond_destroy, pthread_cond_init, pthread_cond_signal, pthread_cond_timedwait, pthread_cond_wait, pthread_condattr_destroy, pthread_condattr_getpshared, pthread_condattr_init, pthread_condattr_setpshared, pthread_create, pthread_delay_np, pthread_detach, pthread_equal, pthread_exit, pthread_getconcurrency, pthread_getschedparam, pthread_getspecific, pthread_getw32threadhandle_np, pthread_join, pthread_key_create, pthread_key_delete, pthread_kill, pthread_mutex_destroy, pthread_mutex_init, pthread_mutex_lock, pthread_mutex_timedlock, pthread_mutex_trylock, pthread_mutex_unlock, pthread_mutexattr_destroy, pthread_mutexattr_getkind_np, pthread_mutexattr_getpshared, pthread_mutexattr_gettype, pthread_mutexattr_init, pthread_mutexattr_setkind_np, pthread_mutexattr_setpshared, pthread_mutexattr_settype, pthread_num_processors_np, pthread_once, pthread_rwlock_destroy, pthread_rwlock_init, pthread_rwlock_rdlock, pthread_rwlock_timedrdlock, pthread_rwlock_timedwrlock, pthread_rwlock_tryrdlock, pthread_rwlock_trywrlock, pthread_rwlock_unlock, pthread_rwlock_wrlock, pthread_rwlockattr_destroy, pthread_rwlockattr_getpshared, pthread_rwlockattr_init, pthread_rwlockattr_setpshared, pthread_self, pthread_setcancelstate, pthread_setcanceltype, pthread_setconcurrency, pthread_setschedparam, pthread_setspecific, pthread_spin_destroy, pthread_spin_init, pthread_spin_lock, pthread_spin_trylock, pthread_spin_unlock, pthread_testcancel, pthread_timechange_handler_np, pthread_win32_process_attach_np, pthread_win32_process_detach_np, pthread_win32_test_features_np, pthread_win32_thread_attach_np, pthread_win32_thread_detach_np, ptw32_get_exception_services_code, ptw32_pop_cleanup, ptw32_push_cleanup, sched_get_priority_max, sched_get_priority_min, sched_getscheduler, sched_setscheduler, sched_yield, sem_close, sem_destroy, sem_getvalue, sem_init, sem_open, sem_post, sem_post_multiple, sem_timedwait, sem_trywait, sem_unlink, sem_wait
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
Smab.dll :
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.26.0 2008.07.28 -
AntiVir 7.8.1.12 2008.07.28 -
Authentium 5.1.0.4 2008.07.28 -
Avast 4.8.1195.0 2008.07.27 -
AVG 8.0.0.130 2008.07.27 -
BitDefender 7.2 2008.07.28 -
CAT-QuickHeal 9.50 2008.07.25 -
ClamAV 0.93.1 2008.07.28 -
DrWeb 4.44.0.09170 2008.07.28 -
eSafe 7.0.17.0 2008.07.27 Suspicious File
eTrust-Vet 31.6.5983 2008.07.26 -
Ewido 4.0 2008.07.27 -
F-Prot 4.4.4.56 2008.07.28 -
F-Secure 7.60.13501.0 2008.07.28 -
Fortinet 3.14.0.0 2008.07.26 -
GData 2.0.7306.1023 2008.07.28 -
Ikarus T3.1.1.34.0 2008.07.28 -
Kaspersky 7.0.0.125 2008.07.28 -
McAfee 5347 2008.07.25 -
Microsoft 1.3704 2008.07.28 -
NOD32v2 3301 2008.07.27 -
Norman 5.80.02 2008.07.25 -
Panda 9.0.0.4 2008.07.27 Suspicious file
PCTools 4.4.2.0 2008.07.27 -
Prevx1 V2 2008.07.28 -
Rising 20.55.01.00 2008.07.28 -
Sophos 4.31.0 2008.07.28 -
Sunbelt 3.1.1536.1 2008.07.25 -
Symantec 10 2008.07.28 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.28 -
VBA32 3.12.8.1 2008.07.27 -
ViRobot 2008.7.26.1311 2008.07.28 -
VirusBuster 4.5.11.0 2008.07.27 -
Webwasher-Gateway 6.6.2 2008.07.28 Virus.Win32.FileInfector.gen!90 (suspicious)
Information additionnelle
File size: 408576 bytes
MD5...: d12242b8b7f4a27b8ec527ce72045e69
SHA1..: e6b0fb495731e11d4eaa9c4f08548ec783c3dcb4
SHA256: b88f34def5fd6942ced4dfbdb8a776e993d7522cf303420ffaede34ac72351cb
SHA512: 29c3ac25017244d4551b18e50a6b129f398c6da69fa3ba7a346a307cba413898
8413155f6045919fefb70f32686711834dbb605b3fcc8478f59a7249a8b0749b
PEiD..: PECompact 2.xx --> BitSum Technologies
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1015ea1f
timedatestamp.....: 0x47ab2079 (Thu Feb 07 15:15:05 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x15d000 0x61c00 8.00 19dc075e88ac3752ef0bf2f52e0bc752
.rsrc 0x15e000 0x2000 0x1a00 7.18 116779c7bcbf8b4c63c079d223074bda
.reloc 0x160000 0x1000 0x200 0.23 3d4dcfb1921c373dfbda720b2c4138d6
( 1 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
( 63 exports )
MediaInfoA_Close, MediaInfoA_Count_Get, MediaInfoA_Delete, MediaInfoA_Get, MediaInfoA_GetI, MediaInfoA_Inform, MediaInfoA_New, MediaInfoA_New_Quick, MediaInfoA_Open, MediaInfoA_Open_Buffer, MediaInfoA_Option, MediaInfoA_Save, MediaInfoA_Set, MediaInfoA_SetI, MediaInfoA_State_Get, MediaInfoListA_Close, MediaInfoListA_Count_Get, MediaInfoListA_Count_Get_Files, MediaInfoListA_Delete, MediaInfoListA_Get, MediaInfoListA_GetI, MediaInfoListA_Inform, MediaInfoListA_New, MediaInfoListA_New_Quick, MediaInfoListA_Open, MediaInfoListA_Open_Buffer, MediaInfoListA_Option, MediaInfoListA_Save, MediaInfoListA_Set, MediaInfoListA_SetI, MediaInfoListA_State_Get, MediaInfoList_Close, MediaInfoList_Count_Get, MediaInfoList_Count_Get_Files, MediaInfoList_Delete, MediaInfoList_Get, MediaInfoList_GetI, MediaInfoList_Inform, MediaInfoList_New, MediaInfoList_New_Quick, MediaInfoList_Open, MediaInfoList_Open_Buffer, MediaInfoList_Option, MediaInfoList_Save, MediaInfoList_Set, MediaInfoList_SetI, MediaInfoList_State_Get, MediaInfo_Close, MediaInfo_Count_Get, MediaInfo_Delete, MediaInfo_Get, MediaInfo_GetI, MediaInfo_Info_Version, MediaInfo_Inform, MediaInfo_New, MediaInfo_New_Quick, MediaInfo_Open, MediaInfo_Open_Buffer, MediaInfo_Option, MediaInfo_Save, MediaInfo_Set, MediaInfo_SetI, MediaInfo_State_Get
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
ThreatExpert info: https://www.symantec.com?md5=d12242b8b7f4a27b8ec527ce72045e69
packers (F-Prot): PecBundle, PECompact
Serais-ce des fausses alertes ..... ou pas ? :D
Merci et bonne journée à tous ! :-)
Je me pense infecté par les fichier smab.dll et Smab0.dll. C'est Spy Sweeper qui m'a mis la puce à l'oreille. J'ai donc analysé Smab.dll et Smab0.dll (tous deux se trouvent dans system32) par Virus total. Voici les rapport :
Smab0.dll (fichier caché + fichier système) :
AhnLab-V3 2008.7.26.0 2008.07.28 -
AntiVir 7.8.1.12 2008.07.28 -
Authentium 5.1.0.4 2008.07.28 -
Avast 4.8.1195.0 2008.07.27 -
AVG 8.0.0.130 2008.07.27 -
BitDefender 7.2 2008.07.28 -
CAT-QuickHeal 9.50 2008.07.25 -
ClamAV 0.93.1 2008.07.28 -
DrWeb 4.44.0.09170 2008.07.28 -
eSafe 7.0.17.0 2008.07.27 Suspicious File
eTrust-Vet 31.6.5983 2008.07.26 -
Ewido 4.0 2008.07.27 -
F-Prot 4.4.4.56 2008.07.28 -
F-Secure 7.60.13501.0 2008.07.28 -
Fortinet 3.14.0.0 2008.07.26 -
GData 2.0.7306.1023 2008.07.28 -
Ikarus T3.1.1.34.0 2008.07.28 -
Kaspersky 7.0.0.125 2008.07.28 -
McAfee 5347 2008.07.25 -
Microsoft 1.3704 2008.07.28 -
NOD32v2 3301 2008.07.27 -
Norman 5.80.02 2008.07.25 -
Panda 9.0.0.4 2008.07.27 -
PCTools 4.4.2.0 2008.07.27 -
Prevx1 V2 2008.07.28 -
Rising 20.55.01.00 2008.07.28 -
Sophos 4.31.0 2008.07.28 -
Sunbelt 3.1.1536.1 2008.07.25 -
Symantec 10 2008.07.28 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.28 -
ViRobot 2008.7.26.1311 2008.07.28 -
VirusBuster 4.5.11.0 2008.07.27 -
Webwasher-Gateway 6.6.2 2008.07.28 Win32.Malware.gen!88 (suspicious)
Information additionnelle
File size: 27648 bytes
MD5...: 2cdfdd3019e885d32c0d7c47ec33f8b3
SHA1..: fa2c7ec1478056ba921c10b433359ef302b3eddd
SHA256: d4ceed9eeecab9ec14b0bbe3bff53285719295d2c6ba235496c7526890b0a6d2
SHA512: 5f4c9b451d8f2329465e61bbdb9b51fa7ac7207174595cbd16af6709cd36ea92
65270b58249b1cf1060c70c04ac8fb534580fbb28e5a38a61d0e3402e73dce5a
PEiD..: PECompact 2.xx --> BitSum Technologies
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x10001000
timedatestamp.....: 0x46495058 (Tue May 15 06:16:56 2007)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x14000 0x4800 7.98 1ff33590ef20d67a1b10a5ce2fc53d96
.rsrc 0x15000 0x2000 0x2000 6.70 341f7944f03a8a170e0549e0cf9e9f9e
.reloc 0x17000 0x200 0x200 0.21 8f5b39eaff78f4364554d021fa93976c
( 3 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
> msvcrt.dll: __dllonexit
> WSOCK32.DLL: WSAGetLastError
( 115 exports )
pthreadCancelableTimedWait, pthreadCancelableWait, pthread_attr_destroy, pthread_attr_getdetachstate, pthread_attr_getinheritsched, pthread_attr_getschedparam, pthread_attr_getschedpolicy, pthread_attr_getscope, pthread_attr_getstackaddr, pthread_attr_getstacksize, pthread_attr_init, pthread_attr_setdetachstate, pthread_attr_setinheritsched, pthread_attr_setschedparam, pthread_attr_setschedpolicy, pthread_attr_setscope, pthread_attr_setstackaddr, pthread_attr_setstacksize, pthread_barrier_destroy, pthread_barrier_init, pthread_barrier_wait, pthread_barrierattr_destroy, pthread_barrierattr_getpshared, pthread_barrierattr_init, pthread_barrierattr_setpshared, pthread_cancel, pthread_cond_broadcast, pthread_cond_destroy, pthread_cond_init, pthread_cond_signal, pthread_cond_timedwait, pthread_cond_wait, pthread_condattr_destroy, pthread_condattr_getpshared, pthread_condattr_init, pthread_condattr_setpshared, pthread_create, pthread_delay_np, pthread_detach, pthread_equal, pthread_exit, pthread_getconcurrency, pthread_getschedparam, pthread_getspecific, pthread_getw32threadhandle_np, pthread_join, pthread_key_create, pthread_key_delete, pthread_kill, pthread_mutex_destroy, pthread_mutex_init, pthread_mutex_lock, pthread_mutex_timedlock, pthread_mutex_trylock, pthread_mutex_unlock, pthread_mutexattr_destroy, pthread_mutexattr_getkind_np, pthread_mutexattr_getpshared, pthread_mutexattr_gettype, pthread_mutexattr_init, pthread_mutexattr_setkind_np, pthread_mutexattr_setpshared, pthread_mutexattr_settype, pthread_num_processors_np, pthread_once, pthread_rwlock_destroy, pthread_rwlock_init, pthread_rwlock_rdlock, pthread_rwlock_timedrdlock, pthread_rwlock_timedwrlock, pthread_rwlock_tryrdlock, pthread_rwlock_trywrlock, pthread_rwlock_unlock, pthread_rwlock_wrlock, pthread_rwlockattr_destroy, pthread_rwlockattr_getpshared, pthread_rwlockattr_init, pthread_rwlockattr_setpshared, pthread_self, pthread_setcancelstate, pthread_setcanceltype, pthread_setconcurrency, pthread_setschedparam, pthread_setspecific, pthread_spin_destroy, pthread_spin_init, pthread_spin_lock, pthread_spin_trylock, pthread_spin_unlock, pthread_testcancel, pthread_timechange_handler_np, pthread_win32_process_attach_np, pthread_win32_process_detach_np, pthread_win32_test_features_np, pthread_win32_thread_attach_np, pthread_win32_thread_detach_np, ptw32_get_exception_services_code, ptw32_pop_cleanup, ptw32_push_cleanup, sched_get_priority_max, sched_get_priority_min, sched_getscheduler, sched_setscheduler, sched_yield, sem_close, sem_destroy, sem_getvalue, sem_init, sem_open, sem_post, sem_post_multiple, sem_timedwait, sem_trywait, sem_unlink, sem_wait
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
packers (F-Prot): PecBundle, PECompact
Smab.dll :
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.26.0 2008.07.28 -
AntiVir 7.8.1.12 2008.07.28 -
Authentium 5.1.0.4 2008.07.28 -
Avast 4.8.1195.0 2008.07.27 -
AVG 8.0.0.130 2008.07.27 -
BitDefender 7.2 2008.07.28 -
CAT-QuickHeal 9.50 2008.07.25 -
ClamAV 0.93.1 2008.07.28 -
DrWeb 4.44.0.09170 2008.07.28 -
eSafe 7.0.17.0 2008.07.27 Suspicious File
eTrust-Vet 31.6.5983 2008.07.26 -
Ewido 4.0 2008.07.27 -
F-Prot 4.4.4.56 2008.07.28 -
F-Secure 7.60.13501.0 2008.07.28 -
Fortinet 3.14.0.0 2008.07.26 -
GData 2.0.7306.1023 2008.07.28 -
Ikarus T3.1.1.34.0 2008.07.28 -
Kaspersky 7.0.0.125 2008.07.28 -
McAfee 5347 2008.07.25 -
Microsoft 1.3704 2008.07.28 -
NOD32v2 3301 2008.07.27 -
Norman 5.80.02 2008.07.25 -
Panda 9.0.0.4 2008.07.27 Suspicious file
PCTools 4.4.2.0 2008.07.27 -
Prevx1 V2 2008.07.28 -
Rising 20.55.01.00 2008.07.28 -
Sophos 4.31.0 2008.07.28 -
Sunbelt 3.1.1536.1 2008.07.25 -
Symantec 10 2008.07.28 -
TheHacker 6.2.96.389 2008.07.25 -
TrendMicro 8.700.0.1004 2008.07.28 -
VBA32 3.12.8.1 2008.07.27 -
ViRobot 2008.7.26.1311 2008.07.28 -
VirusBuster 4.5.11.0 2008.07.27 -
Webwasher-Gateway 6.6.2 2008.07.28 Virus.Win32.FileInfector.gen!90 (suspicious)
Information additionnelle
File size: 408576 bytes
MD5...: d12242b8b7f4a27b8ec527ce72045e69
SHA1..: e6b0fb495731e11d4eaa9c4f08548ec783c3dcb4
SHA256: b88f34def5fd6942ced4dfbdb8a776e993d7522cf303420ffaede34ac72351cb
SHA512: 29c3ac25017244d4551b18e50a6b129f398c6da69fa3ba7a346a307cba413898
8413155f6045919fefb70f32686711834dbb605b3fcc8478f59a7249a8b0749b
PEiD..: PECompact 2.xx --> BitSum Technologies
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x1015ea1f
timedatestamp.....: 0x47ab2079 (Thu Feb 07 15:15:05 2008)
machinetype.......: 0x14c (I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x15d000 0x61c00 8.00 19dc075e88ac3752ef0bf2f52e0bc752
.rsrc 0x15e000 0x2000 0x1a00 7.18 116779c7bcbf8b4c63c079d223074bda
.reloc 0x160000 0x1000 0x200 0.23 3d4dcfb1921c373dfbda720b2c4138d6
( 1 imports )
> kernel32.dll: LoadLibraryA, GetProcAddress, VirtualAlloc, VirtualFree
( 63 exports )
MediaInfoA_Close, MediaInfoA_Count_Get, MediaInfoA_Delete, MediaInfoA_Get, MediaInfoA_GetI, MediaInfoA_Inform, MediaInfoA_New, MediaInfoA_New_Quick, MediaInfoA_Open, MediaInfoA_Open_Buffer, MediaInfoA_Option, MediaInfoA_Save, MediaInfoA_Set, MediaInfoA_SetI, MediaInfoA_State_Get, MediaInfoListA_Close, MediaInfoListA_Count_Get, MediaInfoListA_Count_Get_Files, MediaInfoListA_Delete, MediaInfoListA_Get, MediaInfoListA_GetI, MediaInfoListA_Inform, MediaInfoListA_New, MediaInfoListA_New_Quick, MediaInfoListA_Open, MediaInfoListA_Open_Buffer, MediaInfoListA_Option, MediaInfoListA_Save, MediaInfoListA_Set, MediaInfoListA_SetI, MediaInfoListA_State_Get, MediaInfoList_Close, MediaInfoList_Count_Get, MediaInfoList_Count_Get_Files, MediaInfoList_Delete, MediaInfoList_Get, MediaInfoList_GetI, MediaInfoList_Inform, MediaInfoList_New, MediaInfoList_New_Quick, MediaInfoList_Open, MediaInfoList_Open_Buffer, MediaInfoList_Option, MediaInfoList_Save, MediaInfoList_Set, MediaInfoList_SetI, MediaInfoList_State_Get, MediaInfo_Close, MediaInfo_Count_Get, MediaInfo_Delete, MediaInfo_Get, MediaInfo_GetI, MediaInfo_Info_Version, MediaInfo_Inform, MediaInfo_New, MediaInfo_New_Quick, MediaInfo_Open, MediaInfo_Open_Buffer, MediaInfo_Option, MediaInfo_Save, MediaInfo_Set, MediaInfo_SetI, MediaInfo_State_Get
packers (Kaspersky): PE_Patch.PECompact, PecBundle, PECompact
ThreatExpert info: https://www.symantec.com?md5=d12242b8b7f4a27b8ec527ce72045e69
packers (F-Prot): PecBundle, PECompact
Serais-ce des fausses alertes ..... ou pas ? :D
Merci et bonne journée à tous ! :-)
A voir également:
- [Virus] Smab(0).dll
- Virus mcafee - Accueil - Piratage
- Comment remettre un pc a 0 - Guide
- Si #n/a alors 0 - Forum Bureautique
- Qualité de signal parabole 0 - Forum TNT / Satellite / Réception
- 0 barré clavier ✓ - Forum Windows
2 réponses
yep,
https://www.bleepingcomputer.com/filedb/smab.dll-41550.html
a voir!!
pas sur que ce soit une crasse
https://www.bleepingcomputer.com/filedb/smab.dll-41550.html
a voir!!
pas sur que ce soit une crasse
