trojan TR/Crypt.NSPM.Gen w pliku C:\program.exe oraz ... LOG

przez **bek-on** » 19 Lip 2008, 20:33

Mam problem, pojawił mi się komunikat z AntiVir'a, że mam trojana TR/Crypt.NSPM.Gen w pliku C:\program.exe oraz TR/Crypt.XPACK.Gen w pliku C:\Documents and Settings\OLA\...\fireup[2].exe. Program antywirusowy nie potrafi go usunąć.

Zrobilem skan ComboFix'em, poniżej zamieszczam log'a

ComboFix 08-07-18.5 - Ola 2008-07-19 19:51:13.3 - NTFSx86
Running from: C:\Documents and Settings\Ola\Pulpit\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-06-19 to 2008-07-19 )))))))))))))))))))))))))))))))
.

2008-07-19 18:55 . 2008-07-19 18:55 124 --a------ C:\qqpyj.bat
2008-07-19 18:35 . 2008-07-19 18:35 124 --a------ C:\ccodk.bat
2008-07-19 18:25 . 2008-07-19 18:25 125 --a------ C:\czvlbd.bat
2008-07-19 18:15 . 2008-07-19 18:45 125 --a------ C:\rparcf.bat
2008-07-19 16:23 . 2008-07-19 16:23 48,128 --a------ C:\program1.VIR
2008-07-19 16:23 . 2008-07-19 16:23 39,936 --a------ C:\manger.VIR
2008-07-17 20:34 . 2008-07-17 20:35 <DIR> d-------- C:\Documents and Settings\Ola\Phone Browser
2008-07-17 20:16 . 2008-07-17 20:16 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\PC Suite
2008-07-17 20:15 . 2008-07-17 20:35 <DIR> d-------- C:\Documents and Settings\Ola\Dane aplikacji\Nokia
2008-07-17 20:14 . 2008-07-17 20:14 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-07-17 20:14 . 2008-07-17 20:14 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-07-17 20:13 . 2008-07-17 20:36 <DIR> d-------- C:\Documents and Settings\Ola\Dane aplikacji\PC Suite
2008-07-17 20:12 . 2008-07-17 20:13 <DIR> d-------- C:\Program Files\PC Connectivity Solution
2008-07-17 20:12 . 2008-07-17 20:14 <DIR> d-------- C:\Program Files\Nokia
2008-07-17 20:12 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-07-17 20:12 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-07-17 20:12 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-07-17 20:12 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-07-17 20:12 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-07-17 20:12 . 2007-02-22 10:15 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-07-17 20:10 . 2008-07-17 20:11 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Installations
2008-07-08 22:42 . 2008-07-08 22:43 <DIR> d-------- C:\Przetargi
2008-07-08 22:41 . 2008-07-08 22:41 796,672 --a------ C:\WINDOWS\GPInstall.exe
2008-07-08 22:41 . 2000-01-14 22:18 7,797 --a------ C:\WINDOWS\Polish_PL.gpl
2008-07-02 21:24 . 2001-10-26 16:57 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-07-02 21:24 . 2001-10-26 16:57 12,160 --a--c--- C:\WINDOWS\system32\dllcache\mouhid.sys
2008-07-02 21:23 . 2008-04-14 00:15 10,368 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
2008-07-02 21:23 . 2008-04-14 00:15 10,368 --a--c--- C:\WINDOWS\system32\dllcache\hidusb.sys
2008-07-01 15:05 . 2008-04-23 09:20 6,066,176 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2008-07-01 15:05 . 2007-04-17 11:32 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2008-07-01 15:05 . 2007-03-08 07:11 1,036,288 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2008-07-01 15:05 . 2008-04-23 09:20 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2008-07-01 15:05 . 2008-04-23 09:20 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2008-07-01 15:05 . 2008-04-23 09:20 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2008-07-01 15:05 . 2008-04-23 09:20 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2008-07-01 15:05 . 2008-04-23 09:20 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2008-07-01 15:05 . 2008-04-22 09:39 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-07-01 14:11 . 2008-07-01 14:11 2,422 --a------ C:\WINDOWS\system32\wpa.bak
2008-07-01 13:52 . 2008-07-01 13:52 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\hpqwmi
2008-06-30 22:10 . 2008-06-30 22:11 <DIR> d-------- C:\Program Files\Sterowniki
2008-06-30 18:14 . 2008-06-30 18:14 <DIR> d-------- C:\yenicag
2008-06-30 18:04 . 2008-06-30 18:09 <DIR> d-------- C:\Program Files\Cartoon Maker
2008-06-29 12:03 . 2008-06-14 19:36 273,024 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-29 12:02 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-06-29 12:02 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-06-29 12:02 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-06-29 11:51 . 2008-06-29 12:51 <DIR> d-------- C:\Program Files\Microsoft Works
2008-06-29 11:50 . 2008-06-29 11:50 <DIR> d-------- C:\Program Files\Microsoft.NET
2008-06-29 11:46 . 2008-07-01 15:17 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Microsoft Help
2008-06-29 11:43 . 2008-06-29 11:43 <DIR> dr-h----- C:\MSOCache
2008-06-26 20:24 . 2008-06-26 20:24 <DIR> d-------- C:\Program Files\Foxit Software
2008-06-26 20:21 . 2008-06-26 20:21 <DIR> d-------- C:\Program Files\MarBit
2008-06-26 20:15 . 2008-05-08 16:02 203,136 -----c--- C:\WINDOWS\system32\dllcache\rmcast.sys
2008-06-26 20:14 . 2008-06-26 20:14 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-06-26 20:14 . 2008-06-26 20:16 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Spybot - Search & Destroy
2008-06-26 20:11 . 2008-06-26 20:11 98,304 --a------ C:\WINDOWS\system32\qttask.exe
2008-06-26 20:09 . 2003-08-18 05:10 122,880 --a------ C:\WINDOWS\system32\directx.cpl
2008-06-26 20:09 . 2003-03-25 05:49 106,544 --a------ C:\WINDOWS\system32\tweakui.cpl
2008-06-26 20:09 . 2003-03-25 05:49 98,304 --a------ C:\WINDOWS\system32\startup.cpl
2008-06-26 20:09 . 2003-03-25 05:49 51,238 --a------ C:\WINDOWS\system32\tweakui.hlp
2008-06-26 20:08 . 2008-06-26 20:09 <DIR> d-------- C:\Program Files\ACE Mega CoDecS Pack
2008-06-26 20:03 . 2008-06-26 20:03 <DIR> d-------- C:\Program Files\Analog Devices
2008-06-26 20:03 . 2001-09-11 17:20 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2008-06-26 18:45 . 2008-06-26 18:46 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2008-06-26 18:44 . 2008-03-25 02:37 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-06-26 18:43 . 2008-06-26 18:44 <DIR> d-------- C:\Program Files\Java
2008-06-26 18:43 . 2008-06-26 18:43 <DIR> d-------- C:\Program Files\Common Files\Java
2008-06-26 18:42 . 2008-06-26 18:42 <DIR> d-------- C:\Program Files\Avira
2008-06-26 18:42 . 2008-06-26 18:42 <DIR> d-------- C:\Documents and Settings\All Users\Dane aplikacji\Avira
2008-06-26 18:41 . 2008-06-26 18:41 427 --a------ C:\WINDOWS\ODBC.INI
2008-06-26 18:38 . 2008-04-14 22:51 380,928 --a------ C:\WINDOWS\system32\irprops.cpl
2008-06-26 18:38 . 2008-04-14 22:51 152,064 --a------ C:\WINDOWS\system32\irftp.exe
2008-06-26 18:38 . 2008-04-14 00:24 88,192 --a------ C:\WINDOWS\system32\drivers\irda.sys
2008-06-26 18:38 . 2008-04-14 22:50 28,672 --a------ C:\WINDOWS\system32\irmon.dll
2008-06-26 18:38 . 2001-08-17 22:51 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2008-06-26 18:38 . 2008-04-14 22:51 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2008-06-26 18:38 . 2001-08-17 22:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-06-26 18:37 . 2008-04-14 22:50 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2008-06-26 18:37 . 2008-04-14 21:35 58,880 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-06-26 18:37 . 2001-10-26 18:07 36,425 --a------ C:\WINDOWS\system32\drivers\smcirda.sys
2008-06-26 18:37 . 2001-08-17 22:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-06-26 18:37 . 2008-04-14 21:46 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2008-06-26 18:36 . 2008-06-29 12:06 <DIR> d-------- C:\WINDOWS\ShellNew
2008-06-26 18:36 . 2008-04-14 00:06 14,208 --a------ C:\WINDOWS\system32\drivers\battc.sys
2008-06-26 18:36 . 2008-04-14 00:06 13,952 --a------ C:\WINDOWS\system32\drivers\cmbatt.sys
2008-06-26 18:36 . 2008-04-14 00:06 10,240 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2008-06-26 18:36 . 2008-04-14 00:06 8,832 --a------ C:\WINDOWS\system32\drivers\wmiacpi.sys
2008-06-26 18:34 . 2008-07-19 18:28 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> dr-h----- C:\Documents and Settings\Default User\Ustawienia lokalne
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> d-------- C:\Documents and Settings\Default User\Ulubione
2008-06-26 18:34 . 2008-06-26 17:40 <DIR> d--h----- C:\Documents and Settings\Default User\Szablony
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> d-------- C:\Documents and Settings\Default User\Pulpit
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> d-------- C:\Documents and Settings\Default User\Moje dokumenty
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> dr------- C:\Documents and Settings\Default User\Menu Start
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> dr-h----- C:\Documents and Settings\Default User\Dane aplikacji
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> d-------- C:\Documents and Settings\All Users\Ulubione
2008-06-26 18:34 . 2008-06-26 18:34 <DIR> d--h----- C:\Documents and Settings\All Users\Szablony
2008-06-26 18:34 . 2008-07-17 20:14 <DIR> d-------- C:\Documents and Settings\All Users\Pulpit
2008-06-26 18:34 . 2008-06-29 12:06 <DIR> dr------- C:\Documents and Settings\All Users\Menu Start
2008-06-26 18:34 . 2008-06-26 17:42 <DIR> dr------- C:\Documents and Settings\All Users\Dokumenty
2008-06-26 18:34 . 2008-07-17 20:16 <DIR> dr-h----- C:\Documents and Settings\All Users\Dane aplikacji
2008-06-26 18:29 . 2008-06-26 18:29 <DIR> d-------- C:\Documents and Settings\LocalService\Menu Start
2008-06-26 18:29 . 2008-06-26 18:30 316,640 --a------ C:\WINDOWS\WMSysPr9.prx
2008-06-26 18:27 . 2008-06-26 19:11 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2008-06-26 18:20 . 2008-07-01 15:18 <DIR> d-------- C:\WINDOWS\system32\pl-pl
2008-06-26 18:17 . 2008-06-26 18:21 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-06-26 18:11 . 2007-08-10 20:53 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-06-26 18:11 . 2006-12-29 00:31 19,569 --a------ C:\WINDOWS\002403_.tmp
2008-06-26 18:08 . 2008-06-26 18:08 <DIR> d-------- C:\WINDOWS\EHome

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-07-19 16:47 --------- d-----w C:\Program Files\Wanadoo
2008-07-17 18:15 --------- d-----w C:\Program Files\DIFX
2008-06-26 18:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-06-26 17:59 --------- d-----w C:\Program Files\Common Files\Adobe
2008-06-26 17:39 23 ----a-w C:\WINDOWS\system32\drivers\adidsl.cfg
2008-06-26 17:38 --------- d-----w C:\Program Files\SAGEM
2008-06-26 17:19 --------- d-----w C:\Program Files\HPQ
2008-06-26 17:19 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-26 17:17 --------- d-----w C:\Program Files\Synaptics
2008-06-26 17:13 --------- d-----w C:\Program Files\Intel
2008-06-26 17:10 --------- d-----w C:\Program Files\WIDCOMM
2008-06-26 17:08 --------- d-----w C:\Program Files\HP
2008-06-26 17:06 --------- d-----w C:\Program Files\Broadcom
2008-06-26 15:45 --------- d-----w C:\Program Files\microsoft frontpage
2008-06-26 15:44 558,142 ----a-w C:\WINDOWS\java\Packages\1379NVF5.ZIP
2008-06-26 15:44 155,995 ----a-w C:\WINDOWS\java\Packages\Y4VZXR17.ZIP
2008-06-26 15:43 --------- d-----w C:\Program Files\Usługi online
2008-06-14 17:36 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 22:51 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2004-10-08 08:31 155648]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2004-10-08 08:27 126976]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 18:40 98394]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 18:38 688218]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-12-03 13:24 290816]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2002-12-09 18:24 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\TaskbarIcon.exe" [2002-12-09 18:24 45056]
"QuickTime Task"="C:\WINDOWS\system32\qttask.exe" [2008-06-26 20:11 98304]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-03-23 13:20 227328]
"AGRSMMSG"="AGRSMMSG.exe" [2005-04-19 10:03 88209 C:\WINDOWS\AGRSMMSG.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 22:51 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-03-27 15:58 1744896]

C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-06-26 19:59:44 113664]
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2004-06-02 17:48:22 565309]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-06-26 19:38:55 962661]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.divx"= C:\PROGRA~1\ACEMEG~1\SystemS\DivX\DivX520.dll
"msacm.iac2"= C:\PROGRA~1\ACEMEG~1\SystemS\Intel\iac25_32.ax

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R3 tifm;tifm;C:\WINDOWS\system32\drivers\tifm.sys [2003-10-21 15:28]
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-19 19:54:15
Windows 5.1.2600 Dodatek Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-07-19 19:56:03
ComboFix-quarantined-files.txt 2008-07-19 17:55:53

Pre-Run: 13,777,858,560 bajtów wolnych
Post-Run: 14,523,322,368 bajtów wolnych

199 --- E O F --- 2008-07-19 14:07:56

Proszę o pomoc i z góry dziękuje.

przez **huber2t** » 20 Lip 2008, 09:26

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko: File:: C:\qqpyj.bat C:\ccodk.bat C:\czvlbd.bat C:\rparcf.bat C:\program1.VIR C:\manger.VIR C:\WINDOWS\002403_.tmp C:\program.exe

Plik

zapisz jako

CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklej.eu/ a w poście dajesz tylko link

przez **bek-on** » 24 Lip 2008, 17:46

Ponizej link do loga:

http://www.wklejto.pl/6570

przez **huber2t** » 24 Lip 2008, 18:02

Pobierz ComboFix, ale nie uruchamiaj
Wklej do notatnika:

Kod: Zaznacz wszystko: File:: C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\ise32.exe Registry:: [-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{28ABC5C0-4FCB-11CF-AAX5-81CX1C635612}]

Plik

zapisz jako

CFScript.txt (najwygodniej będzie, jeśli zapiszesz w takiej lokalizacji, by ikonka CFScript.txt znalazła się obok ikonki ComboFix.exe)
Przeciągnij i upuść ikonkę CFScript.txt na ikonkę ComboFix.exe tak jak tu

Rozpocznie się usuwanie i powstanie log, daj ten log na forum.

Logi dajesz na http://www.wklej.eu/ a w poście dajesz tylko link

przez **bek-on** » 01 Sie 2008, 19:36

Ponizej link do loga

http://www.wklejto.pl/7096

Czy juz jest wszystko ok?
Póki co komunikat o wirusie sie nie pojawia.

przez **huber2t** » 01 Sie 2008, 21:19

Log wyglada na czysty

usuń ręcznie folder C: \Qoobox , usuń instalkę Combofix z dysku.

Przeczyść komputer Ccleanerem

Wykonaj optymalizację autostartu

Wyłącz i włącz przywracanie systemu na wszystkich dyskach. Instrukcja

Przeskanuj obszar mojego komputera http://www.kaspersky.pl/virusscanner.html (uruchom przez IE) Daj raport z niego na forum

lub

Dr.WEB CureIt!

trojan TR/Crypt.NSPM.Gen w pliku C:\program.exe oraz ... LOG

trojan TR/Crypt.NSPM.Gen w pliku C:\program.exe oraz ... LOG

Kto jest na forum