cheval de troie avec Antivir Résolu

Question

Bonjour,

J'ai Antivir personal free et la protection résidente.Je ne comprends pas pq Antivir n'arrête pas le cheval de troie à l'entrée de celui-ci dans mon ordi mais seulement en scannant bcp plus tard. Cheval de Troie: TR/Dropper.Gen
Quelle sécurité y a-t-il avec " guard enable"???
merci de m'éclairer

Utilisateur anonyme · Answer

Bonsoir

j'ai déjà eu ce problème et je pense qu'il s'agit d'un faux positif. Pour en être certain, allez à cette adresse :

https://www.avira.com/

Remplissez les champs et donnez une adresse email valide

Cliquez sur le bouton Parcourir pour aller chercher le fichier douteux sur votre disque dur,
Dans la fenêtre Typr File : sélectionez Suspected False Positive
et cliquez sur le bouton Send pour envoyer le fichier chez Avira.

Vous obtiendrez rapidement le résultat . si vous ne comprenez rien au résultat, coller le message ici.

sheitan14 · Answer

http://pageperso.aol.fr/balltrap34/Hijenr.gif   fais un tour et le cheval disparaitra

Utilisateur anonyme · Answer

amusant de raconter des salades, le lien est mort....

jane761 · Answer

Comment savoir dans quel fichier était mon cheval de Troie.Je l'ai détruit en scannant

Utilisateur anonyme · Answer

Il a été effacé ou il est en quarantaine ?

Pour savoir de quel fichier il s'agit > Double clic sur l'icône d'avira antivir > Cliquer sur evènement > Double cliquer sur le triangle rouge correspondant à l'infection, ça affichera le chemin du fichier.

Pour voir si le fichier est en quarantaine > Cliquer sur Administration Puis sur quarantaine

jane761 · Answer

Non, je l'ai détruit .Après la quarantaine, je l'ai viré.

jane761 · Answer

Voilà tous mes renseignements.Le nom des fichiers???

Avira AntiVir Personal
Report file date: jeudi 26 février 2009  08:39

Scanning for 1265334 virus strains and unwanted programs.

Licensed to:      Avira AntiVir PersonalEdition Classic
Serial number:    0000149996-ADJIE-0001
Platform:         Windows XP
Windows version:  (Service Pack 3)  [5.1.2600]
Boot mode:        Normally booted
Username:         SYSTEM
Computer name:    PRIV-656643ACE0

Version information:
BUILD.DAT     : 8.2.0.337      16934 Bytes  18/11/2008 13:05:00
AVSCAN.EXE    : 8.1.4.10      315649 Bytes  25/11/2008 11:59:05
AVSCAN.DLL    : 8.1.4.0        40705 Bytes  26/05/2008 08:56:40
LUKE.DLL      : 8.1.4.5       164097 Bytes  12/06/2008 13:44:19
LUKERES.DLL   : 8.1.4.0        12033 Bytes  26/05/2008 08:58:52
ANTIVIR0.VDF  : 7.1.0.0     15603712 Bytes  27/10/2008 13:17:59
ANTIVIR1.VDF  : 7.1.2.12     3336192 Bytes  11/02/2009 14:55:29
ANTIVIR2.VDF  : 7.1.2.55      248832 Bytes  20/02/2009 09:16:16
ANTIVIR3.VDF  : 7.1.2.79      105984 Bytes  25/02/2009 12:58:12
Engineversion : 8.2.0.88  
AEVDF.DLL     : 8.1.1.0       106868 Bytes  31/01/2009 14:26:32
AESCRIPT.DLL  : 8.1.1.52      348538 Bytes  24/02/2009 12:58:15
AESCN.DLL     : 8.1.1.7       127347 Bytes  13/02/2009 14:55:33
AERDL.DLL     : 8.1.1.3       438645 Bytes  11/11/2008 13:17:59
AEPACK.DLL    : 8.1.3.8       397684 Bytes  05/02/2009 16:25:14
AEOFFICE.DLL  : 8.1.0.33      196987 Bytes  11/12/2008 15:54:00
AEHEUR.DLL    : 8.1.0.97     1610103 Bytes  21/02/2009 09:16:20
AEHELP.DLL    : 8.1.2.0       119159 Bytes  18/11/2008 17:44:48
AEGEN.DLL     : 8.1.1.21      336244 Bytes  24/02/2009 12:58:15
AEEMU.DLL     : 8.1.0.9       393588 Bytes  11/11/2008 13:17:59
AECORE.DLL    : 8.1.6.6       176501 Bytes  18/02/2009 12:55:38
AEBB.DLL      : 8.1.0.3        53618 Bytes  11/11/2008 13:17:59
AVWINLL.DLL   : 1.0.0.12       15105 Bytes  09/07/2008 09:40:05
AVPREF.DLL    : 8.0.2.0        38657 Bytes  16/05/2008 10:28:01
AVREP.DLL     : 8.0.0.2        98344 Bytes  11/11/2008 13:17:59
AVREG.DLL     : 8.0.0.1        33537 Bytes  09/05/2008 12:26:40
AVARKT.DLL    : 1.0.0.23      307457 Bytes  12/02/2008 09:29:23
AVEVTLOG.DLL  : 8.0.0.16      119041 Bytes  12/06/2008 13:27:49
SQLITE3.DLL   : 3.3.17.1      339968 Bytes  22/01/2008 18:28:02
SMTPLIB.DLL   : 1.2.0.23       28929 Bytes  12/06/2008 13:49:40
NETNT.DLL     : 8.0.0.1         7937 Bytes  25/01/2008 13:05:10
RCIMAGE.DLL   : 8.0.0.51     2371841 Bytes  12/06/2008 14:48:07
RCTEXT.DLL    : 8.0.52.0       86273 Bytes  27/06/2008 14:34:37

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:, E:, 
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 26 février 2009  08:39

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'hpqimzone.exe' - '1' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'zlclient.exe' - '0' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned
Scan process 'sprtcmd.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'CNYHKey.exe' - '1' Module(s) have been scanned
Scan process 'mHotkey.exe' - '1' Module(s) have been scanned
Scan process 'CmUCREye.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sprtsvc.exe' - '1' Module(s) have been scanned
Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LSSrvc.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'agrsmsvc.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'vsmon.exe' - '0' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'InCDsrv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
40 processes with 40 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
    [INFO]      No virus was found!
Master boot sector HD1
    [INFO]      No virus was found!
    [WARNING]   System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD2
    [INFO]      No virus was found!
    [WARNING]   System error [21]: Le périphérique n'est pas prêt.
Master boot sector HD3
    [INFO]      No virus was found!
    [WARNING]   System error [21]: Le périphérique n'est pas prêt.

Start scanning boot sectors:
Boot sector 'C:\'
    [INFO]      No virus was found!
Boot sector 'D:\'
    [INFO]      No virus was found!
Boot sector 'E:\'
    [INFO]      No virus was found!

Starting to scan the registry.
The registry was scanned ( '57' files ).


Starting the file scan:

Begin scan in 'C:\' <BOOT>
C:\pagefile.sys
    [WARNING]   The file could not be opened!
C:\Documents and Settings\Administrateur.PRIV-656643ACE0\Local Settings\Temporary Internet Files\Content.IE5\0GID2F88\zapSetup_80_102_000_fr[1].exe
    [0] Archive type: ZIP SFX (self extracting)
      --> WINDOWS6.0-KB929547-V2-X64.MSU
        [1] Archive type: CAB (Microsoft)
        --> Windows6.0-KB929547-v2-x64.cab
          [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\WEBPAGEOUTPUT_Res.dll
    [0] Archive type: RSRC
    --> Object
      [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49e85016.qua'!
C:\System Volume Information\_restore{26572409-D38A-4BD7-8C0A-4D8A2423156A}\RP297\A0041568.dll
    [0] Archive type: RSRC
    --> Object
      [DETECTION] Is the TR/Dropper.Gen Trojan
    [NOTE]      The file was moved to '49d65a7c.qua'!
C:\TOOLS\eTrust AV\eTrustAntivirus7.1_MEDION_DE.exe
    [0] Archive type: CAB SFX (self extracting)
      --> \eTrustAntivirusOEM\Bin\eAV_S.Win\webpkg.exe
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: CAB (Microsoft)
          --> inoweb.exe
            [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\TOOLS\eTrust AV\eTrustAntivirus7.1_MEDION_EN.exe
    [0] Archive type: CAB SFX (self extracting)
      --> \eTrustAntivirusOEM\Bin\eAV_S.Win\webpkg.exe
        [1] Archive type: RSRC
        --> Object
          [2] Archive type: CAB (Microsoft)
          --> inoweb.exe
            [WARNING]   No further files can be extracted from this archive. The archive will be closed
C:\TOOLS\eTrust AV\eTrustAntivirus7.1_MEDION_ES.exe
    [0] Archive type: CAB SFX (self extracting)

Utilisateur anonyme · Answer

Il y a un deuxième antivirus sur ce PC ??? > C:\TOOLS\eTrust AV\eTrustAntivirus7.1_MEDION_DE.exe

jane761 · Answer

Il n'est plus actif.C'était celui fourni avec mon ordi pour 3 mois.

Utilisateur anonyme · Answer

Il semblerai que ce soit la dedans que Antivir a trouvé un cheval de Troie, donc pas de problème, c'est une affaire réglée

Cheval de troie avec Antivir

10 réponses

Votre réponse

Discussions similaires

Newsletters