Trojan.generic.924373

FXR · janvier 2009

Bonjour,

Bitdefender m'a détecté ce trojan mais ne peut le supprimer car à priori dans un fichier archive.

Que dois faire.

Merci d'avance pour votre aide.

FX

PS : ci joint le fichier log de Hitjackthis et ci dessous les dernières lignes du log Bitdefender après la détection :

Remaining issues:Object Name Threat Name Final Status

C:\SwSetup\Drivers\TVTnr\AVerMedia.exe=](NSIS o)=]zlib_nsis0001=](NSIS o)=]zlib_nsis0004 Trojan.Generic.924373 Infected (no action was possible, file was in an archive)

C:\SwSetup\Drivers\TVTnr\AVerMedia.exe=](Dropped 1)=](NSIS o)=]zlib_nsis0004 Trojan.Generic.924373 Infected (no action was possible, file was in an archive)

/applications/core/interface/file/attachment.php?id=4600" data-fileid="4600" rel="">hijackthis.log

FXR · janvier 2009

Je viens de faire une analyse avec ViruTotal et voici le rapport : Que dois je faire ?

Antivirus Version Dernière mise à jour Résultat

a-squared 4.0.0.73 2009.01.20 -

AhnLab-V3 5.0.0.2 2009.01.20 -

AntiVir 7.9.0.57 2009.01.20 -

Authentium 5.1.0.4 2009.01.20 -

Avast 4.8.1281.0 2009.01.20 -

AVG 8.0.0.229 2009.01.20 -

BitDefender 7.2 2009.01.20 Trojan.Generic.924373

CAT-QuickHeal 10.00 2009.01.20 -

ClamAV 0.94.1 2009.01.20 -

Comodo 939 2009.01.20 -

DrWeb 4.44.0.09170 2009.01.20 -

eSafe 7.0.17.0 2009.01.20 -

eTrust-Vet 31.6.6317 2009.01.20 -

F-Prot 4.4.4.56 2009.01.20 -

Fortinet 3.117.0.0 2009.01.15 Adware/BetterInternet

GData 19 2009.01.20 Trojan.Generic.924373

Ikarus T3.1.1.45.0 2009.01.20 -

K7AntiVirus 7.10.596 2009.01.20 -

Kaspersky 7.0.0.125 2009.01.20 -

McAfee 5501 2009.01.20 -

McAfee+Artemis 5501 2009.01.20 -

Microsoft 1.4205 2009.01.20 -

NOD32 3781 2009.01.20 -

Norman 5.93.01 2009.01.20 -

nProtect 2009.1.8.0 2009.01.20 -

Panda 9.5.1.2 2009.01.20 Spyware/BetterInet

PCTools 4.4.2.0 2009.01.20 -

Rising 21.13.11.00 2009.01.20 -

SecureWeb-Gateway 6.7.6 2009.01.20 -

Sophos 4.37.0 2009.01.20 -

Sunbelt 3.2.1835.2 2009.01.16 <Corrupted Archive>

Symantec 10 2009.01.20 -

TheHacker 6.3.1.5.224 2009.01.20 -

TrendMicro 8.700.0.1004 2009.01.20 -

VBA32 3.12.8.10 2009.01.19 AdWare.Win32.BetterInternet.hu

ViRobot 2009.1.20.1569 2009.01.20 Adware.BetterInternet.2520616

VirusBuster 4.5.11.0 2009.01.20 -

Information additionnelle

File size: 2520616 bytes

MD5...: 2302a8c32280152305fe18f94d7b3bbc

SHA1..: 89c6821311006d7781b722cdd1484f4699e6e833

SHA256: 2149da737a4fe8cfd2b39d2369f2635c9736a10d8557b795ea131b2b84ce1fe1

SHA512: aab422af2093106359a1ed68cdcd2bbf1ea093f624861eabbaec73a82d38c00e

e32cc081f08ae1fb0e461bde48f9994b3af47e0d0f13535198e73e6586e0e924

ssdeep: 49152:d7zrIZ1ayTw9n+/3iJgoBa3uRwN3gpbYLaOml:xrIZ100/iJgg03QsuVl

PEiD..: -

TrID..: File type identification

Win32 Executable MS Visual C++ (generic) (65.2%)

Win32 Executable Generic (14.7%)

Win32 Dynamic Link Library (generic) (13.1%)

Generic Win/DOS Executable (3.4%)

DOS Executable Generic (3.4%)

PEInfo: PE Structure information

( base data )

entrypointaddress.: 0x403161

timedatestamp.....: 0x45a92448 (Sat Jan 13 18:26:16 2007)

machinetype.......: 0x14c (I386)

( 5 sections )

name viradd virsiz rawdsiz ntrpy md5

.text 0x1000 0x5bfe 0x5c00 6.48 a1b38f79702392a322a2841e9bb49f6a

.rdata 0x7000 0x11fe 0x1200 5.28 74487a69e7662347f676ab791311704a

.data 0x9000 0x264f4 0x400 5.21 1a5131f59b633a1f2793ff45dc9d2429

.ndata 0x30000 0x8000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e

.rsrc 0x38000 0x6ab0 0x6c00 5.75 22fecf3f4e791182d96c38b31fc34ba6

( 8 imports )

> KERNEL32.dll: CloseHandle, SetFileTime, CompareFileTime, SearchPathA, GetShortPathNameA, GetFullPathNameA, MoveFileA, SetCurrentDirectoryA, GetFileAttributesA, GetLastError, CreateDirectoryA, SetFileAttributesA, Sleep, GetFileSize, GetModuleFileNameA, GetTickCount, GetCurrentProcess, lstrcmpiA, ExitProcess, GetCommandLineA, GetWindowsDirectoryA, GetTempPathA, lstrcpynA, GetDiskFreeSpaceA, GlobalUnlock, GlobalLock, CreateThread, CreateProcessA, RemoveDirectoryA, CreateFileA, GetTempFileNameA, lstrlenA, lstrcatA, GetSystemDirectoryA, lstrcmpA, GetEnvironmentVariableA, ExpandEnvironmentStringsA, GlobalFree, GlobalAlloc, WaitForSingleObject, GetExitCodeProcess, SetErrorMode, GetModuleHandleA, LoadLibraryA, GetProcAddress, FreeLibrary, MultiByteToWideChar, WritePrivateProfileStringA, GetPrivateProfileStringA, WriteFile, ReadFile, MulDiv, SetFilePointer, FindClose, FindNextFileA, FindFirstFileA, DeleteFileA, CopyFileA

> USER32.dll: ScreenToClient, GetWindowRect, SetClassLongA, IsWindowEnabled, SetWindowPos, GetSysColor, GetWindowLongA, SetCursor, LoadCursorA, CheckDlgButton, GetMessagePos, LoadBitmapA, CallWindowProcA, IsWindowVisible, CloseClipboard, SetClipboardData, EmptyClipboard, OpenClipboard, EndDialog, AppendMenuA, CreatePopupMenu, GetSystemMetrics, SetDlgItemTextA, GetDlgItemTextA, MessageBoxA, CharPrevA, DispatchMessageA, PeekMessageA, CreateDialogParamA, DestroyWindow, SetTimer, SetWindowTextA, PostQuitMessage, SetForegroundWindow, wsprintfA, SendMessageTimeoutA, FindWindowExA, RegisterClassA, SystemParametersInfoA, CreateWindowExA, GetClassInfoA, DialogBoxParamA, CharNextA, TrackPopupMenu, ExitWindow###, IsWindow, GetDlgItem, SetWindowLongA, LoadImageA, GetDC, EnableWindow, InvalidateRect, SendMessageA, DefWindowProcA, BeginPaint, GetClientRect, FillRect, DrawTextA, EndPaint, ShowWindow

> GDI32.dll: SetBkColor, GetDeviceCaps, DeleteObject, CreateBrushIndirect, CreateFontIndirectA, SetBkMode, SetTextColor, SelectObject

> SHELL32.dll: SHGetMalloc, SHGetPathFromIDListA, SHBrowseForFolderA, SHGetFileInfoA, ShellExecuteA, SHFileOperationA, SHGetSpecialFolderLocation

> ADVAPI32.dll: RegQueryValueExA, RegSetValueExA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegDeleteKeyA, RegDeleteValueA, RegCloseKey, RegCreateKeyExA

> COMCTL32.dll: ImageList_AddMasked, ImageList_Destroy, -, ImageList_Create

> ole32.dll: OleInitialize, OleUninitialize, CoCreateInstance

> VERSION.dll: GetFileVersionInfoSizeA, GetFileVersionInfoA, VerQueryValueA

Trojan.generic.924373

Réponses

Leaders

Catégories

Defenders of the month