Au cours d'une analyse approfondie, Bit Defender a détecté un troyen, Trojan.Heur.PT.1054ABBBBB , sans pouvoir le supprimer.
Voici le journal:
<?xml version="1.0" encoding="utf-8"?>
<?xml-stylesheet type="text/xsl" href="C:\Program Files\BitDefender\BitDefender 2008\Lang\log_format.xsl"?>
<ScanSession creator="BitDefender Total Security 2008" version="BitDefender UIScanner V.11" creationDate="02:11:43 27/06/2009" originalPath="C:\ProgramData\BitDefender\Desktop\Profiles\Logs\deep_scan\1246061503_2_02.xml">
<ScanOptions
showWarnings="1" >
<ScanPaths>
<path id="0000">C:\</path>
<path id="0001">D:\</path>
<path id="0002">F:\</path>
<path id="0003">H:\</path>
<path id="0004">I:\</path>
<path id="0005">E:\</path>
<path id="0006">J:\</path>
</ScanPaths>
<ScanObjects
scanViruses="1"
scanAddware="1"
scanSpyware="1"
scanApplications="1"
scanDialers="1"
scanRootkits="1"
/>
<TargetSelection
heuristicScan="1"
scanArchives="1"
scanRegistryKeys="1"
scanRegistry="1"
scanCookies="1"
memoryProcesses="1"
scanBootSectors="1"
scanEmail="1"
scanAllFiles="1"
scanPackedFiles="1"
scanSubfolders="1"
includeExtensions=""
excludeExtensions=""
/>
<TargetProcessing
infectedAction="3"
suspiciousAction="1"
hiddenAction="1"
/>
</ScanOptions>
<EngineSummary
archivePlugins="44"
mailPlugins="6"
scanPlugins="13"
totalSignatures="3716262"
systemPlugins="5"
unpackPlugins="7"
/>
<ScanSummary
scannedItems="330254"
infectedItems="1"
suspiciousItems="0"
resolvedItems="0"
scannedArchives="2020"
bootSectorCount="5"
scannedDirectories="25726"
inputOutputErrors="2"
virusesNumber="1"
scanTime="00:01:07:24"
filesPerSecond="81"
>
<FileSummary
scanned="329107"
archives="2020"
packed="36327"
infected="1"
suspicious="0"
resolved="0"
deleted="0"
moved="0"
copied="0"
/>
<RegistryKeySummary
scanned="1054"
infected="0"
suspicious="0"
/>
<CookieSummary
scanned="2"
infected="0"
suspicious="0"
/>
<ProcessSummary
scanned="91"
infected="0"
suspicious="0"
/>
<MailSummary
scanned="0"
infected="0"
suspicious="0"
/>
</ScanSummary>
<ScanDetails>
<AffectedItem itemType ="Process" path="[system]=]C:\Windows\system32\prevhost.exe (memory dump)" threatType="virus" threatName="Gen:Trojan.Heur.PT.1054ABBBBB" action="disinfect" finalStatus= "infected" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/Cover67.bmp" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/digibib.txt" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/tree.dki" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/tree.dka" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/lemmata.txt" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/index.htx" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/index.plx" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/index.wlx" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/index.ttx" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/index.set" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/sigel.lib" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/text.dki" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Data/tabelle0.tab" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
<AffectedItem itemType ="File" path="D:\Mes documents\Digibib4\db067.dbz=]DB067/Images/Images.lib" threatType="virus" threatName="Protégé par mot de passe" action="none" finalStatus= "not scanned" error= "no action possible"/>
</ScanDetails>
</ScanSession>
J'ai tenté de poster le fichier incriminé en fichier joint, mais le site a refusé ("upload failed. You are not premitted to upload this type of file").
Curieusement, deux scans approfondis effectués ultérieurement n'ont identifié aucune menace.
A l'avance, un grand merci pour votre aide.
