Salut
comme je disais au début
Salut
comme je disais au début
:hello:
Le problème n’est pas que ce soit infectieux ou pas, c’est un malware, c’est clair.
Mais la question persiste. Pourquoi Clu² continue de proposer ce fichier en DL ?
Ça les inquiète pas ?
Après, tout à fait d’accord avec toi, si c’est une mayrde, je n’execute pas non plus.
Edité le 25/11/2008 à 17:50
re
Mais la question persiste. Pourquoi Clu² continue de proposer ce fichier en DL
pour cette raison évidemenent !!
Aussi, il semble que les alertes constatées ne soient finalement que des FAUX POSITIFS
Mike / Rédacteur Logithèque Clubic.
pour eux c est pas infectieux donc il le laisse en téléchargement!! CQFD :neutre:
Je l’ai envoyer a plusieurs éditeur 'attend leur réponse et je les posts
Dear Customer,
Thank you for submitting the samples to us. We have analyzed the samples you provided and developed the pattern to catch them. We will add detection for these samples in the next regular update. The samples you submitted will be detected as W32/Agent.UM!tr.bdr.
Best Regards,
AV Lab - KyleTo submit a suspicious file to Fortinet:
www.fortinet.com…*** This email and any attachments thereto may contain private, confidential, and privileged material for the sole use of the intended recipient. Any review, copying, or distribution of this email (or any attachments thereto) by others is strictly prohibited. If you are not the intended recipient, please contact the sender immediately and permanently delete the original and any copies of this email and any attachments thereto. ***
Dear ClamAV user,
The following submissions have been processed and published:
- 4231979 Trojan.Agent-62904
–
Best regards,
The ClamAV team
Un petit point, a ce jours il y a 13 antivirus qui le détecte comme malware
Fichier nouac_nouac_1.0_francais_266596.e reçu le 2008.11.27 18:18:03 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.11.27.4 2008.11.27 -
AntiVir 7.9.0.35 2008.11.27 BDS/Agent.umc
Authentium 5.1.0.4 2008.11.27 -
Avast 4.8.1281.0 2008.11.27 -
AVG 8.0.0.199 2008.11.27 -
BitDefender 7.2 2008.11.27 -
CAT-QuickHeal 10.00 2008.11.27 (Suspicious) - DNAScan
ClamAV 0.94.1 2008.11.27 Trojan.Agent-62904
DrWeb 4.44.0.09170 2008.11.27 -
eSafe 7.0.17.0 2008.11.27 -
eTrust-Vet 31.6.6233 2008.11.27 -
Ewido 4.0 2008.11.27 -
F-Prot 4.4.4.56 2008.11.27 -
F-Secure 8.0.14332.0 2008.11.27 Backdoor.Win32.Agent.umc
Fortinet 3.117.0.0 2008.11.27 W32/Agent.UM!tr.bdr
GData 19 2008.11.27 -
Ikarus T3.1.1.45.0 2008.11.27 Trojan-Dropper.Agent
K7AntiVirus 7.10.536 2008.11.27 -
Kaspersky 7.0.0.125 2008.11.27 Backdoor.Win32.Agent.umc
McAfee 5446 2008.11.26 -
McAfee+Artemis 5446 2008.11.26 Generic!Artemis
Microsoft 1.4104 2008.11.27 -
NOD32 3646 2008.11.27 -
Norman 5.80.02 2008.11.27 -
Panda 9.0.0.4 2008.11.27 -
PCTools 4.4.2.0 2008.11.27 Backdoor.Agent!sd6
Prevx1 V2 2008.11.27 -
Rising 21.05.32.00 2008.11.27 -
SecureWeb-Gateway 6.7.6 2008.11.27 Trojan.Backdoor.Agent.umc
Sophos 4.35.0 2008.11.27 Sus/ComPack
Sunbelt 3.1.1832.2 2008.11.27 -
Symantec 10 2008.11.27 -
TheHacker 6.3.1.1.164 2008.11.27 -
TrendMicro 8.700.0.1004 2008.11.27 -
VBA32 3.12.8.9 2008.11.27 -
ViRobot 2008.11.27.1489 2008.11.27 Backdoor.Win32.Agent.218112.B
VirusBuster 4.5.11.0 2008.11.27 Packed/Execryptor
Information additionnelle
File size: 218112 bytes
MD5…: a33680bbf00f840abe4a7e5a2eb4a1b8
SHA1…: 286c46d53c727627ea4a95ef881ce04b551f3eaa
SHA256: 6fb4af4f21a449d65a1e6dd6f4af6194d1f33c4e8b9c2e4b72ff72e34b7cec52
SHA512: 15a644ab8548dfd8751d2a3c2db9cebe2a44e8e51500220c00a0d4b364cb15c6
b739c6cdbde851e3b6227974997e0166a89d241bc7bf4f955b2faccf7fe3ea7a
ssdeep: 6144:9D3ED3zTHAq0IPy62Au0qTk3cYsdoTVcPNtXl8/pmp9JY9py55:94DTHAGG
ALsoal8q+y55
PEiD…: -
TrID…: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4715a8
timedatestamp…: 0x46f7c032 (Mon Sep 24 13:48:34 2007)
machinetype…: 0x14c (I386)
( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
.code 0x1000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text 0x2000 0x6000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
7nw2i6um 0x8000 0x5000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0xd000 0x2000 0x1800 5.66 344073428ef44fbbf095bbd2bd169508
.flat 0xf000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
ve0zqp3v 0x10000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.x0xg.7y 0x11000 0x2d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
wkcxifcw 0x3e000 0x34000 0x335cc 7.67 99fabc0434b7f4a76825db77d408796d
.s7w8c63 0x72000 0x1000 0x200 7.52 d984c3c26dd3f4a60d094deb327b7d3c
( 0 imports )
( 0 exports )
ThreatExpert info: <a href=‘http://www.threatexpert.com/report.aspx?md5=a33680bbf00f840abe4a7e5a2eb4a1b8’ target=’_blank’>http://www.threatexpert.com/report.aspx?md5=a33680bbf00f840abe4a7e5a2eb4a1b8</a>
packers (F-Prot): EXECryptor
Fichier nouac_nouac_1.0_francais_266596.e reçu le 2008.12.01 21:29:16 (CET)
Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.12.2.0 2008.12.01 -
AntiVir 7.9.0.36 2008.12.01 BDS/Agent.umc
Authentium 5.1.0.4 2008.12.01 -
Avast 4.8.1281.0 2008.12.01 Win32:Trojan-gen {Other}
AVG 8.0.0.199 2008.12.01 BackDoor.Agent.XBJ
BitDefender 7.2 2008.12.01 Backdoor.Generic.133596
CAT-QuickHeal 10.00 2008.12.01 (Suspicious) - DNAScan
ClamAV 0.94.1 2008.12.01 Trojan.Agent-62904
DrWeb 4.44.0.09170 2008.12.01 -
eSafe 7.0.17.0 2008.11.30 -
eTrust-Vet 31.6.6234 2008.11.28 -
Ewido 4.0 2008.12.01 -
F-Prot 4.4.4.56 2008.12.01 -
F-Secure 8.0.14332.0 2008.12.01 Backdoor.Win32.Agent.umc
Fortinet 3.117.0.0 2008.12.01 W32/Agent.UM!tr.bdr
GData 19 2008.12.01 Backdoor.Generic.133596
Ikarus T3.1.1.45.0 2008.12.01 Trojan-Dropper.Agent
K7AntiVirus 7.10.539 2008.12.01 -
Kaspersky 7.0.0.125 2008.12.01 Backdoor.Win32.Agent.umc
McAfee 5451 2008.12.01 -
McAfee+Artemis 5451 2008.12.01 Generic!Artemis
Microsoft 1.4104 2008.12.01 -
NOD32 3654 2008.12.01 -
Norman 5.80.02 2008.12.01 -
Panda 9.0.0.4 2008.12.01 -
PCTools 4.4.2.0 2008.12.01 Backdoor.Agent!sd6
Prevx1 V2 2008.12.01 -
Rising 21.06.02.00 2008.12.01 -
SecureWeb-Gateway 6.7.6 2008.12.01 Trojan.Backdoor.Agent.umc
Sophos 4.36.0 2008.12.01 Sus/ComPack
Sunbelt 3.1.1832.2 2008.12.01 -
Symantec 10 2008.12.01 -
TheHacker 6.3.1.1.169 2008.11.29 -
TrendMicro 8.700.0.1004 2008.12.01 -
VBA32 3.12.8.9 2008.12.01 -
ViRobot 2008.12.1.1494 2008.12.01 Backdoor.Win32.Agent.218112.B
VirusBuster 4.5.11.0 2008.12.01 Packed/Execryptor
Information additionnelle
File size: 218112 bytes
MD5…: a33680bbf00f840abe4a7e5a2eb4a1b8
SHA1…: 286c46d53c727627ea4a95ef881ce04b551f3eaa
SHA256: 6fb4af4f21a449d65a1e6dd6f4af6194d1f33c4e8b9c2e4b72ff72e34b7cec52
SHA512: 15a644ab8548dfd8751d2a3c2db9cebe2a44e8e51500220c00a0d4b364cb15c6
b739c6cdbde851e3b6227974997e0166a89d241bc7bf4f955b2faccf7fe3ea7a
ssdeep: 6144:9D3ED3zTHAq0IPy62Au0qTk3cYsdoTVcPNtXl8/pmp9JY9py55:94DTHAGG
ALsoal8q+y55
PEiD…: -
TrID…: File type identification
Win32 Executable Generic (68.0%)
Generic Win/DOS Executable (15.9%)
DOS Executable Generic (15.9%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x4715a8
timedatestamp…: 0x46f7c032 (Mon Sep 24 13:48:34 2007)
machinetype…: 0x14c (I386)
( 9 sections )
name viradd virsiz rawdsiz ntrpy md5
.code 0x1000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.text 0x2000 0x6000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
7nw2i6um 0x8000 0x5000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.rsrc 0xd000 0x2000 0x1800 5.66 344073428ef44fbbf095bbd2bd169508
.flat 0xf000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
ve0zqp3v 0x10000 0x1000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
.x0xg.7y 0x11000 0x2d000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
wkcxifcw 0x3e000 0x34000 0x335cc 7.67 99fabc0434b7f4a76825db77d408796d
.s7w8c63 0x72000 0x1000 0x200 7.52 d984c3c26dd3f4a60d094deb327b7d3c
( 0 imports )
( 0 exports )
ThreatExpert info: <a href=‘http://www.threatexpert.com/report.aspx?md5=a33680bbf00f840abe4a7e5a2eb4a1b8’ target=’_blank’>http://www.threatexpert.com/report.aspx?md5=a33680bbf00f840abe4a7e5a2eb4a1b8</a>
packers (F-Prot): EXECryptor
.
Edité le 25/05/2009 à 16:29