Gros doute
Le
Acetonik
Bjr,
Je viens de télécharger le fichier :
fs98pat1.exe
Complément pour flight simulator 98
http://support.microsoft.com/kb/178710/fr
J'utilise Avira Antivir Personal
(paramètre: mode de détection heuristique élevé)
On est prévenu dans ce cas de la forte possibilité de faux-positifs.
VirusTotal m'a donné une analyse que je joins (désolé c'est un peu long)
Que faut-il en penser?
Merci par avance
--
Acetonik
Fichier fs98pat1-microsft.exe reçu le 2009.06.24 08:38:09 (UTC)
Situation actuelle: terminé
Résultat: 2/38 (5.26%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.24 -
AhnLab-V3 5.0.0.2 2009.06.24 -
AntiVir 7.9.0.193 2009.06.24 -
Antiy-AVL 2.0.3.1 2009.06.24 -
Authentium 5.1.2.4 2009.06.24 -
Avast 4.8.1335.0 2009.06.23 -
AVG 8.5.0.339 2009.06.23 -
BitDefender 7.2 2009.06.24 -
CAT-QuickHeal 10.00 2009.06.22 -
ClamAV 0.94.1 2009.06.24 -
Comodo 1404 2009.06.24 -
DrWeb 5.0.0.12182 2009.06.24 -
eSafe 7.0.17.0 2009.06.23 -
eTrust-Vet 31.6.6575 2009.06.23 -
F-Prot 4.4.4.56 2009.06.23 -
F-Secure 8.0.14470.0 2009.06.24 -
Fortinet 3.117.0.0 2009.06.24 -
GData 19 2009.06.24 -
Ikarus T3.1.1.59.0 2009.06.24 Trojan.Crypt
Jiangmin 11.0.706 2009.06.24 -
K7AntiVirus 7.10.768 2009.06.19 -
Kaspersky 7.0.0.125 2009.06.24 -
McAfee 5655 2009.06.23 -
McAfee-GW-Edition 6.7.6 2009.06.24 Trojan.Crypt.FKM.Gen
Microsoft 1.4803 2009.06.24 -
NOD32 4182 2009.06.24 -
Norman 6.01.09 2009.06.23 -
nProtect 2009.1.8.0 2009.06.24 -
Panda 10.0.0.16 2009.06.24 -
Prevx 3.0 2009.06.24 -
Rising 21.35.20.00 2009.06.24 -
Sophos 4.42.0 2009.06.24 -
Sunbelt 3.2.1858.2 2009.06.23 -
Symantec 1.4.4.12 2009.06.24 -
TheHacker 6.3.4.3.352 2009.06.24 -
TrendMicro 8.950.0.1094 2009.06.24 -
ViRobot 2009.6.24.1801 2009.06.24 -
VirusBuster 4.6.5.0 2009.06.23 -
Information additionnelle
File size: 819856 bytes
MD5 : b6cf51e460633454acf752d112fb098b
SHA1 : 84716527061615acf3230d1d365d1409e03552c9
SHA256:
cd75e73ea8fd209566230b6fa757eef54d93b89e236fd103528347188a420613
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2723
timedatestamp..: 0x33CB637C (Tue Jul 15 13:48:12 1997)
machinetype.: 0x14C (Intel I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8E48 0x9000 6.48 a78884f38271295e42ce3d664ef33c2f
.data 0xA000 0x1C0C 0x400 4.10 a8800423228f9a86657c80297a8ce5f0
.rsrc 0xC000 0xBC000 0xBB800 7.97 2bb1768c06d7bea18bff8247f6edf893
( 6 imports )
> advapi32.dll: RegCloseKey, EqualSid, AllocateAndInitializeSid,
GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges,
LookupPrivilegeValueA, FreeSid, RegDeleteValueA, RegOpenKeyExA,
RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> comctl32.dll: -
> gdi32.dll: GetDeviceCaps
> kernel32.dll: lstrcatA, GetFileAttributesA, GetShortPathNameA,
GetPrivateProfileStringA, GetPrivateProfileIntA, GetCurrentProcess,
lstrlenA, lstrcmpiA, lstrcpyA, GetModuleFileNameA, FreeLibrary, LocalAlloc,
GetLastError, GetSystemDirectoryA, LoadLibraryA, FindClose, FindNextFileA,
DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek,
_lopen, GetWindowsDirectoryA, GetProcAddress, RemoveDirectoryA,
GlobalUnlock, GlobalLock, GlobalAlloc, ExitProcess, GetModuleHandleA,
GetStartupInfoA, CloseHandle, LoadResource, FindResourceA, CreateMutexA,
SetEvent, CreateEventA, SetCurrentDirectoryA, CreateThread, ResetEvent,
TerminateThread, GetVersionExA, LocalFree, GetExitCodeProcess,
WaitForSingleObject, CreateProcessA, GetTempPathA, FreeResource,
LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile,
SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime,
GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, GetDriveTypeA,
lstrcpynA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA,
GetCommandLineA, CreateDirectoryA, GlobalFree, FormatMessageA,
IsDBCSLeadByte
> user32.dll: EndDialog, wsprintfA, ExitWindowsEx, CharNextA,
CharUpperA, GetDesktopWindow, SetWindowLongA, GetWindowLongA,
CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA,
SendDlgItemMessageA, EnableWindow, GetDlgItemTextA, SendMessageA,
DispatchMessageA, LoadStringA, PeekMessageA, MessageBoxA, CharPrevA,
SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow,
DialogBoxIndirectParamA, SetDlgItemTextA, MessageBeep,
MsgWaitForMultipleObjects
> version.dll: GetFileVersionInfoSizeA, VerQueryValueA,
GetFileVersionInfoA
( 0 exports )
TrID : File type identification
InstallShield setup (45.1%)
Win32 Executable MS Visual C++ (generic) (39.5%)
Win32 Executable Generic (8.9%)
Win16/32 Executable Delphi generic (2.1%)
Generic Win/DOS Executable (2.0%)
ssdeep:
12288:ltPe94VBoF+IwSKfimpvRTnVQOERp+l7c+AvHCusfuWpiltwzz6YSnMvtOQJ0Ep/:l9s4Vi+6SvtVQnRraEcKY2ytOVEp/
PEiD : -
RDS : NSRL Reference Data Set
-
begin 666 compress-icon.png
MB5!.1PT*&@H````-24A$4@````X````." ,````HEMWC````!&=!34$``*_(
M-P6*Z0```!ET15AT4V]F='=A<F4`061O8F4@26UA9V5296%D>7')93P````5
M4$Q41>?S^^?R^:7-Z@"2T3NETZW2Z____S.J:TX```!6241!5'C:9(]1#L P
M"$(MH/<_\C V6]/Q@R]5M+&0GU:@K!35CL@:'MNX-0A2Q*"944B:C,I2D9YV
M&>E,]3*6V*]N=EN[=I3T1OT7'6=<1YY?P'H$& "*B / 0K)=EP````!)14Y$
$KD)@@@``
`
end
begin 666 print-icon.png
MB5!.1PT*&@H````-24A$4@````X````." ,````HEMWC````&71%6'13;V9T
M=V%R90!!9&]B92!);6%G95)E861Y<<EE/ ````]03%1%____`)+1K=+KI<WJ
MY_+YGS<B[ ```$))1$%4>-I<CTD*`# (`XWQ_V^N=HW-01@&@UK07\)H$IKG
MP$P*+\12N%A2\+.*NZFZ"L$=**+CL6WW.U)?8 P!!@!;/@#X1+2M@@````!)
'14Y$KD)@@@``
`
end
Je viens de télécharger le fichier :
fs98pat1.exe
Complément pour flight simulator 98
http://support.microsoft.com/kb/178710/fr
J'utilise Avira Antivir Personal
(paramètre: mode de détection heuristique élevé)
On est prévenu dans ce cas de la forte possibilité de faux-positifs.
VirusTotal m'a donné une analyse que je joins (désolé c'est un peu long)
Que faut-il en penser?
Merci par avance
--
Acetonik
Fichier fs98pat1-microsft.exe reçu le 2009.06.24 08:38:09 (UTC)
Situation actuelle: terminé
Résultat: 2/38 (5.26%)
Formaté Impression des résultats
Antivirus Version Dernière mise à jour Résultat
a-squared 4.5.0.18 2009.06.24 -
AhnLab-V3 5.0.0.2 2009.06.24 -
AntiVir 7.9.0.193 2009.06.24 -
Antiy-AVL 2.0.3.1 2009.06.24 -
Authentium 5.1.2.4 2009.06.24 -
Avast 4.8.1335.0 2009.06.23 -
AVG 8.5.0.339 2009.06.23 -
BitDefender 7.2 2009.06.24 -
CAT-QuickHeal 10.00 2009.06.22 -
ClamAV 0.94.1 2009.06.24 -
Comodo 1404 2009.06.24 -
DrWeb 5.0.0.12182 2009.06.24 -
eSafe 7.0.17.0 2009.06.23 -
eTrust-Vet 31.6.6575 2009.06.23 -
F-Prot 4.4.4.56 2009.06.23 -
F-Secure 8.0.14470.0 2009.06.24 -
Fortinet 3.117.0.0 2009.06.24 -
GData 19 2009.06.24 -
Ikarus T3.1.1.59.0 2009.06.24 Trojan.Crypt
Jiangmin 11.0.706 2009.06.24 -
K7AntiVirus 7.10.768 2009.06.19 -
Kaspersky 7.0.0.125 2009.06.24 -
McAfee 5655 2009.06.23 -
McAfee-GW-Edition 6.7.6 2009.06.24 Trojan.Crypt.FKM.Gen
Microsoft 1.4803 2009.06.24 -
NOD32 4182 2009.06.24 -
Norman 6.01.09 2009.06.23 -
nProtect 2009.1.8.0 2009.06.24 -
Panda 10.0.0.16 2009.06.24 -
Prevx 3.0 2009.06.24 -
Rising 21.35.20.00 2009.06.24 -
Sophos 4.42.0 2009.06.24 -
Sunbelt 3.2.1858.2 2009.06.23 -
Symantec 1.4.4.12 2009.06.24 -
TheHacker 6.3.4.3.352 2009.06.24 -
TrendMicro 8.950.0.1094 2009.06.24 -
ViRobot 2009.6.24.1801 2009.06.24 -
VirusBuster 4.6.5.0 2009.06.23 -
Information additionnelle
File size: 819856 bytes
MD5 : b6cf51e460633454acf752d112fb098b
SHA1 : 84716527061615acf3230d1d365d1409e03552c9
SHA256:
cd75e73ea8fd209566230b6fa757eef54d93b89e236fd103528347188a420613
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x2723
timedatestamp..: 0x33CB637C (Tue Jul 15 13:48:12 1997)
machinetype.: 0x14C (Intel I386)
( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x8E48 0x9000 6.48 a78884f38271295e42ce3d664ef33c2f
.data 0xA000 0x1C0C 0x400 4.10 a8800423228f9a86657c80297a8ce5f0
.rsrc 0xC000 0xBC000 0xBB800 7.97 2bb1768c06d7bea18bff8247f6edf893
( 6 imports )
> advapi32.dll: RegCloseKey, EqualSid, AllocateAndInitializeSid,
GetTokenInformation, OpenProcessToken, AdjustTokenPrivileges,
LookupPrivilegeValueA, FreeSid, RegDeleteValueA, RegOpenKeyExA,
RegSetValueExA, RegQueryValueExA, RegCreateKeyExA, RegQueryInfoKeyA
> comctl32.dll: -
> gdi32.dll: GetDeviceCaps
> kernel32.dll: lstrcatA, GetFileAttributesA, GetShortPathNameA,
GetPrivateProfileStringA, GetPrivateProfileIntA, GetCurrentProcess,
lstrlenA, lstrcmpiA, lstrcpyA, GetModuleFileNameA, FreeLibrary, LocalAlloc,
GetLastError, GetSystemDirectoryA, LoadLibraryA, FindClose, FindNextFileA,
DeleteFileA, SetFileAttributesA, lstrcmpA, FindFirstFileA, _lclose, _llseek,
_lopen, GetWindowsDirectoryA, GetProcAddress, RemoveDirectoryA,
GlobalUnlock, GlobalLock, GlobalAlloc, ExitProcess, GetModuleHandleA,
GetStartupInfoA, CloseHandle, LoadResource, FindResourceA, CreateMutexA,
SetEvent, CreateEventA, SetCurrentDirectoryA, CreateThread, ResetEvent,
TerminateThread, GetVersionExA, LocalFree, GetExitCodeProcess,
WaitForSingleObject, CreateProcessA, GetTempPathA, FreeResource,
LockResource, SizeofResource, CreateFileA, ReadFile, WriteFile,
SetFilePointer, SetFileTime, LocalFileTimeToFileTime, DosDateTimeToFileTime,
GetTempFileNameA, GetSystemInfo, GetDiskFreeSpaceA, GetDriveTypeA,
lstrcpynA, GetVolumeInformationA, GetCurrentDirectoryA, LoadLibraryExA,
GetCommandLineA, CreateDirectoryA, GlobalFree, FormatMessageA,
IsDBCSLeadByte
> user32.dll: EndDialog, wsprintfA, ExitWindowsEx, CharNextA,
CharUpperA, GetDesktopWindow, SetWindowLongA, GetWindowLongA,
CallWindowProcA, GetDlgItem, SetForegroundWindow, SetWindowTextA,
SendDlgItemMessageA, EnableWindow, GetDlgItemTextA, SendMessageA,
DispatchMessageA, LoadStringA, PeekMessageA, MessageBoxA, CharPrevA,
SetWindowPos, ReleaseDC, GetDC, GetWindowRect, ShowWindow,
DialogBoxIndirectParamA, SetDlgItemTextA, MessageBeep,
MsgWaitForMultipleObjects
> version.dll: GetFileVersionInfoSizeA, VerQueryValueA,
GetFileVersionInfoA
( 0 exports )
TrID : File type identification
InstallShield setup (45.1%)
Win32 Executable MS Visual C++ (generic) (39.5%)
Win32 Executable Generic (8.9%)
Win16/32 Executable Delphi generic (2.1%)
Generic Win/DOS Executable (2.0%)
ssdeep:
12288:ltPe94VBoF+IwSKfimpvRTnVQOERp+l7c+AvHCusfuWpiltwzz6YSnMvtOQJ0Ep/:l9s4Vi+6SvtVQnRraEcKY2ytOVEp/
PEiD : -
RDS : NSRL Reference Data Set
-
begin 666 compress-icon.png
MB5!.1PT*&@H````-24A$4@````X````." ,````HEMWC````!&=!34$``*_(
M-P6*Z0```!ET15AT4V]F='=A<F4`061O8F4@26UA9V5296%D>7')93P````5
M4$Q41>?S^^?R^:7-Z@"2T3NETZW2Z____S.J:TX```!6241!5'C:9(]1#L P
M"$(MH/<_\C V6]/Q@R]5M+&0GU:@K!35CL@:'MNX-0A2Q*"944B:C,I2D9YV
M&>E,]3*6V*]N=EN[=I3T1OT7'6=<1YY?P'H$& "*B / 0K)=EP````!)14Y$
$KD)@@@``
`
end
begin 666 print-icon.png
MB5!.1PT*&@H````-24A$4@````X````." ,````HEMWC````&71%6'13;V9T
M=V%R90!!9&]B92!);6%G95)E861Y<<EE/ ````]03%1%____`)+1K=+KI<WJ
MY_+YGS<B[ ```$))1$%4>-I<CTD*`# (`XWQ_V^N=HW-01@&@UK07\)H$IKG
MP$P*+\12N%A2\+.*NZFZ"L$=**+CL6WW.U)?8 P!!@!;/@#X1+2M@@````!)
'14Y$KD)@@@``
`
end
Poser une question
Désolé pour la pièce jointe provenant du copier coller page VirusTotal.
Je ne pensais pas qu'on pouvait mettre une pièce jointe dans la hiérarchie
fr.
pas de rejet automatique ??
--
Acetonik
moi aussi, j'etais en train de me le dire :-))
Comment sont passes les png ??
--
Cordialement,
Az Sam.
Le mieux c'est de réessayer...
Impression des résultats
Cordialement
begin 666 print-icon.png
MB5!.1PT*&@H````-24A$4@````X````." ,````HEMWC````&71%6'13;V9T
M=V%R90!!9&]B92!);6%G95)E861Y<<EE/ ````]03%1%____`)+1K=+KI<WJ
MY_+YGS<B[ ```$))1$%4>-I<CTD*`# (`XWQ_V^N=HW-01@&@UK07)H$IKG
MP$P*+12N%A2+.*NZFZ"L$=**+CL6WW.U)?8 P!!@!;/@#X1+2M@@````!)
'14Y$KD)@@@``
`
end
petite taille des images ??
-
un essai pour voir
--
begin 666 feed.png
MB5!.1PT*&@H````-24A$4@````P````," ,```!AJZS5````!&=!34$``-;8
MU$]8,@```!ET15AT4V]F='=A<F4`%D>7')93P````P
M4$Q41?_MV?^5*O__^O^8+/Z4*OV0*?^:+?J**/_YZ_NC5_2$,?VZ?_6!)N1K
M(O_______UL0.: ````0=%).4____________________P#@(UT9````:4E$
M051XVB2-6Q;$, A";1+?:/:_V]H9OKP<!+H%1"B?4Y>J/ #E9TL-=%O*W(<)
M+0VEZ-*$>F ATPG43W2+(_YP7P$&`) `!4SQ!@FA`````$E%3D2N0F""
`
end
Bonjour,
Les pièces jointes de petite taille sont parfois acceptées par les
serveurs, mais ce n'est pas une raison pour en envoyer...
--
Eric