Gerard-17

J'ai eu la même détection avec Malware : ci joint le fichier suite analyse par virus total - ------------------------------------------------------------- Antivirus Version Dernière mise à jour Résultat a-squared 5.0.0.26 2010.06.15 - AhnLab-V3 2010.06.15.00 2010.06.15 - AntiVir 8.2.2.6 2010.06.15 - Antiy-AVL 2.0.3.7 2010.06.11 - Authentium 5.2.0.5 2010.06.15 - Avast 4.8.1351.0 2010.06.15 - Avast5 5.0.332.0 2010.06.15 - AVG 9.0.0.787 2010.06.15 - BitDefender 7.2 2010.06.15 - CAT-QuickHeal 10.00 2010.06.15 - ClamAV 0.96.0.3-git 2010.06.15 Trojan.Agent-124036 Comodo 5107 2010.06.15 - DrWeb 5.0.2.03300 2010.06.15 - eSafe 7.0.17.0 2010.06.14 - eTrust-Vet 36.1.7636 2010.06.15 - F-Prot 4.6.0.103 2010.06.14 - F-Secure 9.0.15370.0 2010.06.15 - Fortinet 4.1.133.0 2010.06.14 - GData 21 2010.06.15 - Ikarus T3.1.1.84.0 2010.06.15 - Jiangmin 13.0.900 2010.06.15 - Kaspersky 7.0.0.125 2010.06.15 - McAfee 5.400.0.1158 2010.06.15 - McAfee-GW-Edition 2010.1 2010.06.15 Heuristic.LooksLike.Heuristic.BehavesLike.Win32.Worm.E Microsoft 1.5802 2010.06.15 - NOD32 5197 2010.06.15 - Norman 6.04.12 2010.06.14 - nProtect 2010-06-15.02 2010.06.15 - Panda 10.0.2.7 2010.06.14 - PCTools 7.0.3.5 2010.06.15 - Prevx 3.0 2010.06.15 - Rising 22.51.06.01 2010.06.13 - Sophos 4.54.0 2010.06.15 - Sunbelt 6449 2010.06.15 - Symantec 20101.1.0.89 2010.06.15 - TheHacker 6.5.2.0.298 2010.06.14 - TrendMicro 9.120.0.1004 2010.06.15 - TrendMicro-HouseCall 9.120.0.1004 2010.06.15 - VBA32 3.12.12.5 2010.06.14 - ViRobot 2010.6.14.3884 2010.06.15 - VirusBuster 5.0.27.0 2010.06.14 - Information additionnelle File size: 762112 bytes MD5 : 5ee8aaa16951e46d197392ba6f2402ea SHA1 : 35f1ab54db4d46b4eb39ae30f15257f2898a6e20 SHA256: 7cc53503c99f6dbb46c9601d84de70bbe11d3eb3f7f0734474892ec5893e61f2 PEInfo: PE Structure information<BR><BR>( base data )<BR>entrypointaddress.: 0x100A0<BR>timedatestamp.....: 0x4A4BD7FC (Wed Jul 1 23:41:16 2009)<BR>machinetype.......: 0x14C (Intel I386)<BR><BR>( 9 sections )<BR>name viradd virsiz rawdsiz ntrpy md5<BR>.text 0x500 0x4E9A 0x4F00 6.80 1a026f74e19bc31b2893e0a9e7e8d319<BR>.rdata 0x5400 0x5162 0x5200 6.42 96f95c9a20331b9a39a2e253fb8515e5<BR>.data 0xA600 0x33E0 0x3400 5.59 69c828e5d037337e4540083e2e155efa<BR>PAGE 0xDA00 0x259E 0x2600 6.55 9ca100a0a04a603982273db292918884<BR>INIT 0x10000 0x4DA 0x500 5.62 dcf1f39a14525092bc04b0eeb3d6c22b<BR>.rsrc 0x10500 0x338 0x400 2.69 364a45934300473980c80571b3cca72c<BR>.UPX0 0x10900 0xD3C 0xE00 5.24 c21ca0a4ea69df2ec0c67a1e960361a3<BR>.UPX1 0x11700 0xA85A1 0xA8600 7.99 1cf67974acaab2f1afb252a5085529ec<BR>.reloc 0xB9D00 0x3C0 0x400 6.33 9dda692441bbaf19f1a5e0f230d65393<BR><BR>( 2 imports )<BR><BR>> hal.dll: ExReleaseFastMutex, ExAcquireFastMutex<BR>> ntoskrnl.exe: KeInitializeEvent, RtlInitUnicodeString, ExFreePoolWithTag, KeClearEvent, KeSetEvent, IofCompleteRequest, IoInvalidateDeviceRelations, RtlCopyUnicodeString, ExAllocatePoolWithTag, IoDeleteDevice, IoAttachDeviceToDeviceStack, IoRegisterDeviceInterface, IoCreateDevice, IoSetDeviceInterfaceState, KeLeaveCriticalRegion, IofCallDriver, IoRequestDeviceEject, ObfReferenceObject, IoDetachDevice, PoCallDriver, PoStartNextPowerIrp, PoSetPowerState, swprintf, IoBuildSynchronousFsdRequest, IoGetAttachedDeviceReference, MmUnmapIoSpace, MmMapIoSpace, ZwQueryValueKey, ZwClose, ZwOpenKey, KeTickCount, KeBugCheckEx, KeWaitForSingleObject, KeEnterCriticalRegion, ObfDereferenceObject<BR><BR>( 0 exports )<BR> TrID : File type identification<BR>Clipper DOS Executable (33.3%)<BR>Generic Win/DOS Executable (33.0%)<BR>DOS Executable Generic (33.0%)<BR>VXD Driver (0.5%)<BR>Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%) ssdeep: 12288:F7iRoqn6YAmrSG8jW8x8n/5lvTKwo3fEPnxVHWtjawi50nJviqhKCMCjHLgC7Z:mo+6YAqV6W82Bl3o3fEV2g6nJviqhoCv sigcheck: publisher....: none<BR>copyright....: none<BR>product......: Autodata Licensing System<BR>description..: Autodata Licensing System<BR>original name: autolic.sys<BR>internal name: autolic.sys<BR>file version.: 1.0 built by: WinDDK<BR>comments.....: n/a<BR>signers......: -<BR>signing date.: -<BR>verified.....: Unsigned<BR> PEiD : - packers (Kaspersky): PE_Patch RDS : NSRL Reference Data Set<BR>- ----------------------------------------------------------------------------------