Application Updater, qu'est-ce ? Fermé

Question

Bonjour, 

mon pare-feu m'indique que Application Updater,(localisé ici: C:\Program Files\Application Updater\ApplicationUpdater.exe) veut acceder à Internet.

Qu'est-ce ? 

Petite précision: je viens de mettre Mozilla Firefox à jour version 3.6.6


Merci de m'aider.

Configuration: Windows XP / Firefox 3.6.6

aarThur · Accepted Answer

Merci, j'connaissais pas ce site. Quelles conclusions faut-il tirer de l'énorme bordel que me sort virustotal.com ? Il y a un endroit où il y a ça: Symantec reputation: Suspicious. C'est grave docteur ? :p

Antivirus 	Version 	Dernière mise à jour 	Résultat
a-squared 	5.0.0.31 	2010.07.11 	-
AhnLab-V3 	2010.07.10.00 	2010.07.09 	-
AntiVir 	8.2.4.10 	2010.07.09 	-
Antiy-AVL 	2.0.3.7 	2010.07.09 	-
Authentium 	5.2.0.5 	2010.07.10 	-
Avast 	4.8.1351.0 	2010.07.11 	-
Avast5 	5.0.332.0 	2010.07.11 	-
AVG 	9.0.0.836 	2010.07.11 	-
BitDefender 	7.2 	2010.07.11 	-
CAT-QuickHeal 	11.00 	2010.07.10 	-
ClamAV 	0.96.0.3-git 	2010.07.11 	-
Comodo 	5395 	2010.07.11 	-
DrWeb 	5.0.2.03300 	2010.07.11 	-
eSafe 	7.0.17.0 	2010.07.11 	-
eTrust-Vet 	36.1.7696 	2010.07.10 	-
F-Prot 	4.6.1.107 	2010.07.10 	-
F-Secure 	9.0.15370.0 	2010.07.11 	-
Fortinet 	4.1.143.0 	2010.07.11 	-
GData 	21 	2010.07.11 	-
Ikarus 	T3.1.1.84.0 	2010.07.11 	-
Jiangmin 	13.0.900 	2010.07.11 	-
Kaspersky 	7.0.0.125 	2010.07.11 	-
McAfee 	5.400.0.1158 	2010.07.11 	-
McAfee-GW-Edition 	2010.1 	2010.07.05 	-
Microsoft 	1.5902 	2010.07.11 	-
NOD32 	5270 	2010.07.11 	-
Norman 	6.05.11 	2010.07.11 	-
nProtect 	2010-07-11.01 	2010.07.11 	-
Panda 	10.0.2.7 	2010.07.11 	-
PCTools 	7.0.3.5 	2010.07.11 	-
Prevx 	3.0 	2010.07.11 	-
Rising 	22.55.04.04 	2010.07.09 	-
Sophos 	4.55.0 	2010.07.11 	-
Sunbelt 	6566 	2010.07.10 	-
Symantec 	20101.1.0.89 	2010.07.11 	-
TheHacker 	6.5.2.1.311 	2010.07.11 	-
TrendMicro 	9.120.0.1004 	2010.07.11 	-
TrendMicro-HouseCall 	9.120.0.1004 	2010.07.11 	-
VBA32 	3.12.12.6 	2010.07.09 	-
ViRobot 	2010.6.29.3912 	2010.07.11 	-
VirusBuster 	5.0.27.0 	2010.07.11 	-
Information additionnelle
File size: 380928 bytes
MD5   : 293e66aa529f0fba1aa56340e293a389
SHA1  : 48ce7f1e56dbfc352c67e8081b4381f4e6826b2f
SHA256: bb9a50948b0fe28011566a1d36c4e9b6485bac0d1e95eb2ded0b82422f495a81
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x262B3
timedatestamp.....: 0x4B466550 (Thu Jan 7 23:50:56 2010)
machinetype.......: 0x14C (Intel I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x3C720 0x3C800 6.58 f195a9d454545c612d5a551a0bb2e2f0
.rdata 0x3E000 0xD9B6 0xDA00 4.40 681fe8d140e5174e54f285ff2f8a8743
.data 0x4C000 0x3CD8 0x2000 3.91 f908c422863a7204286416e707954749
.rsrc 0x50000 0xC0B4 0xC200 4.37 00aa443a264e5de7e350df883da84035
.reloc 0x5D000 0x46B0 0x4800 5.41 d0754f8de750fcd104350f2eea9de0df

( 9 imports )

> advapi32.dll: RegCreateKeyExW, ConvertStringSecurityDescriptorToSecurityDescriptorW, GetSecurityDescriptorLength, MakeSelfRelativeSD, GetSecurityDescriptorControl, GetSecurityDescriptorOwner, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetSecurityDescriptorSacl, RegDeleteValueW, RegSetValueExW, RegQueryValueExW, RegEnumKeyExW, RegOpenKeyExW, RegCloseKey, CreateProcessAsUserW, OpenProcessToken, DuplicateTokenEx, GetTokenInformation, LookupAccountSidW, IsValidSid, GetLengthSid, ConvertSidToStringSidW, CopySid, DeleteService, OpenServiceW, DeregisterEventSource, ReportEventW, RegisterEventSourceW, SetServiceStatus, RegisterServiceCtrlHandlerW, CloseServiceHandle, CreateServiceW, OpenSCManagerW, StartServiceCtrlDispatcherW
> kernel32.dll: CreateDirectoryW, MoveFileExW, DeleteFileW, CopyFileW, GetTempFileNameW, FindFirstFileW, FindNextFileW, FindClose, GetFileAttributesW, GetVersionExW, TerminateProcess, GetModuleHandleA, GetProcAddress, GetVersion, LoadLibraryW, OutputDebugStringA, GetTempPathW, CreateMutexW, GetPrivateProfileStringW, CreateThread, MultiByteToWideChar, DeleteCriticalSection, EnterCriticalSection, LeaveCriticalSection, SetErrorMode, FreeLibrary, SetEnvironmentVariableA, CompareStringW, CompareStringA, FlushFileBuffers, CreateFileA, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, SetStdHandle, GetStringTypeW, GetStringTypeA, LCMapStringW, LCMapStringA, GetLocaleInfoA, GetConsoleMode, GetConsoleCP, InitializeCriticalSectionAndSpinCount, LoadLibraryA, ExpandEnvironmentStringsW, ReadFile, WideCharToMultiByte, GetCurrentProcessId, GetCurrentThreadId, FindResourceExW, FindResourceW, LoadResource, LockResource, SizeofResource, SetFilePointer, CreateFileW, WriteFile, HeapAlloc, FormatMessageW, HeapFree, GetProcessHeap, InterlockedIncrement, lstrlenA, OutputDebugStringW, DebugBreak, InterlockedDecrement, lstrlenW, OpenProcess, Process32NextW, Process32FirstW, CreateToolhelp32Snapshot, GetModuleHandleW, ReleaseMutex, OpenMutexW, Sleep, SetLastError, CloseHandle, LocalFree, RaiseException, SetEvent, WaitForSingleObject, CreateEventW, GetLastError, GetModuleFileNameW, InitializeCriticalSection, GetTimeZoneInformation, GetDateFormatA, GetTimeFormatA, GetTickCount, QueryPerformanceCounter, GetStartupInfoA, GetFileType, SetHandleCount, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, IsValidCodePage, GetOEMCP, GetACP, GetCPInfo, VirtualFree, HeapCreate, GetModuleFileNameA, GetStdHandle, ExitProcess, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, RtlUnwind, VirtualQuery, GetSystemInfo, VirtualAlloc, VirtualProtect, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetCurrentProcess, GetSystemTimeAsFileTime, HeapSize, HeapReAlloc, HeapDestroy
> ole32.dll: CoCreateInstance, CoTaskMemFree, OleRun
> oleaut32.dll: -, -, -, -, -, -, -
> shell32.dll: ShellExecuteW, SHGetFolderPathW
> shlwapi.dll: PathAppendW, PathAddBackslashW, PathFileExistsW, PathIsDirectoryW
> user32.dll: RealGetWindowClassW, LoadStringW, ModifyMenuW, CharNextW, IsWindow, IsMenu, SetWindowTextW, wvsprintfW, LoadImageW, SendMessageW, LoadBitmapW, GetSystemMetrics
> userenv.dll: LoadUserProfileW, CreateEnvironmentBlock, DestroyEnvironmentBlock, UnloadUserProfile
> wininet.dll: HttpOpenRequestW, InternetGetConnectedState, InternetQueryOptionW, HttpQueryInfoW, InternetCrackUrlW, InternetCloseHandle, InternetReadFile, HttpSendRequestW, InternetConnectW, InternetOpenW

( 0 exports )
TrID  : File type identification
Win64 Executable Generic (59.6%)
Win32 Executable MS Visual C++ (generic) (26.2%)
Win32 Executable Generic (5.9%)
Win32 Dynamic Link Library (generic) (5.2%)
Generic Win/DOS Executable (1.3%)
Symantec reputation: Suspicious.Insight https://www.broadcom.com/support/security-center
ssdeep: 6144:vr/SAkKLe/YJNqofIC52Cp1Mz3PP0THhwn5LEL1IoYc9+dMYphAG2pXHyl:vr/SGVJNq3C5swTH+5LExIXcyMB1Sl
sigcheck: publisher....: Spigot, Inc.
copyright....: Copyright (c) 2005-2010 Spigot, Inc.
product......: Application Updater
description..: Application Updater
original name: ApplicationUpdater.exe
internal name: ApplicationUpdater.exe
file version.: 1, 1, 2, 16
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEiD  : -
RDS   : NSRL Reference Data Set
-

Utilisateur anonyme · Answer

lu,

-> https://www.virustotal.com/gui/

et colle : :\Program Files\Application Updater\ApplicationUpdater.exe

tu aura le rapport ;)

lli-llou · Answer

Je remonte le sujet. Des idées ?

Merci

Application Updater, qu'est-ce ?

3 réponses

Discussions similaires