Sujet Précédent Sujet Suivant

MS ASN1 Integer Overflow TCP

Fermé
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 - 29 mai 2006 à 21:22
 keles - 9 avril 2007 à 20:02
bonjour
toutes les 30secondes ,norton me bloque cette menace;ce qui me parait bizare,de plus mon ordi est de plus en plus lent;
est ce que quelqu'un pourrait m'éclaircir;

merci d'avance
A voir également:

19 réponses

Réponse 1 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
29 mai 2006 à 21:34
Bonsoir,

~~ Dans l'ordre : ~~

1/ Mets tous tes logiciels à jour (surtout l'antivirus !) et fais toutes les mises à jour via Windows update : http://www.windowsupdate.com/windowsupdate/v6/default.aspx

2/ Si tu n'en n'as pas, télécharge absolument un firewall.
Par exemple, la version GRATUITE de ZoneAlarm® (Protection par firewall) : https://www.zonealarm.com
Tutorial là : http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/zonealarm-tutorial-sujet_169658_1.htm

Dis moi si le problème est reglé après.

Courage, Kristopher
0
Réponse 2 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
29 mai 2006 à 22:48
re,
j'ai telechager zone alarm et mis a jour anti viruset windows update.
Cependant zone alarm me bloque toutes les 10secondes aussi quelque chose et il a bloqué en 15 MN
74 TENTATIVES DINTRUSION
28 DE NIVEAU ELEVE
t'en penses quoi?
MERCI
0
Réponse 3 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
30 mai 2006 à 10:28
Re,

Auparavant, utilisais-tu uniquement le firewall de Windows XP ?

Très mauvaise idée...

Je pense que ton ordinateur doit être bien infecté. Et si tu veux, je peux te donner une méthode pour désinfecter ton PC.

À bientôt, Kristopher
0
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 16:07
au paravant j'utilisais rien,je savais même pas ce que c'etait un firewall.
Je veux bien que tu me dises ce que je devrais faire faire pour desinfecter mon ordi
tu veux un rapport hijackthis?

ps:J4ARRIVE PLUS ame connecter a msn
0
Réponse 4 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
30 mai 2006 à 16:09
Tiens :

methode-preliminaire-de-desinfection-version-fr

a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
30 mai 2006 à 16:12
Histoire de mieux comprendre les arcanes de l'Informatique, un peu de lecture :

https://sebsauvage.net/safehex.html

Concernant le firewall spécialement : https://sebsauvage.net/safehex.html#r003

a+
0
Réponse 6 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 16:12
pour commencer voila le debut
Logfile of HijackThis v1.99.1
Scan saved at 16:15:18, on 30/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\VTtrayp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\sihem\Bureau\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=FR&range=AD&phase=6&key=S...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/APPS/IE/offline/fr.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://memberservices.passport.net/memberservice.srf
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
0
Réponse 7 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 17:06
voici celui de ewido
ewido anti-malware - Rapport de scan
---------------------------------------------------------

+ Créé le: 17:08:48, 30/05/2006
+ Somme de contrôle: CC4A02A2

+ Résultats du scan:

HKU\S-1-5-21-397090326-166082057-3521063882-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyer et sauvegarder
C:\Documents and Settings\nihel\Cookies\nihel@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder
C:\Documents and Settings\sihem\Cookies\sihem@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyer et sauvegarder
C:\Documents and Settings\sihem\Cookies\sihem@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyer et sauvegarder
C:\Documents and Settings\sihem\Cookies\sihem@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyer et sauvegarder
C:\Documents and Settings\sihem\Cookies\sihem@weborama[2].txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
C:\Documents and Settings\sihem\Cookies\sihem@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyer et sauvegarder
C:\RECYCLER\S-1-5-21-397090326-166082057-3521063882-1009\Dc313.txt -> TrackingCookie.Doubleclick : Nettoyer et sauvegarder


::Fin du rapport
j'attend ta reponse
0
Réponse 8 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
30 mai 2006 à 18:42
Re,

Tu as oublié le rapport de BitDefender cf. post < 5 >

a+
0
Réponse 9 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 19:09
voilà celui de bit defender
BitDefender Online Scanner



Scan report generated at: Tue, May 30, 2006 - 19:03:33





Scan path: C:\;D:\;







Statistics

Time
00:57:05

Files
245715

Folders
4094

Boot Sectors
3

Archives
6958

Packed Files
23512




Results

Identified Viruses
2

Infected Files
6

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
12




Engines Info

Virus Definitions
383766

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
40

Unpack plugins
4

E-mail plugins
6

System plugins
1




Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions


Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes




Scanned File
Status

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017591.exe=>(Quarantine-2)
Infected with: Trojan.Lopad.K

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017591.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017591.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017592.exe=>(Quarantine-2)
Infected with: Trojan.Swizzor.DH

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017592.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017592.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017594.exe=>(Quarantine-2)
Infected with: Trojan.Swizzor.DH

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017594.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017594.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017596.exe=>(Quarantine-2)
Infected with: Trojan.Swizzor.DH

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017596.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017596.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017598.exe=>(Quarantine-2)
Infected with: Trojan.Swizzor.DH

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017598.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017598.exe=>(Quarantine-2)
Deleted

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017599.exe=>(Quarantine-2)
Infected with: Trojan.Swizzor.DH

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017599.exe=>(Quarantine-2)
Disinfection failed

C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP99\A0017599.exe=>(Quarantine-2)
Deleted
0
Réponse 10 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 20:36
j'attend ta reponse
ne nm'oublie pas
lol
a+
0
Réponse 11 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
30 mai 2006 à 20:52
Les deux rapports me semblent OK :)

Où en sont tes soucis ?
0
Réponse 12 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
30 mai 2006 à 21:32
slt,
alors comme ça ,c'eest ok mais le rapport de bit defender m'a fait peur,infected with trojan swizzor et lopad.k,c'est pas inquietant?desolé je m'y connais pas trop mais je crois que c'est comme un peu inquiétant.
sinon mes problemes je n'ai plus l'alerte toutes les 30secondes dde norton.
MAIS mon ordi est tjours aussi lent
a+
j'attends tes impressions
0
Réponse 13 / 19
sissib
31 mai 2006 à 18:04
j'attend toujours de t nouvelles...
a+
0
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
31 mai 2006 à 22:50
"j'attend toujours de t nouvelles... "

Avec un minimum de politesse, tu peux espérer avoir une réponse :)
0
Réponse 14 / 19
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
2 juin 2006 à 15:25
re,
politesse ...tu trouves que j'ai pas été poli,je ne pense,je n'ai eu en aucun cas l'intention d'être mal poli dans mes propos.
je ne sais pas ce qui t'as choqué;
le dernier message peut etre...
mais je l'est posté uniquement pour que tu ne m'oublie pas,je pense que tu dois repondre à beaucoup de personne,et tu n'as forcement le temps de repondre à tout le monde en temps et en heure.
si tu veux me repondre,j'en serais ravie,sinon dommage tu t'est vexé pour pas grand chose
PS:si notre conversation s'arrete ici,je te remercie pour tout ce qu'on a fait jusqu'à là
0
Kristopher
2 juin 2006 à 17:12
Re,

Je n'ai pas trop le temps de te répondre mais grosso modo :

Le rapport de BitDefender est positif : les trojans ont été supprimé (cf. "Deleted").

1/ Pour en être certains, fais ceci :

Clique droit sur Poste de travail -> Propriétés-> onglet Restauration du système -> tu coches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer -> Oui.

Ensuite, tu décoches Désactiver la Restauration du système sur tous les lecteurs -> Appliquer -> OK.

2/ Pour accélérer ton PC :

Télécharge et nettoie ton PC avec ces deux logiciels :

CCLEANER https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

Utilisation : Dans l'onglet "Nettoyeur" cliquez sur "Analyse". Une fois l'analyse terminée, cliquez sur "Lancer le Nettoyage".
Ensuite, dans l'onglet "Erreurs" cliquez sur "Chercher des erreurs" puis, avant de cliquer sur "Réparer les erreurs sélectionnées" effectuez une sauvegarde de votre registre (comme proposé).

CleanUp40
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo d’utilisation :
http://pageperso.aol.fr/balltrap34/democleanup.htm

3/

Clique sur "démarrer"-> "Exécuter…" et tape "services.msc"

Puis décoche tous les services sauf ton antvirus, pare-feu et ce qui est en rapport avec ta connexion à Internet.

4/ Enfin, il faut cocher les lignes 04 inutiles dans le log HijackThis.

Si quelqu'un passe par là, il te dira si non j'essaierai la prochaine fois.

Bon courage !
0
sissib Messages postés 60 Date d'inscription jeudi 16 juin 2005 Statut Membre Dernière intervention 26 novembre 2013 9
2 juin 2006 à 18:36
re,
ok je vais faire tout ce que tu m'as dis.
merci pour tout
0
Réponse 15 / 19
toto333_47 Messages postés 9 Date d'inscription mardi 5 septembre 2006 Statut Membre Dernière intervention 16 août 2007
5 sept. 2006 à 07:51
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 07:52:17 05/09/2006

+ Scan result:



C:\Documents and Settings\tony\Cookies\tony@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\tony\Cookies\tony@yadro[2].txt -> TrackingCookie.Yadro : Cleaned.


::Report end
0
Réponse 16 / 19
toto333_47 Messages postés 9 Date d'inscription mardi 5 septembre 2006 Statut Membre Dernière intervention 16 août 2007
5 sept. 2006 à 08:17
BitDefender Online Scanner - Real Time Virus Report



Generated at: Tue, Sep 05, 2006 - 08:18:32


--------------------------------------------------------------------------------





Scan Info



Scanned Files
226054

Infected Files
0








Virus Detected



No virus found.











--------------------------------------------------------------------------------



This summary of the scan process will be used by the BitDefender Antivirus Lab to create agregate statistics about virus activity around the world.
0
Réponse 17 / 19
toto333_47 Messages postés 9 Date d'inscription mardi 5 septembre 2006 Statut Membre Dernière intervention 16 août 2007
5 sept. 2006 à 08:19
Logfile of HijackThis v1.99.1
Scan saved at 08:19:30, on 05/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\WebCam\M1000\M1000Mnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [M1000Mnt] M1000Rmv.exe /StartStillMnt
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
0
Réponse 18 / 19
Kristopher Messages postés 3731 Date d'inscription vendredi 18 novembre 2005 Statut Contributeur Dernière intervention 10 juillet 2009 106
5 sept. 2006 à 21:01
Salut Tony,

Par respect pour les autres, crée ton propre poste.

http://pageperso.aol.fr/balltrap34/demofairesontmessage.htm

Celui-là, on n'y touche plus.

Alors

a+
0
Réponse 19 / 19
keles
9 avril 2007 à 20:02
Home & Home Office
Small & Mid-Sized Business
Enterprise

Locate A Partner
Become A Partner
Log In To PartnerNet

Corporate Profile
Management Team
Investor Relations
News & Media
Careers







Andean Region - Spanish
Asia Pacific - English
Australia & New Zealand
Austria
Belgium - Dutch
Brazil
Canada - English
Canada - French
Central America & Caribbean - Spanish
China - Simplified Chinese
Czech Republic
Denmark
Finland
France
Germany
Greece
Hong Kong - English
Hungary
India - English
Indonesia - English
Israel
Italy
Japan
Korea
Luxembourg - French
Malaysia - English
Mexico
Middle East - English
The Netherlands
Norway
Philippines - English
Poland
Russia
Singapore - English
South Africa - English
Southern Latin America - Spanish
Spain
Sri Lanka - English
Sweden
Switzerland - German
Taiwan - Traditional Chinese
Thailand - English
Turkey
United Kingdom & Ireland
United States
Vietnam - English

All of Symantec Support Viruses & Risks Home & Home Office Small & Mid-Sized Business Enterprise Partners

MS ASN1 Integer Overflow TCP
Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.



Description

This signature detects an attempts to exploit an integer overflow in Microsoft's Abstract Syntx Notation1.



Additional Information

Microsoft Windows Abstract Syntax Notation 1 (ASN.1) handling Library (MSASN1.dll) is shipped as a part of the Microsoft Windows Operating System. The MSASN1 library provides an application programmer's interface for Microsoft ASN.1 encoding/decoding and processing functions.

Microsoft ASN.1 handling library has been reported prone to an integer overflow vulnerability that may result in arbitrary heap-based memory corruption. The issue presents itself in the ASN.1 BER decoding/encoding routines, specifically in the ASN1BERDecBitString() function. ASN1BERDecBitString() handles constructed bit strings by concatenating each of the simple bit strings that comprise the compound one. The integer overflow occurs when a bit string is processed and the number of bits in the bit string is added to the cumulative total as follows:
lea eax, [ecx+eax+7]

This may provide a conduit for an attacker to trigger a boundary condition error. When the first bit string processed by ASN1BERDecBitString possesses a specified signed length of 0xfffffff9(-7), then the aforementioned arithmetic (ecx+eax+7) sums the accumulated bits (0) with the signed length of the bit string (-7). The rounding value (+7) is then added to the total. This will result in a total assigned length of zero.

It has been reported that this value is then further processed by the DecMemReAlloc() function call, and ultimately results in a zero-byte chunk being allocated on the heap. The original bit string lengths are passed to the function ASN1bitcpy(). This function later performs a memcpy() operation to copy supplied bit string data into the zero-byte allocated heap based buffer. This operation will result in the corruption of heap based management structures, and may ultimately be leveraged by an attacker to have arbitrary code executed in the context of the affected process.

This vulnerability is exposed in a number of security related operating system components, including Kerberos (via UDP port 88), Microsoft IIS with SSL support enabled and NTLMv2 authentication (via TCP ports 135, 139 and 445). Other components may also be affected, though a comprehensive list is not available at this time. Client applications which use the library will be affected, including LSASS.EXE and CRYPT32.DLL (and any application that relies on CRYPT32.DLL). The vulnerable library is used frequently in components that handle certificates such as Internet Explorer and Outlook. Handling of signed ActiveX components could also present an exposure.

It should be noted that because ASN.1 data will likely be encoded, for example Kerberos, SSL, IPSec or Base64 encoded, the malicious integer values may be obfuscated and as a result not easily detectable.

This vulnerability was originally covered in BID 9626, but further information has been made available which identifies a number of distinct vulnerabilities in the library and so this specific issue has been assigned an individual BID.



Affected:

Adobe Acrobat 5.0, 5.0.5, 6.0
Altova xmlspy Enterprise Edition 2004, 2004 R2
Altova xmlspy Home Edition 2004, 2004 R2
Altova xmlspy Professional Edition 2004, 2004 R2
AOL Instant Messenger 5.0.2938, 5.1.3036, 5.2.3292, 5.5.3415 Beta
Intuit Quicken 2003
Intuit TurboTax 2003
JASC Software PaintShop Pro 5.0, 5.0 1, 5.0 3, 6.0, 6.0 1, 6.0 2, 7.0, 7.0 1, 7.0 2, 7.0 4, 8.0, 8.0 1, 8.10
Microsoft Windows 2000 Advanced Server SP1, SP2, SP3, SP4
Microsoft Windows 2000 Professional SP1, SP2, SP3, SP4
Microsoft Windows 2000 Server SP1, SP2, SP3, SP4
Microsoft Windows 98
Microsoft Windows 98SE
Microsoft Windows NT Server 4.0, 4.0 SP1, 4.0 SP2, 4.0 SP3, 4.0 SP4, 4.0 SP5, 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Terminal Server 4.0, 4.0 SP1, 4.0 SP2, 4.0 SP3, 4.0 SP4, 4.0 SP5, 4.0 SP6
Microsoft Windows NT Workstation 4.0, 4.0 SP1, 4.0 SP2, 4.0 SP3, 4.0 SP4, 4.0 SP5, 4.0 SP6, 4.0 SP6a
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Datacenter Edition Itanium
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows XP 64-bit Edition SP1
Microsoft Windows XP 64-bit Edition Version 2003 SP1
Microsoft Windows XP Home SP1
Microsoft Windows XP Professional SP1
Musicmatch Inc. Musicmatch Jukebox 8.0, 8.1, 8.2
Van Dyke Technologies SecureCRT 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5
Yahoo! Messenger 5.5, 5.5.1249, 5.6, 5.6.0.1347, 5.6.0.1351, 5.6.0.1355, 5.6.0.1356, 5.6.0.1358




Response

It has been alleged that an official patch to address this issue in Microsoft Windows 98 systems is available to customers who possess a current support contract with Microsoft. Customers are advised to contact their relative Microsoft TAM, in order to obtain a relevant patch.

Microsoft has released a security update (MS04-007) to address this issue in affected versions of Microsoft Windows. Users are strongly advised to obtain fixes as soon as possible.


Microsoft Windows 2000 Advanced ServerSP2:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 Advanced ServerSP3:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 Advanced ServerSP4:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ProfessionalSP2 :
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ProfessionalSP3 :
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ProfessionalSP4:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ServerSP2:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ServerSP3:
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows 2000 ServerSP4 :
Microsoft Upgrade Security Update for Windows 2000: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=191853C4-A4D2-4797-A8C6-A2E663A53698&displaylang=en

Microsoft Windows NT Server 4.0SP6a:
Microsoft Upgrade Security Update for Windows NT Server 4.0: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=E8315430-90CD-4B20-8F54-58527932B588&displaylang=en

Microsoft Windows NT Terminal Server 4.0SP6:
Microsoft Upgrade Security Update for Windows NT Server Terminal Server Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=D83B39D3-FF13-4D0B-B406-A225AED0D659&displaylang=en

Microsoft Windows NT Workstation 4.0SP6a:
Microsoft Upgrade Security Update for Windows NT Workstation 4.0: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=92400199-B3D5-4826-98D4-F134849F5249&displaylang=en

Microsoft Windows Server 2003 Datacenter Edition:
Microsoft Upgrade Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497-42FF-90E7-283732B2E117&displaylang=en

Microsoft Windows Server 2003 Datacenter Edition 64-bit:
Microsoft Upgrade Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1-4B5F-958F-E178C3F61F7C&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition:
Microsoft Upgrade Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497-42FF-90E7-283732B2E117&displaylang=en

Microsoft Windows Server 2003 Enterprise Edition 64-bit:
Microsoft Upgrade Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1-4B5F-958F-E178C3F61F7C&displaylang=en

Microsoft Windows Server 2003 Standard Edition :
Microsoft Upgrade Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497-42FF-90E7-283732B2E117&displaylang=en

Microsoft Windows Server 2003 Web Edition:
Microsoft Upgrade Security Update for Windows Server 2003: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=3D7FFFF9-A497-42FF-90E7-283732B2E117&displaylang=en

Microsoft Windows XP 64-bit Edition:
Microsoft Upgrade Security Update for Windows XP 64-Bit Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=383C397F-9318-4AD5-9C2C-0577118A1E68&displaylang=en

Microsoft Windows XP 64-bit EditionSP1:
Microsoft Upgrade Security Update for Windows XP 64-Bit Edition: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=383C397F-9318-4AD5-9C2C-0577118A1E68&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003:
Microsoft Upgrade Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1-4B5F-958F-E178C3F61F7C&displaylang=en

Microsoft Windows XP 64-bit Edition Version 2003SP1:
Microsoft Upgrade Security Upd for Windows Server 2003 64-bit Edition/Windows XP 64-bit Edition Version 2003:KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=FA280168-66E1-4B5F-958F-E178C3F61F7C&displaylang=en

Microsoft Windows XP Home:
Microsoft Upgrade Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE-48E9-ACD0-1343D89CCBBA&displaylang=en

Microsoft Windows XP HomeSP1:
Microsoft Upgrade Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE-48E9-ACD0-1343D89CCBBA&displaylang=en

Microsoft Windows XP Professional:
Microsoft Upgrade Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE-48E9-ACD0-1343D89CCBBA&displaylang=en

Microsoft Windows XP ProfessionalSP1:
Microsoft Upgrade Security Update for Windows XP: KB828028
http://www.microsoft.com/downloads/details.aspx?FamilyId=0CC30297-D4AE-48E9-ACD0-1343D89CCBBA&displaylang=en



Possible False Positives

There are no known false positives associated with this signature.



Additional References

CERT: Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability


Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability


CAN-2003-0818


Eeye: Microsoft Windows ASN.1 Library Bit String Processing Integer Handling Vulnerability


SecurityFocus BID: 9635



Site Index · Legal Notices · Privacy Policy · Site Feedback · Contact Us · Global Sites · License Agreements ©1995 - 2007 Symantec Corporation
0

Discussions similaires

Concatener un String et un Integer en VBA
Hugo -
ccm81 -

5 réponses
TCP Optimizer est-ce efficace ?
liberteegalite2 -
tanvoilacruchalo -

8 réponses
Erreur : assignment makes pointer from integer without a cast
Unnamed_Man -
Unnamed_Man -

3 réponses
erreur stack overflow
shaunbaker -
Johann74270 -

3 réponses
Comment corriger l'erreur " Incorrect integer value"
Arman_2034 -
Arman_2034 -

2 réponses