malakan

Bonsoir pear et merci de prendre du temps . voici le détail de virustotal SHA256: 3a822c3a0003b36f212a4184fc1f49ce65aaf1a2a481ee05daab868b2847945f SHA1: 3073a78d7411210fd762ce6237865eff528661be MD5: 2718dc27571bd1e37813f5759d2dc118 File size: 197.6 KB ( 202296 bytes ) File type: Win32 EXE Detection ratio: 1 / 41 Analysis date: 2012-01-20 20:53:11 UTC ( 1 minute ago ) Antivirus Result Update AhnLab-V3 - 20120119 AntiVir - 20120120 Antiy-AVL - 20120120 Avast - 20120120 AVG - 20120120 BitDefender - 20120120 ByteHero Trojan.Malware.Win32.xPack.m 20120120 CAT-QuickHeal - 20120120 ClamAV - 20120120 Commtouch - 20120120 Comodo - 20120120 DrWeb - 20120120 Emsisoft - 20120120 eSafe - 20120120 eTrust-Vet - 20120120 F-Prot - 20120119 F-Secure - 20120120 Fortinet - 20120120 GData - 20120120 Ikarus - 20120120 Jiangmin - 20120120 K7AntiVirus - 20120120 Kaspersky - 20120120 McAfee - 20120120 McAfee-GW-Edition - 20120120 Microsoft - 20120120 NOD32 - 20120120 Norman - 20120120 nProtect - 20120120 PCTools - 20120120 Prevx - 20120120 Rising - 20120118 SUPERAntiSpyware - 20120120 Symantec - 20120120 TheHacker - 20120120 TrendMicro - 20120120 TrendMicro-HouseCall - 20120120 VBA32 - 20120119 VIPRE - 20120120 ViRobot - 20120120 VirusBuster - 20120120 voici les informations additionnels données par virustotal ssdeep file piecewise hash 3072:aVKD6d4YheliHXJKM6Ovf9xXQb8xBjEK2xp5bhP:aVKedlel8XJjVvbAb2E5xP TrID file type information Win32 Executable MS Visual C++ (generic) (65.2%) Win32 Executable Generic (14.7%) Win32 Dynamic Link Library (generic) (13.1%) Generic Win/DOS Executable (3.4%) DOS Executable Generic (3.4%) ExifTool file metadata CodeSize.................: 143360 SubsystemVersion.........: 4.0 InitializedDataSize......: 45056 ImageVersion.............: 0.0 ProductName..............: Kaspersky Anti-Virus FileVersionNumber........: 12.0.0.374 UninitializedDataSize....: 0 LanguageCode.............: English (U.S.) FileFlagsMask............: 0x003f CharacterSet.............: Unicode LinkerVersion............: 8.0 OriginalFilename.........: AVP.EXE MIMEType.................: application/octet-stream Subsystem................: Windows GUI FileVersion..............: 12.0.0.374 TimeStamp................: 2011:04:24 19:43:37+01:00 FileType.................: Win32 EXE PEType...................: PE32 InternalName.............: AVP ProductVersion...........: 12.0.0.374 FileDescription..........: Kaspersky Anti-Virus OSVersion................: 4.0 FileOS...................: Windows NT 32-bit LegalCopyright...........: 1997-2011 Kaspersky Lab ZAO. MachineType..............: Intel 386 or later, and compatibles CompanyName..............: Kaspersky Lab ZAO LegalTrademarks..........: Kaspersky Anti-Virus is registered trademark of Kaspersky Lab ZAO. FileSubtype..............: 0 ProductVersionNumber.....: 12.0.0.374 EntryPoint...............: 0x19870 ObjectFileType...........: Executable application Sigcheck digital signature information publisher................: Kaspersky Lab ZAO product..................: Kaspersky Anti-Virus internal name............: AVP copyright................: © 1997-2011 Kaspersky Lab ZAO. original name............: AVP.EXE signing date.............: 8:15 PM 4/24/2011 signers..................: Kaspersky Lab VeriSign Class 3 Code Signing 2010 CA VeriSign Class 3 Public Primary Certification Authority - G5 file version.............: 12.0.0.374 description..............: Kaspersky Anti-Virus Portable Executable structural information Compilation timedatestamp.....: 2011-04-24 18:43:37 Target machine................: 332 Entry point address...........: 0x00019870 PE Sections...................: Name Virtual Address Virtual Size Raw Size Entropy MD5 .text 4096 143182 143360 6.56 f428b5eaaeee7b2c5b552cc7b7528434 .rdata 147456 13558 16384 4.55 2f0b723d2bad0fe45ac2e82e64e00101 .data 163840 25696 12288 4.14 b6386ddcff4993ea1f78f7bd2fac88fb .rsrc 192512 13120 16384 4.31 fc2267c465fc60ea0a05811b58061498 PE Imports....................: KERNEL32.dll EnterCriticalSection, HeapAlloc, HeapFree, GetProcessHeap, SetErrorMode, LoadLibraryExW, GetCurrentProcess, GetSystemDirectoryW, WideCharToMultiByte, GetModuleFileNameW, GetProcAddress, Sleep, OpenMutexW, CloseHandle, InterlockedIncrement, InterlockedDecrement, GetLastError, LocalAlloc, FreeLibrary, InterlockedExchange, LoadLibraryA, RaiseException, TerminateProcess, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, GetModuleHandleA, ExitProcess, HeapReAlloc, GetVersionExA, GetStartupInfoW, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, SetLastError, GetCurrentThreadId, HeapSize, HeapDestroy, HeapCreate, VirtualFree, DeleteCriticalSection, LeaveCriticalSection, VirtualQuery, VirtualAlloc, WriteFile, GetStdHandle, GetModuleFileNameA, InitializeCriticalSection, RtlUnwind, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, MultiByteToWideChar, LCMapStringA, LCMapStringW, ReadFile, SetFilePointer, SetHandleCount, GetFileType, GetStartupInfoA, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineA, GetCommandLineW, QueryPerformanceCounter, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, GetLocaleInfoA, CreateFileW, GetStringTypeA, GetStringTypeW, SetStdHandle, GetConsoleCP, GetConsoleMode, FlushFileBuffers, SetEndOfFile, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, CreateFileA First seen by VirusTotal 2011-04-25 18:01:55 UTC ( 9 months ago ) Last seen by VirusTotal 2012-01-20 20:53:11 UTC ( 9 minutes ago ) File names (max. 25) avp.exe avp.exe BB930240383F9232161103BFCC36A30078B79E6C.exe BackDoor.exe avp.exe avz00001.dta file-2359443_exe file-2998410_exe smona132078769668610451628 voila... je vous remercie

--- 18-01 à 23h50 --- Bonsoir, Je viens vous demander conseil car j'ai Malwarebyte qui me bloque plusieurs fois par jour la même IP, mais sur un port différent. Cela se produit apparemment seulement quand je navigue sur la toile. 2012/01/18 01:30:14 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53413, Process: avp.exe) 2012/01/18 01:30:39 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53532, Process: avp.exe) 2012/01/18 01:30:39 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53533, Process: avp.exe) 2012/01/18 01:30:39 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53534, Process: avp.exe) 2012/01/18 01:30:39 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53543, Process: avp.exe) 2012/01/18 01:33:59 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53626, Process: avp.exe) 2012/01/18 01:33:59 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53627, Process: avp.exe) 2012/01/18 01:33:59 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53629, Process: avp.exe) 2012/01/18 01:34:15 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53669, Process: avp.exe) 2012/01/18 01:34:15 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 53670, Process: avp.exe) 2012/01/18 22:31:03 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 58330, Process: avp.exe) 2012/01/18 23:14:16 +0100 STACY-PC stacy IP-BLOCK 68.168.112.22 (Type: outgoing, Port: 60301, Process: avp.exe) J'aimerais comprendre. Merci de votre attention. --- 19-01 à 17h44 --- bonjour a tous bon je vois que personne ne m'a répondu peut etre n'est ce pas important. je tenais juste a préciser que ces blocages d'ip que j'ai eu jusqu'a present se manifeste principalement quand je visite le site de zebulon par le biais d'un lien via google.si ceci n'est pas grave j'aimerai juste comprendre pourquoi. si quelqu'un est en mesure de m'éclairer. et merci pour le super boulot que vous faites -édit- Dans cette section, il ne faut pas insérer de « up » dans ton sujet avant d'avoir été pris en charge : au vu de la présence d'une « réponse », les helpers ne s'y intéresseront pas, croyant le problème pris en mains par l'un des leurs. Tu peux en revanche poster un petit rappel dans le sujet « On m'a oublié ! », épinglé en tête de la section et prévu à cet effet…