olly
-
Compteur de contenus
119 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par olly
-
ben en fait je n'ai pas membre_pseudo dans ma table : Elle est dans la base "sport". La table membre est constituée comme cela : -- phpMyAdmin SQL Dump -- version 3.2.0.1 -- [url="http://www.phpmyadmin.net"]phpMyAdmin[/url] -- -- Serveur: localhost -- Généré le : Sam 10 Juillet 2010 à 13:20 -- Version du serveur: 5.1.36 -- Version de PHP: 5.3.0 SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO"; -- -- Base de données: `sport` -- -- -------------------------------------------------------- -- -- Structure de la table `membres` -- CREATE TABLE IF NOT EXISTS `membres` ( `membre_id` int(11) NOT NULL AUTO_INCREMENT, `pseudo` varchar(32) NOT NULL, `mdp` varchar(40) NOT NULL, `mdp_verif` varchar(255) NOT NULL, `mail` varchar(100) NOT NULL, `mail_verif` varchar(255) NOT NULL, PRIMARY KEY (`membre_id`), UNIQUE KEY `membre_pseudo` (`pseudo`), UNIQUE KEY `membre_mail` (`mail`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=8 ; -- -- Contenu de la table `membres` -- INSERT INTO `membres` (`membre_id`, `pseudo`, `mdp`, `mdp_verif`, `mail`, `mail_verif`) VALUES (1, 'oliv', 'oliv', '<br /> <b>Notice</b>: Undefined variable: _SESSION in <b>C:\\wamp\\www\\SiteduBE\\inscriptioncl.php</b> on line <b>19</b><br /> <br /> <b>Notice</b>: Undefined variable: _SESSION in <b>C:\\wamp\\www\\SiteduBE\\inscriptioncl.php</b> on line <b>19</b><br />', '<br /> <b>Notice</b>: Undefined variable: _SESSION in <b>C:\\wamp\\www\\SiteduBE\\inscriptioncl.php</b>', '<br /> <b>Notice</b>: Undefined variable: _SESSION in <b>C:\\wamp\\www\\SiteduBE\\inscriptioncl.php</b> on line <b>21</b><br /> <br /> <b>Notice</b>: Undefined variable: _SESSION in <b>C:\\wamp\\www\\SiteduBE\\inscriptioncl.php</b> on line <b>21</b><br />'), (6, 'oliv56640', 'malaure76', 'malaure76', 'olivierpierre@hotmail.fr', 'olivierpierre@hotmail.fr'); Le formulaire est : inscriptioncl.php ?php include('haut.php'); include('entete.php'); include('menus.php'); ?> <!-- Le corps --> <div id="corps"> <h1>Formulaire d'inscription</h1> <p>Bienvenue sur la page d'inscription de mon site !<br/> Merci de remplir ces champs pour continuer.</p> <form action="cibleinscl.php" method="post" name="Inscription"> <fieldset><legend>Identifiants</legend> <label for="pseudo" class="float">Pseudo :</label> <input type="text" name="pseudo" id="pseudo" size="30" value="<?php if($_SESSION['pseudo_info'] == '') echo htmlspecialchars($_SESSION['form_pseudo'], ENT_QUOTES) ; ?>" /> <em>(compris entre 3 et 32 caractères)</em><br /> <label for="mdp" class="float">Mot de passe :</label> <input type="password" name="mdp" id="mdp" size="30" value="<?php if($_SESSION['mdp_info'] == '') echo htmlspecialchars($_SESSION['form_mdp'], ENT_QUOTES) ; ?>" /> <em>(compris entre 4 et 50 caractères)</em><br /> <label for="verif" class="float">Mot de passe (vérification) :</label> <input type="password" name="mdp_verif" id="mdp_verif" size="30" value="<?php if($_SESSION['mdp_verif_info'] == '') echo htmlspecialchars($_SESSION['form_mdp_verif'], ENT_QUOTES) ; ?>" /><br /> <label for="mail" class="float">Mail :</label> <input type="text" name="mail" id="mail" size="30" value="<?php if($_SESSION['mail_info'] == '') echo htmlspecialchars($_SESSION['form_mail'], ENT_QUOTES) ; ?>" /> <br /> <label for="mail_verif" class="float">Mail (vérification) :</label> <input type="text" name="mail_verif" id="mail_verif" size="30" value="<?php if($_SESSION['mail_verif__info'] == '') echo htmlspecialchars($_SESSION['form_mail_verif'], ENT_QUOTES) ; ?>" /><br /> </fieldset> <fieldset><legend>Charte du site et protection anti-robot</legend> <?php include('charte.php'); ?> <h1>Système anti robots :</h1> <p>Qu'est-ce que c'est ?<br/> Pour lutter contre l'inscription non désirée de robots qui publient du contenu non désiré sur les sites web, nous avons décidé de mettre en place un systèle de sécurité.<br/> Aucun de ces systèmes n'est parfait, mais nous espérons que celui-ci, sans vous être inaccessible sera suffisant pour lutter contre ces robots.<br/> Il est possible que certaine fois, l'image soit trop dure à lire, le cas échéant, actualisez la page jusqu'à avoir une image lisible.<br/> Si vous êtes dans l'incapacité de lire plusieurs images d'affilée, <a href="../contact.php">contactez-nous</a>, nous nous occuperons de votre inscription.</p> <label for="captcha" class="float">Entrez les 8 caractères (majuscules ou chiffres) contenus dans l'image :</label> <input type="text" name="captcha" id="captcha"><br/> <img src="captcha.php" /> </fieldset> <div class="center"><input type="submit" value="Inscription" /></div> </form> </div> <?php include('pdp.php'); ?> et le traitement est : cibleinscl.php <?php try { $bdd = new PDO('mysql:host=localhost;dbname=sport', 'root', ''); $bdd -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); //Pour catcher d'éventuelle erreurs supp $req = "INSERT INTO membres(pseudo, mdp, mdp_verif, mail, mail_verif)"; $req .= " VALUES "; $req .= "(:pseudo, :mdp, :mdp_verif, :mail, :mail_verif)"; $req = $bdd -> prepare($req); $req->bindValue(':pseudo', $_POST['pseudo'], PDO::PARAM_STR); $req->bindValue(':mdp', $_POST['mdp'], PDO::PARAM_STR); $req->bindValue(':mdp_verif', $_POST['mdp_verif'], PDO::PARAM_STR); $req->bindValue(':mail', $_POST['mail'], PDO::PARAM_STR); $req->bindValue(':mail_verif', $_POST['mail_verif'], PDO::PARAM_STR); $req->execute(); } catch (Exception $e) { echo 'Erreur : ' . $e->getMessage(); } $_SESSION['erreurs'] = 0; include('fonctions.php'); //Pseudo if(isset($_POST['pseudo'])) { $pseudo = trim($_POST['pseudo']); $pseudo_result = checkpseudo($pseudo); if($pseudo_result == 'tooshort') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est trop court, vous devez en choisir un plus long (minimum 3 caractères).</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'toolong') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est trop long, vous devez en choisir un plus court (maximum 32 caractères).</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'exists') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est déjà pris, choisissez-en un autre.</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'ok') { $_SESSION['pseudo_info'] = ''; $_SESSION['form_pseudo'] = $pseudo; } else if($pseudo_result == 'empty') { $_SESSION['pseudo_info'] = '<span class="erreur">Vous n\'avez pas entré de pseudo.</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //Mot de passe if(isset($_POST['mdp'])) { $mdp = trim($_POST['mdp']); $mdp_result = checkmdp($mdp, ''); if($mdp_result == 'tooshort') { $_SESSION['mdp_info'] = '<span class="erreur">Le mot de passe entré est trop court, changez-en pour un plus long (minimum 4 caractères).</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'toolong') { $_SESSION['mdp_info'] = '<span class="erreur">Le mot de passe entré est trop long, changez-en pour un plus court. (maximum 50 caractères)</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'nofigure') { $_SESSION['mdp_info'] = '<span class="erreur">Votre mot de passe doit contenir au moins un chiffre.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'noupcap') { $_SESSION['mdp_info'] = '<span class="erreur">Votre mot de passe doit contenir au moins une majuscule.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'ok') { $_SESSION['mdp_info'] = ''; $_SESSION['form_mdp'] = $mdp; } else if($mdp_result == 'empty') { $_SESSION['mdp_info'] = '<span class="erreur">Vous n\'avez pas entré de mot de passe.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //Mot de passe suite if(isset($_POST['mdp_verif'])) { $mdp_verif = trim($_POST['mdp_verif']); $mdp_verif_result = checkmdpS($mdp_verif, $mdp); if($mdp_verif_result == 'different') { $_SESSION['mdp_verif_info'] = '<span class="erreur">Le mot de passe de vérification diffère du mot de passe.</span><br/>'; $_SESSION['form_mdp_verif'] = ''; $_SESSION['erreurs']++; if(isset($_SESSION['form_mdp'])) unset($_SESSION['form_mdp']); } else { if($mdp_verif_result == 'ok') { $_SESSION['form_mdp_verif'] = $mdp_verif; $_SESSION['mdp_verif_info'] = ''; } else { $_SESSION['mdp_verif_info'] = str_replace('passe', 'passe de vérification', $_SESSION['mdp_info']); $_SESSION['form_mdp_verif'] = ''; $_SESSION['erreurs']++; } } } else { header('Location: ../index.php'); exit(); } //mail if(isset($_POST['mail'])) { $mail = trim($_POST['mail']); $mail_result = checkmail($mail); if($mail_result == 'isnt') { $_SESSION['mail_info'] = '<span class="erreur">Le mail '.htmlspecialchars($mail, ENT_QUOTES).' n\'est pas valide.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } else if($mail_result == 'exists') { $_SESSION['mail_info'] = '<span class="erreur">Le mail '.htmlspecialchars($mail, ENT_QUOTES).' est déjà pris, <a href="contact.php">contactez-nous</a> si vous pensez à une erreur.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } else if($mail_result == 'ok') { $_SESSION['mail_info'] = ''; $_SESSION['form_mail'] = $mail; } else if($mail_result == 'empty') { $_SESSION['mail_info'] = '<span class="erreur">Vous n\'avez pas entré de mail.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //mail suite if(isset($_POST['mail_verif'])) { $mail_verif = trim($_POST['mail_verif']); $mail_verif_result = checkmailS($mail_verif, $mail); if($mail_verif_result == 'different') { $_SESSION['mail_verif_info'] = '<span class="erreur">Le mail de vérification diffère du mail.</span><br/>'; $_SESSION['form_mail_verif'] = ''; $_SESSION['erreurs']++; } else { if($mail_result == 'ok') { $_SESSION['mail_verif_info'] = ''; $_SESSION['form_mail_verif'] = $mail_verif; } else { $_SESSION['mail_verif_info'] = str_replace(' mail', ' mail de vérification', $_SESSION['mail_info']); $_SESSION['form_mail_verif'] = ''; $_SESSION['erreurs']++; } } } else { header('Location: ../index.php'); exit(); } //captcha if($_POST['captcha'] == $_SESSION['captcha'] && isset($_POST['captcha']) && isset($_SESSION['captcha'])) { $_SESSION['captcha_info'] = ''; } else { $_SESSION['captcha_info'] = '<span class="erreur">Vous n\'avez pas recopié correctement le contenu de l\'image.</span><br/>'; $_SESSION['erreurs']++; } unset($_SESSION['reponse1'], $_SESSION['reponse2'], $_SESSION['reponse3']); unset($_SESSION['captcha']); /*************Fin étude******************/ if($_SESSION['erreurs'] > 0) { if($_SESSION['erreurs'] == 1) $_SESSION['nb_erreurs'] = '<span class="erreur">Il y a eu 1 erreur.</span><br/>'; else $_SESSION['nb_erreurs'] = '<span class="erreur">Il y a eu '.$_SESSION['erreurs'].' erreurs.</span><br/>'; ?> <h1>Inscription non validée.</h1> <p>Vous avez rempli le formulaire d'inscription du site et nous vous en remercions, cependant, nous n'avons pas pu valider votre inscription, en voici les raisons :<br/> <?php echo $_SESSION['nb_erreurs']; echo $_SESSION['pseudo_info']; echo $_SESSION['mdp_info']; echo $_SESSION['mdp_verif_info']; echo $_SESSION['mail_info']; echo $_SESSION['mail_verif_info']; echo $_SESSION['date_naissance_info']; echo $_SESSION['captcha_info']; if($sqlbug !== true) { ?> Nous vous proposons donc de revenir à la page précédente pour corriger les erreurs. (Attention, que vous l'ayez correctement remplie ou non, la partie sur la charte et l'image est à refaire intégralement.)</p> <div class="center"><a href="inscriptioncl.php">Retour</a></div> <?php } else { ?> Une erreur est survenue dans la base de données, votre formulaire semble ne pas contenir d'erreurs, donc il est possible que le problème vienne de notre côté, réessayez de vous inscrire ou contactez-nous.</p> <div class="center"><a href="inscription.php">Retenter une inscription</a> - <a href="contact.php">Contactez-nous</a></div> <?php } } ?> </div> <?php include('pdp.php'); ?> La base enregistre les pseudo, mots de passe et email Quand je fait un nouveau test j'ai l'erreur suivants : Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'SYSTEM'@'localhost' (using password: NO) in C:\wamp\www\SiteduBE\fonctions.php on line 159 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\wamp\www\SiteduBE\fonctions.php on line 159 Warning: mysql_query() [function.mysql-query]: Access denied for user 'SYSTEM'@'localhost' (using password: NO) in C:\wamp\www\SiteduBE\fonctions.php on line 5 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\wamp\www\SiteduBE\fonctions.php on line 5 Erreur SQL : Access denied for user 'SYSTEM'@'localhost' (using password: NO) Ligne : 5. Mais j'ai du mal à tout resoudre Merci de ton aide
-
En fait je prefere une connexion via pdo, il faut que je modifie mon code mais je nes sais pas vraiment comment m'y prendre, peux tu m'aider ?
-
je me lance : j'ai créer un formulaire d'inscription : <?php include('haut.php'); include('entete.php'); include('menus.php'); ?> <!-- Le corps --> <div id="corps"> <h1>Formulaire d'inscription</h1> <p>Bienvenue sur la page d'inscription de mon site !<br/> Merci de remplir ces champs pour continuer.</p> <form action="cibleinscl.php" method="post" name="Inscription"> <fieldset><legend>Identifiants</legend> <label for="pseudo" class="float">Pseudo :</label> <input type="text" name="pseudo" id="pseudo" size="30" value="<?php if($_SESSION['pseudo_info'] == '') echo htmlspecialchars($_SESSION['form_pseudo'], ENT_QUOTES) ; ?>" /> <em>(compris entre 3 et 32 caractères)</em><br /> <label for="mdp" class="float">Mot de passe :</label> <input type="password" name="mdp" id="mdp" size="30" value="<?php if($_SESSION['mdp_info'] == '') echo htmlspecialchars($_SESSION['form_mdp'], ENT_QUOTES) ; ?>" /> <em>(compris entre 4 et 50 caractères)</em><br /> <label for="verif" class="float">Mot de passe (vérification) :</label> <input type="password" name="mdp_verif" id="mdp_verif" size="30" value="<?php if($_SESSION['mdp_verif_info'] == '') echo htmlspecialchars($_SESSION['form_mdp_verif'], ENT_QUOTES) ; ?>" /><br /> <label for="mail" class="float">Mail :</label> <input type="text" name="mail" id="mail" size="30" value="<?php if($_SESSION['mail_info'] == '') echo htmlspecialchars($_SESSION['form_mail'], ENT_QUOTES) ; ?>" /> <br /> <label for="mail_verif" class="float">Mail (vérification) :</label> <input type="text" name="mail_verif" id="mail_verif" size="30" value="<?php if($_SESSION['mail_verif__info'] == '') echo htmlspecialchars($_SESSION['form_mail_verif'], ENT_QUOTES) ; ?>" /><br /> <label for="date_naissance" class="float">Date de naissance :</label> <input type="text" name="date_naissance" id="date_naissance" size="30" value="<?php if($_SESSION['date_naissance_info'] == '') echo htmlspecialchars($_SESSION['form_date_naissance'], ENT_QUOTES) ; ?>" /> <em>(format JJ/MM/AAAA)</em><br/> </fieldset> <fieldset><legend>Charte du site et protection anti-robot</legend> <?php include('charte.php'); ?> <h1>Système anti robots :</h1> <p>Qu'est-ce que c'est ?<br/> Pour lutter contre l'inscription non désirée de robots qui publient du contenu non désiré sur les sites web, nous avons décidé de mettre en place un systèle de sécurité.<br/> Aucun de ces systèmes n'est parfait, mais nous espérons que celui-ci, sans vous être inaccessible sera suffisant pour lutter contre ces robots.<br/> Il est possible que certaine fois, l'image soit trop dure à lire, le cas échéant, actualisez la page jusqu'à avoir une image lisible.<br/> Si vous êtes dans l'incapacité de lire plusieurs images d'affilée, <a href="../contact.php">contactez-nous</a>, nous nous occuperons de votre inscription.</p> <label for="captcha" class="float">Entrez les 8 caractères (majuscules ou chiffres) contenus dans l'image :</label> <input type="text" name="captcha" id="captcha"><br/> <img src="captcha.php" /> </fieldset> <div class="center"><input type="submit" value="Inscription" /></div> </form> </div> <?php include('pdp.php'); ?> Un traitement : <?php try { $bdd = new PDO('mysql:host=localhost;dbname=sport', 'root', ''); $bdd -> setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); //Pour catcher d'éventuelle erreurs supp $req = "INSERT INTO membres(pseudo, mdp, mdp_verif, mail, mail_verif)"; $req .= " VALUES "; $req .= "(:pseudo, :mdp, :mdp_verif, :mail, :mail_verif)"; $req = $bdd -> prepare($req); $req->bindValue(':pseudo', $_POST['pseudo'], PDO::PARAM_STR); $req->bindValue(':mdp', $_POST['mdp'], PDO::PARAM_STR); $req->bindValue(':mdp_verif', $_POST['mdp_verif'], PDO::PARAM_STR); $req->bindValue(':mail', $_POST['mail'], PDO::PARAM_STR); $req->bindValue(':mail_verif', $_POST['mail_verif'], PDO::PARAM_STR); $req->execute(); } catch (Exception $e) { echo 'Erreur : ' . $e->getMessage(); } $_SESSION['erreurs'] = 0; include('fonctions.php'); //Pseudo if(isset($_POST['pseudo'])) { $pseudo = trim($_POST['pseudo']); $pseudo_result = checkpseudo($pseudo); if($pseudo_result == 'tooshort') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est trop court, vous devez en choisir un plus long (minimum 3 caractères).</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'toolong') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est trop long, vous devez en choisir un plus court (maximum 32 caractères).</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'exists') { $_SESSION['pseudo_info'] = '<span class="erreur">Le pseudo '.htmlspecialchars($pseudo, ENT_QUOTES).' est déjà pris, choisissez-en un autre.</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } else if($pseudo_result == 'ok') { $_SESSION['pseudo_info'] = ''; $_SESSION['form_pseudo'] = $pseudo; } else if($pseudo_result == 'empty') { $_SESSION['pseudo_info'] = '<span class="erreur">Vous n\'avez pas entré de pseudo.</span><br/>'; $_SESSION['form_pseudo'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //Mot de passe if(isset($_POST['mdp'])) { $mdp = trim($_POST['mdp']); $mdp_result = checkmdp($mdp, ''); if($mdp_result == 'tooshort') { $_SESSION['mdp_info'] = '<span class="erreur">Le mot de passe entré est trop court, changez-en pour un plus long (minimum 4 caractères).</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'toolong') { $_SESSION['mdp_info'] = '<span class="erreur">Le mot de passe entré est trop long, changez-en pour un plus court. (maximum 50 caractères)</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'nofigure') { $_SESSION['mdp_info'] = '<span class="erreur">Votre mot de passe doit contenir au moins un chiffre.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'noupcap') { $_SESSION['mdp_info'] = '<span class="erreur">Votre mot de passe doit contenir au moins une majuscule.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } else if($mdp_result == 'ok') { $_SESSION['mdp_info'] = ''; $_SESSION['form_mdp'] = $mdp; } else if($mdp_result == 'empty') { $_SESSION['mdp_info'] = '<span class="erreur">Vous n\'avez pas entré de mot de passe.</span><br/>'; $_SESSION['form_mdp'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //Mot de passe suite if(isset($_POST['mdp_verif'])) { $mdp_verif = trim($_POST['mdp_verif']); $mdp_verif_result = checkmdpS($mdp_verif, $mdp); if($mdp_verif_result == 'different') { $_SESSION['mdp_verif_info'] = '<span class="erreur">Le mot de passe de vérification diffère du mot de passe.</span><br/>'; $_SESSION['form_mdp_verif'] = ''; $_SESSION['erreurs']++; if(isset($_SESSION['form_mdp'])) unset($_SESSION['form_mdp']); } else { if($mdp_verif_result == 'ok') { $_SESSION['form_mdp_verif'] = $mdp_verif; $_SESSION['mdp_verif_info'] = ''; } else { $_SESSION['mdp_verif_info'] = str_replace('passe', 'passe de vérification', $_SESSION['mdp_info']); $_SESSION['form_mdp_verif'] = ''; $_SESSION['erreurs']++; } } } else { header('Location: ../index.php'); exit(); } //mail if(isset($_POST['mail'])) { $mail = trim($_POST['mail']); $mail_result = checkmail($mail); if($mail_result == 'isnt') { $_SESSION['mail_info'] = '<span class="erreur">Le mail '.htmlspecialchars($mail, ENT_QUOTES).' n\'est pas valide.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } else if($mail_result == 'exists') { $_SESSION['mail_info'] = '<span class="erreur">Le mail '.htmlspecialchars($mail, ENT_QUOTES).' est déjà pris, <a href="../contact.php">contactez-nous</a> si vous pensez à une erreur.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } else if($mail_result == 'ok') { $_SESSION['mail_info'] = ''; $_SESSION['form_mail'] = $mail; } else if($mail_result == 'empty') { $_SESSION['mail_info'] = '<span class="erreur">Vous n\'avez pas entré de mail.</span><br/>'; $_SESSION['form_mail'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //mail suite if(isset($_POST['mail_verif'])) { $mail_verif = trim($_POST['mail_verif']); $mail_verif_result = checkmailS($mail_verif, $mail); if($mail_verif_result == 'different') { $_SESSION['mail_verif_info'] = '<span class="erreur">Le mail de vérification diffère du mail.</span><br/>'; $_SESSION['form_mail_verif'] = ''; $_SESSION['erreurs']++; } else { if($mail_result == 'ok') { $_SESSION['mail_verif_info'] = ''; $_SESSION['form_mail_verif'] = $mail_verif; } else { $_SESSION['mail_verif_info'] = str_replace(' mail', ' mail de vérification', $_SESSION['mail_info']); $_SESSION['form_mail_verif'] = ''; $_SESSION['erreurs']++; } } } else { header('Location: ../index.php'); exit(); } //date de naissance if(isset($_POST['date_naissance'])) { $date_naissance = trim($_POST['date_naissance']); $date_naissance_result = birthdate($date_naissance); if($date_naissance_result == 'format') { $_SESSION['date_naissance_info'] = '<span class="erreur">Date de naissance au mauvais format ou invalide.</span><br/>'; $_SESSION['form_date_naissance'] = ''; $_SESSION['erreurs']++; } else if($date_naissance_result == 'tooyoung') { $_SESSION['date_naissance_info'] = '<span class="erreur">Agagagougougou areuh ? (Vous êtes trop jeune pour vous inscrire ici.)</span><br/>'; $_SESSION['form_date_naissance'] = ''; $_SESSION['erreurs']++; } else if($date_naissance_result == 'tooold') { $_SESSION['date_naissance_info'] = '<span class="erreur">Plus de 135 ans ? Mouais...</span><br/>'; $_SESSION['form_date_naissance'] = ''; $_SESSION['erreurs']++; } else if($date_naissance_result == 'invalid') { $_SESSION['date_naissance_info'] = '<span class="erreur">Le '.htmlspecialchars($date_naissance, ENT_QUOTES).' n\'existe pas.</span><br/>'; $_SESSION['form_date_naissance'] = ''; $_SESSION['erreurs']++; } else if($date_naissance_result == 'ok') { $_SESSION['date_naissance_info'] = ''; $_SESSION['form_date_naissance'] = $date_naissance; } else if($date_naissance_result == 'empty') { $_SESSION['date_naissance_info'] = '<span class="erreur">Vous n\'avez pas entré de date de naissance.</span><br/>'; $_SESSION['form_date_naissance'] = ''; $_SESSION['erreurs']++; } } else { header('Location: ../index.php'); exit(); } //captcha if($_POST['captcha'] == $_SESSION['captcha'] && isset($_POST['captcha']) && isset($_SESSION['captcha'])) { $_SESSION['captcha_info'] = ''; } else { $_SESSION['captcha_info'] = '<span class="erreur">Vous n\'avez pas recopié correctement le contenu de l\'image.</span><br/>'; $_SESSION['erreurs']++; } unset($_SESSION['reponse1'], $_SESSION['reponse2'], $_SESSION['reponse3']); unset($_SESSION['captcha']); /*************Fin étude******************/ if($_SESSION['erreurs'] > 0) { if($_SESSION['erreurs'] == 1) $_SESSION['nb_erreurs'] = '<span class="erreur">Il y a eu 1 erreur.</span><br/>'; else $_SESSION['nb_erreurs'] = '<span class="erreur">Il y a eu '.$_SESSION['erreurs'].' erreurs.</span><br/>'; ?> <h1>Inscription non validée.</h1> <p>Vous avez rempli le formulaire d'inscription du site et nous vous en remercions, cependant, nous n'avons pas pu valider votre inscription, en voici les raisons :<br/> <?php echo $_SESSION['nb_erreurs']; echo $_SESSION['pseudo_info']; echo $_SESSION['mdp_info']; echo $_SESSION['mdp_verif_info']; echo $_SESSION['mail_info']; echo $_SESSION['mail_verif_info']; echo $_SESSION['date_naissance_info']; echo $_SESSION['captcha_info']; if($sqlbug !== true) { ?> Nous vous proposons donc de revenir à la page précédente pour corriger les erreurs. (Attention, que vous l'ayez correctement remplie ou non, la partie sur la charte et l'image est à refaire intégralement.)</p> <div class="center"><a href="inscriptioncl.php">Retour</a></div> <?php } else { ?> Une erreur est survenue dans la base de données, votre formulaire semble ne pas contenir d'erreurs, donc il est possible que le problème vienne de notre côté, réessayez de vous inscrire ou contactez-nous.</p> <div class="center"><a href="inscription.php">Retenter une inscription</a> - <a href="contact.php">Contactez-nous</a></div> <?php } } ?> </div> <?php include('pdp.php'); ?> L'erreur suite à la validation : Erreur : SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry 'oliv' for key 'membre_pseudo' Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'SYSTEM'@'localhost' (using password: NO) in C:\wamp\www\SiteduBE\fonctions.php on line 159 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\wamp\www\SiteduBE\fonctions.php on line 159 Warning: mysql_query() [function.mysql-query]: Access denied for user 'SYSTEM'@'localhost' (using password: NO) in C:\wamp\www\SiteduBE\fonctions.php on line 5 Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in C:\wamp\www\SiteduBE\fonctions.php on line 5 Erreur SQL : Access denied for user 'SYSTEM'@'localhost' (using password: NO) Ligne : 5. Quelqu'un peux t il m'aider ?
-
Salut les zebulons, Avant toute chose quelqu'un pourrait il me dire comment inserer des codes php dans les messages pour que tout cela reste compréhensible? Merci
-
Bonjour à tous, Je viens de changer de fournisseur d'accés orange à la place de free J'ai un nom de domaine (www.cosmopinup.com) je ne peux plus recevoir et envoyer mes mlailsvia ma messagerie thunderbird. ma config pop et smtp ne semble pas bonne. Qqn connait il la marche à suivre? Merci de votre aide
-
Merci beaucoup ca marche A trés bientôt
-
Bonjour, J'ai créé un site web simple dans lequel j'ai inséré des questionnaires. Les réponses sont normalement redirigées vers mon e mail mais mon serveur m'indique une erreur lors de l' envoi des éponse. Voilà le lien vers le site www.ondea.fr le message d'erreur lors de l'envoit est : Parse error: syntax error, unexpected T_STRING in /srv/d_ondea/www/www.ondea.fr/htdocs/ciblecv.php on line 25 Le script est : <link rel="stylesheet" media="screen" type="text/css" title="Design" href="f.css" /> <div id="en_tete"> <div class="element_en_tete1"> </div> <?php $message = '<p>Bonjour </p> <p> Vous avez un message de la part de : '.$_POST['ent'].$_POST['ville/société'].' </p> <p> Ses coordonées sont : '.$_POST['civ'].$_POST['nom'].$_POST['prenom'].$_POST['Fonction'].$_POST['email'].$_POST['mobile'].$_POST'['fax].' </p> <p> Son adresse est : '.$_POST['adresse'].$_POST['code_postal'].$_POST['ville'].$_POST['Fonction'].' </p> <p> Son demande est du: '.$_POST['date1'].$_POST['date2'].' </p> <p> Pour des heures de : '.$_POST['recherche'].$_POST['durée'].' </p> <p> Nombre d'heures de surveillance : '.$_POST['h surv.'].' </p> <p> Nombre d'heures d'activités : '.$_POST['h act.'].' </p> <p> Planning souhaité : '.$_POST['Lundi'].$_POST['Mardi'].$_POST['Mercredi'].$_POST['Jeudi'].$_POST['Vendredi'].$_POST['Samedi'].$_POST['Dimanche'].' </p> <p> Autre planning : '.$_POST['exp plus'].' </p> $mail = '********@hotmail.fr'; $titre = 'Nouvelle demande'; mail($mail, $titre, $message); ?> Merci de votre aide Olivier
-
probleme de configuration serveur gandi
olly a répondu à un(e) sujet de olly dans Internet & Réseaux
Bonjour, Je suis client gandi et propriétaire d'un nom de domaine ondea.fr et d'un serveur chez eux ondea. J'aimerais savoir comment faire pour ajouter les modules necessaires pour heberger mon site web sur mon serveur (apache,php, mysql...) De plus j'ai un probléme zonecheck chez l'afnic qu'est ce que cela veut dire Merci de votre aide -
Bonjour, Je suis client gandi et propriétaire d'un nom de domaine ondea.fr et d'un serveur chez eux ondea. J'aimerais savoir comment faire pour ajouter les modules necessaires pour heberger mon site web sur mon serveur (apache,php, mysql...) De plus j'ai un probléme zonecheck chez l'afnic qu'est ce que cela veut dire Merci de votre aide
-
Salut appollo, voilà le rapport smtx SmitFraudFix v2.353 Rapport fait à 13:07:00,17, 23/09/2008 Executé à partir de C:\Documents and Settings\OLIVIER.FAMILLE\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6261\SAService.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\WINDOWS\system32\rundll32.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SiteAdvisor\6261\SiteAdv.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\System32\igfxtray.exe C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\hkcmd.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\OLIVIER.FAMILLE »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\OLIVIER.FAMILLE\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\OLIVIE~1.FAM\FAVORIS »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="file:///C:/DOCUME~1/OLIVIE~1.FAM/LOCALS~1/Temp/msohtml1/02/clip_image002.gif" "SubscribedURL"="file:///C:/DOCUME~1/OLIVIE~1.FAM/LOCALS~1/Temp/msohtml1/02/clip_image002.gif" "FriendlyName"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=dword:00000001 "AppInit_DLLs"="C:\\PROGRA~1\\Google\\GOOGLE~4\\GOEC62~1.DLL" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "system"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® PRO/Wireless LAN 2100 3B Mini PCI Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.27.40.241 DNS Server Search Order: 212.27.40.240 HKLM\SYSTEM\CCS\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.40.241 212.27.40.240 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin
-
Le rapport MBAM Malwarebytes' Anti-Malware 1.28 Version de la base de données: 1134 Windows 5.1.2600 Service Pack 2 23/09/2008 09:10:14 mbam-log-2008-09-23 (09-10-14).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 127649 Temps écoulé: 1 hour(s), 24 minute(s), 44 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 13 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60 85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{327cdf92-b6cf-4ef8-b655-a7660700f9cb}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{327cdf92-b6cf-4ef8-b655-a7660700f9cb}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{754a03ef-5984-4051-b321-c0604f09bbbc}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{95ac8f20-a5a1-499d-b4e5-2669f6f5f011}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a4af7727-b733-4e9f-83f8-6686b4b78ad9}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{a4af7727-b733-4e9f-83f8-6686b4b78ad9}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b946c7df-e6f8-4ebe-9a43-a36ff540e309}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{b946c7df-e6f8-4ebe-9a43-a36ff540e309}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ccfb204f-9996-42eb-98a3-f2da2b708ce1}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{ccfb204f-9996-42eb-98a3-f2da2b708ce1}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f732862a-ea9d-411b-ba2f-dc9483cde649}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{f732862a-ea9d-411b-ba2f-dc9483cde649}\NameServer (Trojan.DNSChanger) -> Data: 85.255.115.60,85.255.112.136 -> Quarantined and deleted successfully. Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) Et le dernier Hichjackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:17:36, on 23/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6261\SAService.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SiteAdvisor\6261\SiteAdv.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe C:\WINDOWS\System32\hkcmd.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/fr/index.php?rvs=h...&d=79919377 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [siteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HPWRTOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe "-i" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\AliasWavefront\Alias SketchBook Pro 1.0\SketchBookSnap.exe O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/OLIVIE~1.FAM/LOCALS~1/Temp/msohtml1/02/clip_image002.gif -- End of file - 10645 bytes Merci de ton aide Olivier
-
Le rapport fixwareout : Username "OLIVIER" - 22/09/2008 22:42:15 [Fixwareout edited 9/01/2007] ~~~~~ Prerun check Cache de résolution DNS vidé. System was rebooted successfully. ~~~~~ Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" .... .... ~~~~~ Misc files. .... ~~~~~ Checking for older varients. .... ~~~~~ Current runs (hklm hkcu "run" Keys Only) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BluetoothAuthenticationAgent"="rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent" "Wbutton"="\"C:\\Progra~1\\Launch Manager\\Wbutton.exe\"" "TabletWizard"="C:\\WINDOWS\\help\\SplshWrp.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\"" "PowerKey"="\"C:\\Progra~1\\Launch Manager\\PowerKey.exe\"" "LaunchAp"="C:\\Progra~1\\Launch Manager\\LaunchAp.exe" "CtrlVol"="C:\\Progra~1\\Launch Manager\\CtrlVol.exe" "AGRSMMSG"="AGRSMMSG.exe" "AcerNotebookManager"="C:\\Program Files\\Acer\\Notebook Manager\\almxptray.exe" "Wise Backlight"="\"C:\\Program Files\\Wise Backlight\\wsbklite.exe\"" "TabletTip"="\"C:\\Program Files\\Fichiers communs\\microsoft shared\\ink\\tabtip.exe\" /resume" "SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe" "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe" "SiteAdvisor"="\"C:\\Program Files\\SiteAdvisor\\6261\\SiteAdv.exe\"" "LtMoh"="C:\\Program Files\\ltmoh\\Ltmoh.exe" "LaunchApp"="LaunApp" "IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe" "HPWRTOOLBOX"="C:\\Program Files\\Hewlett-Packard\\hp deskjet 460 series\\Toolbox\\HPWRTBX.exe \"-i\"" "HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe" "HotkeyApp"="C:\\Progra~1\\Launch Manager\\HotkeyApp.exe" "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup" "mcagent_exe"="C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe /runkey" "Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"" "KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\ 65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00 "SsAAD.exe"="C:\\PROGRA~1\\Sony\\SONICS~1\\SsAAD.exe" "NeroCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zinio DLM"="C:\\Program Files\\Zinio\\ZDLM.exe /hide " "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "msnmsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background" "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe" .... Hosts file was reset, If you use a custom hosts file please replace it... ~~~~~ End report ~~~~~ Et hijackthis : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:54:50, on 22/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6261\SAService.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\WINDOWS\system32\rundll32.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SiteAdvisor\6261\SiteAdv.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\System32\igfxtray.exe C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe C:\WINDOWS\System32\hkcmd.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/fr/index.php?rvs=h...&d=79919377 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [siteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HPWRTOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe "-i" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\AliasWavefront\Alias SketchBook Pro 1.0\SketchBookSnap.exe O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/OLIVIE~1.FAM/LOCALS~1/Temp/msohtml1/02/clip_image002.gif -- End of file - 10860 bytes Merci infiniment de ta réponse et de ton aide Olivier
-
Bonjour, Je vous remercie de bien vouloir analyser ce rapport : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:19:58, on 22/09/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SiteAdvisor\6261\SiteAdv.exe C:\Program Files\ltmoh\Ltmoh.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\WINDOWS\System32\igfxtray.exe C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe C:\WINDOWS\System32\hkcmd.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\SiteAdvisor\6261\SAService.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/fr/index.php?rvs=h...&d=79919377 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6261\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [siteAdvisor] "C:\Program Files\SiteAdvisor\6261\SiteAdv.exe" O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HPWRTOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe "-i" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\AliasWavefront\Alias SketchBook Pro 1.0\SketchBookSnap.exe O4 - Global Startup: Image Transfer.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6261\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/OLIVIE~1.FAM/LOCALS~1/Temp/msohtml1/02/clip_image002.gif -- End of file - 10758 bytes Merci pour votre aide
-
Re bonjour, J'ai une formule dans laquelle se trouve une constante, répétée des centaines de fois. Y a t il un moyen pour modifier la constante à chaque nouveaux fichiers ouvert ou chaque nouvelle feuille ouverte ? la formule est =NB.SI($B4:$U4;"SDE") la constante à changer est SDE Avez vous une solution? Merci pour tout
-
comment copier une formule dans un autre classeur ?
olly a répondu à un(e) sujet de olly dans Programmation
Bonsoir, Merci de votre aide c'est résolu A bientôt -
comment copier une formule dans un autre classeur ?
olly a répondu à un(e) sujet de olly dans Programmation
Merci de ton aide j'ai trouvé une solution. Par contre sais tu comment dans un tableau changer automatiquement des variables comprises entre " " ou aprés $ ? Merci pour ta réponse -
comment copier une formule dans un autre classeur ?
olly a répondu à un(e) sujet de olly dans Programmation
Dans un premier classeur je nomme une cellule dans un plage donnée par exemple je nomme une cellule de la plage A1 à E1 SDE. J'ai besoin qu'une celllule d'un autre classeur analyse la plage du premier et la retrouve. La formule fonctionne sur la même feuille de calcul mais ne fonctionne plus quand je veux la copier dans un autre classeur. Est ce plus clair pour toi ? Merci de ton aide -
Bonjour, Comment puis je copiercette formule =NB.SI($A$1:$E$1;"sde") sans la modifier dans un autre classeur ? Merci de votre aide
-
Bonjour et bonnes fêtes à tous, Merci de bien vouloir analyser ce rapport : "(source:Logfile of HijackThis v1.99.1 Scan saved at 19:26:24, on 30/12/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\Program Files\SiteAdvisor\6253\SAService.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe C:\WINDOWS\system32\rundll32.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SiteAdvisor\6253\SiteAdv.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\System32\igfxtray.exe C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe C:\WINDOWS\System32\hkcmd.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\eMule\emule.exe C:\Program Files\Google\Google Updater\GoogleUpdater.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Documents and Settings\OLIVIER.FAMILLE\Bureau\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast2.com/index.php?rvs=hompag R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6253\SiteAdv.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HPWRTOOLBOX] C:\Program Files\Hewlett-Packard\hp deskjet 460 series\Toolbox\HPWRTBX.exe "-i" O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: loginkey - C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: Service SiteAdvisor (SiteAdvisor Service) - Unknown owner - C:\Program Files\SiteAdvisor\6253\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) )" Merci par avance
-
Bonsoir messieurs, Merci de bien vouloir analyser ce rapport : Vous tapez Il s'affiche Merci
-
Bonsoir, Navré le voici ComboFix 07-08-09.3 - "OLIVIER" 2007-08-11 20:20:09.2 - FAT32x86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.132 [GMT 2:00] ((((((((((((((((((((((((( Files Created from 2007-07-11 to 2007-08-11 ))))))))))))))))))))))))))))))) 2007-08-09 20:14 53,248 --a------ C:\WINDOWS\system32\Process.exe 2007-08-09 20:14 51,200 --a------ C:\WINDOWS\system32\dumphive.exe 2007-08-09 20:14 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe 2007-08-09 19:53 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-08-09 19:44 4,044 --a------ C:\WINDOWS\system32\tmp.reg 2007-08-09 19:30 10,673 --a------ C:\dnsbak.reg 2007-07-29 23:41 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-07-29 20:14 552 --a------ C:\WINDOWS\system32\d3d8caps.dat 2007-07-29 19:49 <REP> d-------- C:\WINDOWS\pss 2007-07-28 21:15 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP 2007-07-21 23:44 <REP> d-------- C:\Program Files\Fichiers communs\3DO Shared 2007-07-21 23:44 <REP> d-------- C:\Program Files\3DO 2007-07-19 23:40 <REP> d-------- C:\DOCUME~1\OLIVIER\APPLIC~1\WinRAR 2007-07-18 23:48 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-08-09 23:25 1660 --a------ C:\WINDOWS\bthservsdp.dat 2007-07-14 17:20 76480 --a------ C:\WINDOWS\system32\perfc00C.dat 2007-07-14 17:20 471280 --a------ C:\WINDOWS\system32\perfh00C.dat 2007-05-16 17:13 86528 --------- C:\WINDOWS\system32\dllcache\directdb.dll 2007-05-16 17:13 85504 --------- C:\WINDOWS\system32\dllcache\wabimp.dll 2007-05-16 17:13 683520 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-05-16 17:13 683520 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll 2007-05-16 17:13 510976 --------- C:\WINDOWS\system32\dllcache\wab32.dll 2007-05-16 17:13 1314816 --------- C:\WINDOWS\system32\dllcache\msoe.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TabletTip"="C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" [2004-08-19 16:10] "LaunchApp"="LaunApp" [] "IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2003-08-28 06:32] "HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2003-08-28 06:19] "SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2002-11-15 17:40] "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2002-11-18 09:34] "AcerNotebookManager"="C:\Program Files\Acer\Notebook Manager\almxptray.exe" [2003-03-05 09:54] "LaunchAp"="C:\Progra~1\Launch Manager\LaunchAp.exe" [2003-05-12 14:28] "PowerKey"="C:\Progra~1\Launch Manager\PowerKey.exe" [2002-08-30 15:02] "HotkeyApp"="C:\Progra~1\Launch Manager\HotkeyApp.exe" [2003-05-16 11:49] "CtrlVol"="C:\Progra~1\Launch Manager\CtrlVol.exe" [2003-05-12 15:05] "Wbutton"="C:\Progra~1\Launch Manager\Wbutton.exe" [2003-03-12 11:19] "Wise Backlight"="C:\Program Files\Wise Backlight\wsbklite.exe" [2003-10-22 15:27] "AGRSMMSG"="AGRSMMSG.exe" [2003-02-14 11:59 C:\WINDOWS\AGRSMMSG.exe] "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2002-11-25 10:23] "TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [2004-08-19 16:10] "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-19 16:10 C:\WINDOWS\system32\bthprops.cpl] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00] "NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2002-10-08 11:03] "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2003-03-04 17:09] "MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 17:30] "SiteAdvisor"="C:\Program Files\SiteAdvisor\6066\SiteAdv.exe" [2007-03-05 21:10] "SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 02:36] "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09] "Zinio DLM"="C:\Program Files\Zinio\ZDLM.exe" [] "ChkMail"="hR?" [] "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey] C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll 2004-08-19 16:09 47104 C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL] TabBtnWL.dll 2002-08-29 11:45 11776 C:\WINDOWS\system32\tabbtnwl.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify] tpgwlnot.dll 2004-08-19 16:09 30208 C:\WINDOWS\system32\tpgwlnot.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R0 BsStor;InCD Storage Helper Driver;C:\WINDOWS\system32\DRIVERS\bsstor.sys R0 sbp2port;Pilote de bus de transport/protocole SBP-2;C:\WINDOWS\system32\DRIVERS\sbp2port.sys R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys R1 MPFP;MPFP;C:\WINDOWS\system32\Drivers\Mpfp.sys R1 StarOpen;StarOpen;C:\WINDOWS\system32\drivers\StarOpen.sys R1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys R1 WSBKLITE;WSBKLITE;C:\WINDOWS\system32\drivers\WSBKLITE.sys R2 acernbm;acernbm;C:\WINDOWS\system32\drivers\acernbm.sys R2 BsUDF;InCD UDF Driver;C:\WINDOWS\system32\drivers\BsUDF.sys R2 MASPINT;MASPINT;C:\WINDOWS\system32\drivers\MASPINT.sys R2 SVKP;SVKP;\??\C:\WINDOWS\System32\SVKP.sys R3 BTHMODEM;Pilote de communication série Bluetooth;C:\WINDOWS\system32\DRIVERS\bthmodem.sys R3 HBtnKey;Acer Tablet PC Keyboard Buttons HID Driver;C:\WINDOWS\system32\DRIVERS\AcerTBtn.sys R3 POWERKEY;POWERKEY;\??\C:\Progra~1\Launch Manager\POWERKEY.sys R3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM);C:\WINDOWS\system32\DRIVERS\rfcomm.sys R3 w70n51;Pilote Intel® PRO/Wireless 7100 Adapter;C:\WINDOWS\system32\DRIVERS\w70n51.sys R3 WacomPen;Pilote de tablette Wacom à stylet série;C:\WINDOWS\system32\DRIVERS\wacompen.sys S2 Windows Languages Service;Microsoft Languages Service;"C:\WINDOWS\csrss.exe" S3 flash;flash;\??\C:\WINDOWS\System32\drivers\flash.sys S3 LEX_AS_NIC_SERVICE;LAN-Express IEEE 802.11a/b Wireless Network Adapter Service;C:\WINDOWS\system32\DRIVERS\Expsab2.sys S3 NTIDrvr;Upper Class Filter Driver;C:\WINDOWS\system32\DRIVERS\NTIDrvr.sys S3 SQLAgent$MICROSOFTBCM;SQLAgent$MICROSOFTBCM;C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlagent.EXE -i MICROSOFTBCM S3 wceusbsh;Windows CE USB Serial Host Driver;C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs BthServ Contents of the 'Scheduled Tasks' folder 2007-03-26 08:36:26 C:\WINDOWS\Tasks\McQcTask.job - c:\program files\mcafee\mqc\QcConsol.exe 2007-04-14 23:00:02 C:\WINDOWS\Tasks\McDefragTask.job - c:\program files\mcafee\mqc\QcConsol.exe 2007-08-10 12:42:02 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job ************************************************************************** catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-11 20:24:10 Windows 5.1.2600 Service Pack 2 FAT NTAPI scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-08-11 20:26:59 C:\ComboFix-quarantined-files.txt ... 2007-08-11 20:26 --- E O F --- Merci de ta compréhension
-
Voilà les rapports dans l'ordre : MsLook.exe execute le : 09/08/2007 19:29:00,94 REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state] "system.ini"=dword:00000000 "win.ini"=dword:00000000 "bootini"=dword:00000002 "services"=dword:00000000 "startup"=dword:00000000 rUsername "OLIVIER" - 2007-08-09 19:30:20 [Fixwareout edited 2007/07/05] »»»»»Prerun check HKLM\SOFTWARE\~\Winlogon\ "System"="kdfkb.exe" HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{327CDF92-B6CF-4EF8-B655-A7660700F9CB} "nameserver"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9} "nameserver"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309} "nameserver"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1} "nameserver"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{F732862A-EA9D-411B-BA2F-DC9483CDE649} "nameserver"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{754A03EF-5984-4051-B321-C0604F09BBBC} "DhcpNameServer"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309} "DhcpNameServer"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1} "DhcpNameServer"="85.255.115.60,85.255.112.136" <Value cleared. HKEY_LOCAL_MACHINE\system\currentcontrolset\services\tcpip\parameters\interfaces\{F732862A-EA9D-411B-BA2F-DC9483CDE649} "DhcpNameServer"="85.255.115.60,85.255.112.136" <Value cleared. Cache de résolution DNS vidé. System was rebooted successfully. »»»»» Postrun check HKLM\SOFTWARE\~\Winlogon\ "system"="" .... .... »»»»» Misc files. SmitFraudFix v2.210 Rapport fait à 19:44:31,63, 09/08/2007 Executé à partir de C:\Documents and Settings\OLIVIER\Bureau\sm\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\WinRAR\WinRAR.exe C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe C:\Program Files\WinRAR\WinRAR.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS C:\WINDOWS\drsmartload2.dat PRESENT ! C:\WINDOWS\keyboard1.dat PRESENT ! C:\WINDOWS\newname.dat PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\OLIVIER »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\OLIVIER\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\OLIVIER\Favoris C:\DOCUME~1\OLIVIER\Favoris\Online Security Test.url PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8670ee50-01f9-47da-ac1e-cf8549e9e521}"="eupeptic" »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=dword:00000001 "AppInit_DLLs"="" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "system"="" »»»»»»»»»»»»»»»»»»»»»»»» Rustock »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: Intel® PRO/Wireless LAN 2100 3B Mini PCI Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 212.27.54.252 DNS Server Search Order: 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{754A03EF-5984-4051-B321-C0604F09BBBC}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F732862A-EA9D-411B-BA2F-DC9483CDE649}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F732862A-EA9D-411B-BA2F-DC9483CDE649}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS2\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.198.2.51 212.198.0.91 HKLM\SYSTEM\CS3\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.60 85.255.112.136 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.198.2.51 212.198.0.91 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin SmitFraudFix v2.210 Rapport fait à 19:51:40,95, 09/08/2007 Executé à partir de C:\Documents and Settings\OLIVIER\Bureau\sm\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est FAT32 Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{8670ee50-01f9-47da-ac1e-cf8549e9e521}"="eupeptic" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés C:\WINDOWS\drsmartload2.dat supprimé C:\WINDOWS\keyboard1.dat supprimé C:\WINDOWS\newname.dat supprimé C:\DOCUME~1\OLIVIER\Favoris\Online Security Test.url supprimé »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CCS\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{754A03EF-5984-4051-B321-C0604F09BBBC}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F732862A-EA9D-411B-BA2F-DC9483CDE649}: DhcpNameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS1\Services\Tcpip\..\{F732862A-EA9D-411B-BA2F-DC9483CDE649}: NameServer=85.255.115.60,85.255.112.136 HKLM\SYSTEM\CS2\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.198.2.51 212.198.0.91 HKLM\SYSTEM\CS3\Services\Tcpip\..\{95AC8F20-A5A1-499D-B4E5-2669F6F5F011}: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: NameServer=85.255.115.60 85.255.112.136 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=212.198.2.51 212.198.0.91 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.54.252 212.27.53.252 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "system"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Logfile of HijackThis v1.99.1 Scan saved at 20:17:30, on 09/08/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe C:\WINDOWS\System32\tabbtnu.exe C:\WINDOWS\Explorer.EXE c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\WINDOWS\System32\igfxtray.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\OLIVIER\LOCALS~1\Temp\Rar$EX00.634\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ChkMail] hR? O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - Startup: Registration-Studio 8 SE.lnk = ? O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\AliasWavefront\Alias SketchBook Pro 1.0\SketchBookSnap.exe O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: loginkey - C:\Program Files\Fichiers communs\Microsoft Shared\Ink\loginkey.dll O20 - Winlogon Notify: TabBtnWL - C:\WINDOWS\SYSTEM32\TabBtnWL.dll O20 - Winlogon Notify: tpgwlnotify - C:\WINDOWS\SYSTEM32\tpgwlnot.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) Merci
-
Bonsoir gof, Merci de ton attention Dois je effectuer les opérations en mode sans echec ?
-
Bonsoir Messieurs, Merci de bien vouloir analyser ce rapport Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\KeyboardSurrogate.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe C:\PROGRA~1\McAfee\MSC\mcpromgr.exe c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\McAfee\MPF\MPFSrv.exe C:\PROGRA~1\McAfee\MPS\mps.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Microsoft SQL Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe C:\Program Files\SiteAdvisor\6066\SAService.exe C:\WINDOWS\SYSTEM32\WISPTIS.EXE C:\WINDOWS\System32\tabbtnu.exe C:\Program Files\McAfee\MPS\mpsevh.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TCServer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\igfxtray.exe C:\Program Files\Fichiers communs\Microsoft Shared\Ink\TabTip.exe C:\WINDOWS\System32\hkcmd.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Notebook Manager\almxptray.exe C:\Progra~1\Launch Manager\LaunchAp.exe C:\Progra~1\Launch Manager\PowerKey.exe C:\Progra~1\Launch Manager\HotkeyApp.exe C:\Progra~1\Launch Manager\CtrlVol.exe C:\Progra~1\Launch Manager\Wbutton.exe C:\Program Files\Wise Backlight\wsbklite.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\ltmoh\Ltmoh.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Ahead\InCD\InCD.exe C:\Program Files\McAfee\MSK\MskAgent.exe C:\Program Files\SiteAdvisor\6066\SiteAdv.exe C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\WinRAR\WinRAR.exe C:\DOCUME~1\OLIVIER\LOCALS~1\Temp\Rar$EX01.431\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: (no name) - {02EE5B04-F144-47BB-83FB-A60BD91B74A9} - (no file) O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: (no name) - {CF46BFB3-2ACC-441b-B82B-36B9562C7FF1} - C:\WINDOWS\system32\__c00A8DC.dat O2 - BHO: (no name) - {D61D7E1A-6613-49CA-B6F9-51DB248E209D} - C:\Program Files\Video ActiveX Access\iesplg.dll (file missing) O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6066\SiteAdv.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} - C:\Program Files\Video ActiveX Access\iesbpl.dll (file missing) O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Fichiers communs\microsoft shared\ink\tabtip.exe" /resume O4 - HKLM\..\Run: [LaunchApp] LaunApp O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\System32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe O4 - HKLM\..\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [AcerNotebookManager] C:\Program Files\Acer\Notebook Manager\almxptray.exe O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe" O4 - HKLM\..\Run: [HotkeyApp] C:\Progra~1\Launch Manager\HotkeyApp.exe O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe" O4 - HKLM\..\Run: [Wise Backlight] "C:\Program Files\Wise Backlight\wsbklite.exe" O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe O4 - HKLM\..\Run: [newname] c:\\nwnmff_e8.exe O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [inCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe O4 - HKLM\..\Run: [siteAdvisor] C:\Program Files\SiteAdvisor\6066\SiteAdv.exe O4 - HKLM\..\Run: [ssAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [update] C:\Program Files\AntiVir PersonalEdition Classic\preupd.exe /CALLSCHEDULER /DM="0" /CALLSCHEDULER O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Zinio DLM] C:\Program Files\Zinio\ZDLM.exe /hide O4 - HKCU\..\Run: [ChkMail] hR? O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKLM\..\Policies\Explorer\Run: [isamonitor.exe] C:\Program Files\Video ActiveX Object\isamonitor.exe O4 - HKLM\..\Policies\Explorer\Run: [none] C:\Program Files\Video ActiveX Object\pmsngr.exe O4 - HKLM\..\Policies\Explorer\Run: [rare] C:\Program Files\Video ActiveX Access\imsmain.exe O4 - HKLM\..\Policies\Explorer\Run: [user32.dll] C:\Program Files\Video ActiveX Access\iesmn.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Registration-Studio 8 SE.lnk = ? O4 - Global Startup: SketchBook Snapshot.lnk = C:\Program Files\AliasWavefront\Alias SketchBook Pro 1.0\SketchBookSnap.exe O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/m...01/mcinsctl.cab O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/m...,26/mcgdmgr.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CCS\Services\Tcpip\..\{A4AF7727-B733-4E9F-83F8-6686B4B78AD9}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CCS\Services\Tcpip\..\{B946C7DF-E6F8-4EBE-9A43-A36FF540E309}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CCS\Services\Tcpip\..\{CCFB204F-9996-42EB-98A3-F2DA2B708CE1}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CCS\Services\Tcpip\..\{F732862A-EA9D-411B-BA2F-DC9483CDE649}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.60 85.255.112.136 O17 - HKLM\System\CS1\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CS2\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O17 - HKLM\System\CS3\Services\Tcpip\..\{327CDF92-B6CF-4EF8-B655-A7660700F9CB}: NameServer = 85.255.115.60,85.255.112.136 O20 - Winlogon Notify: SharedDLLs - C:\WINDOWS\system32\scgina.dll (file missing) O20 - Winlogon Notify: ShellScrap - C:\WINDOWS\system32\scgina.dll (file missing) O20 - Winlogon Notify: WebCheck - C:\WINDOWS\system32\scgina.dll (file missing) O21 - SSODL: eupeptic - {8670ee50-01f9-47da-ac1e-cf8549e9e521} - (no file) O22 - SharedTaskScheduler: eupeptic - {8670ee50-01f9-47da-ac1e-cf8549e9e521} - (no file) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\emproxy.exe O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\HackerWatch\HWAPI.exe O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\redirsvc.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe O23 - Service: SiteAdvisor Service - McAfee, Inc. - C:\Program Files\SiteAdvisor\6066\SAService.exe O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe O23 - Service: Microsoft Languages Service (Windows Languages Service) - Unknown owner - C:\WINDOWS\csrss.exe (file missing) -- End of file - 14518 bytes Merci par avance de votre réponse olly
-
Bonsoir, Je posséde un combo externe xp charge le driver mais ne peut communiquer avec le périphérique. Que faire ? Merci de votre réponse