Evasion60Evasion60
Participant
Nombre d'articles : 1559

:hello: Re

/! Pas du tout évident, car nbreux inutiles, mais pas vraiment d’infections !
Par contre, il y a des erreurs disque dur

  • Lance OTL, exécuter en tant qu’administrateur sous Windows : 7/8 et Vista
  • Coche les cases suivantes :
    • Tous les utilisateurs
    • Rapport minimal

  • Copie et colle le Script Helper dans la partie inférieure d’OTL “Personnalisation”
    :OTL
    IE - HKLMSOFTWAREMicrosoftInternet ExplorerMain,Secondary Start Pages = Reg Error: Value error.
    IE - HKLM..SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Toolbar.Bing
    FF - HKLMSoftwareMozillaPlugins@adobe.com/FlashPlayer: C:windowssystem32MacromedFlashNPSWF64_11_7_700_224.dll File not found
    FF - HKLMSoftwareMozillaPlugins@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegisteredNP_wtapp.dll () => WildTangent Games
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll (Google Inc.) => Toolbar.Google
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
    O3 - HKLM..Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll File not found
    O4 - HKUS-1-5-19..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
    O4 - HKUS-1-5-20..RunOnce: [mctadmin] C:WindowsSystem32mctadmin.exe File not found
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:windowssystem32GPhotos.scr/200 File not found
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    [2013/08/28 02:27:54 | 000,000,000 | ---D | C] -- C:Program FilesBitdefender
    [2013/08/28 02:17:27 | 000,000,000 | ---D | C] -- C:Program FilesCommon FilesBitdefender
    [2013/09/10 22:59:02 | 000,000,964 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User
    [2013/09/10 22:46:00 | 000,000,924 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User
    [2013/09/10 19:59:01 | 000,000,942 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User
    [2013/09/10 19:46:00 | 000,000,902 | ---- | M] () -- C:windowstasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User
    [2013/08/27 01:23:47 | 000,005,120 | -HS- | M] () -- C:windowssystem32configsystemprofileNtUser.dat.LOG1 => Fichiers de rapport (Log)
    [2013/08/27 01:23:47 | 000,000,000 | -HS- | M] () -- C:windowssystem32configsystemprofileNtUser.dat.LOG2 => Fichiers de rapport (Log)
    [2013/09/01 08:53:59 | 000,118,378 | ---- | M] () -- C:windowsServiceProfilesNetworkServiceAppDataLocalTempMpCmdRun.log => Fichiers de rapport (Log)
    [2012/11/30 19:41:37 | 000,000,902 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000Core.job => Facebook Update Task User
    [2012/11/30 19:41:38 | 000,000,924 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-1000UA.job => Facebook Update Task User
    [2013/06/09 19:54:14 | 000,000,942 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500Core.job => Facebook Update Task User
    [2013/06/09 19:54:15 | 000,000,964 | ---- | C] () -- C:windowsTasksFacebookUpdateTaskUserS-1-5-21-3799678134-1094475672-2913924675-500UA.job => Facebook Update Task User
    CLSID{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
    "{4DABD610-3B48-4571-A458-6828314BC363}" = protocol=17 | dir=in | app=c:program files (x86)goforfilesgoforfilesdl.exe | => Peer2Peer.GoforFiles
    "{5FA31665-3E66-4220-85A5-0C9BA627A14D}" = protocol=6 | dir=in | app=c:program files (x86)goforfilesgoforfilesdl.exe | => Peer2Peer.GoforFiles
    "{AA963096-F3BC-4368-BAA0-7E239935E4A4}" = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
    "{AEF5129C-0FC3-4689-B079-5A405AE5F8F2}" = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
    "{C6D80F91-5525-40DC-A9DA-CE1E2178ED30}" = protocol=6 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
    "{C9C9FB32-734D-43F5-A330-24F763A9F2A0}" = protocol=17 | dir=in | app=c:program files (x86)utorrentutorrent.exe | => P2P.µTorrent*
    "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java 6 Update 30 => Oracle
    :Commands
    [emptytemp]
    [emptyflash]
    [purity]
    [reboot]
    [resethost]
    [CREATERESTOREPOINT]

  • Clique sur Correction

  • OTL peut te demander de redémarrer, si c’est le cas fait le immédiatement !
  • Une fois le scan terminé 1 rapport va s’ouvrir ¤¤¤¤¤¤¤¤¤¤¤.log.
  • Copie et colle le contenu du rapport sur le forum.

    Note : Au cas où, tu peux les retrouver dans le dossier C:OTL ou sur ton bureau en fonction des cas rencontrés

A te lire avec son rapport ;)