Répondre à : Infection de la clé USB par le réseau du lycée 2016-09-08T13:18:40+00:00
Anonyme
Post count: 0
  • Relance OTL.
  • Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).

    PRC - [2013/09/22 12:57:32 | 000,220,960 | ---- | M] (Conduit) -- C:Program Files (x86)SearchProtectbinCltMngSvc.exe
    SRV - [2013/05/07 09:16:21 | 000,128,000 | ---- | M] (Yuna Software) [Auto | Running] -- C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe -- (MsgPlusService)
    IE - HKLM..URLSearchHook: {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
    IE - HKUS-1-5-21-1801287562-564321180-1989298946-1000..URLSearchHook: {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
    IE - HKUS-1-5-21-1801287562-564321180-1989298946-1000..SearchScopes{933D10A8-5E5A-450D-98A6-AB0B9890B866}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
    CHR - plugin: Babylon ToolBar (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsdhkplhfnhceodhffomolpfigojocbpcb1.7_0BabylonChromeToolBar.dll
    CHR - plugin: Conduit Chrome Plugin (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsojpijjmpahflnipadmlpgbjmagmjchkk10.11.21.5_0plugins/ConduitChromeApiPlugin.dll
    CHR - plugin: Conduit Radio Plugin (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsojpijjmpahflnipadmlpgbjmagmjchkk10.11.21.5_0plugins/np-cwmp.dll
    O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
    O2 - BHO: (Vuze Remote B Toolbar) - {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM..Toolbar: (Vuze Remote B Toolbar) - {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
    O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
    O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {3D4D238C-9C48-47CD-A95C-53259ACF9E56} - No CLSID value found.
    O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {59994074-C06D-4A75-9768-49E5A8C21264} - No CLSID value found.
    O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {77F8C945-4B74-4BD6-A073-E0D1997EDCE8} - No CLSID value found.
    O4 - HKLM..Run: [MessengerPlusForSkypeService] C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe (Yuna Software)
    O4 - HKLM..Run: [NPSStartup] File not found
    O4 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..Run: [SearchProtect] C:UsersAlexisAppDataRoamingSearchProtectbincltmng.exe (Conduit)
    O4 - Startup: C:UsersAlexisAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupNotification de cadeaux MSN.lnk = File not found
    MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= - File not found
    MsConfig:64bit - StartUpReg: Bubble Dock - hkey= - key= - File not found
    MsConfig:64bit - StartUpReg: MessengerPlusForSkypeService - hkey= - key= - C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe (Yuna Software)

    :files
    C:UsersAlexisAppDataLocalTemp*.*
    C:UsersAlexisAppDataLocalTemp*
    C:UsersAlexisAppDataRoamingAzureuspluginsazemp
    C:UsersAlexisAppDataRoaming.#
    C:UsersAlexisAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    C:UsersAlexisAppDataLocal{D086BCB8-5112-4AA3-83F3-FC4534B737CA}
    C:UsersPublicDesktopVuze.lnk
    C:ProgramDataConduit
    C:Program Files (x86)Vuze_Remote_B
    C:UsersAlexisAppDataLocalWhiteListing
    C:Program Files (x86)SearchProtect
    C:UsersAlexisAppDataRoamingSearchProtect
    C:UsersAlexisAppDataLocalNativeMessaging
    C:UsersAlexisAppDataLocalConduit
    C:Program Files (x86)Conduit
    C:Program Files (x86)Vuze
    C:UsersAlexisAppDataRoamingSearchProtect
    C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsdhkplhfnhceodhffomolpfigojocbpcb
    C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsojpijjmpahflnipadmlpgbjmagmjchkk
    C:Program Files (x86)SearchProtect
    C:Program Files (x86)Yuna Software
    C:Program Files (x86)Vuze_Remote_B

    :Commands
    [emptytemp]
    [emptyflash]
    [resethosts]
    [reboot]

  • Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:
  • Redemarre le pc et poste le rapport dans ta prochaine réponse.
  • Le rapport est sauvegardé sous C:_OTLMovedFilesdate_heure.log