Répondre à : Infection de la clé USB par le réseau du lycée 2016-09-08T13:18:40+00:00
Anonyme
Nombre d'articles : 0

Recommence la même opération, mais avec ce script stp :


:OTL
PRC - [2013/09/22 12:57:32 | 000,220,960 | ---- | M] (Conduit) -- C:Program Files (x86)SearchProtectbinCltMngSvc.exe
SRV - [2013/05/07 09:16:21 | 000,128,000 | ---- | M] (Yuna Software) [Auto | Running] -- C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe -- (MsgPlusService)
IE - HKLM..URLSearchHook: {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
IE - HKUS-1-5-21-1801287562-564321180-1989298946-1000..URLSearchHook: {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
IE - HKUS-1-5-21-1801287562-564321180-1989298946-1000..SearchScopes{933D10A8-5E5A-450D-98A6-AB0B9890B866}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2504091
CHR - plugin: Babylon ToolBar (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsdhkplhfnhceodhffomolpfigojocbpcb1.7_0BabylonChromeToolBar.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsojpijjmpahflnipadmlpgbjmagmjchkk10.11.21.5_0plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Conduit Radio Plugin (Enabled) = C:UsersAlexisAppDataLocalGoogleChromeUser DataDefaultExtensionsojpijjmpahflnipadmlpgbjmagmjchkk10.11.21.5_0plugins/np-cwmp.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (Vuze Remote B Toolbar) - {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
O3 - HKLM..Toolbar: (Vuze Remote B Toolbar) - {4cf23ae3-2b7c-4d43-b7d2-2dd1158d7af4} - C:Program Files (x86)Vuze_Remote_BprxtbVuze.dll (Conduit Ltd.)
O3 - HKLM..Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {3D4D238C-9C48-47CD-A95C-53259ACF9E56} - No CLSID value found.
O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {59994074-C06D-4A75-9768-49E5A8C21264} - No CLSID value found.
O3 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..ToolbarWebBrowser: (no name) - {77F8C945-4B74-4BD6-A073-E0D1997EDCE8} - No CLSID value found.
O4 - HKLM..Run: [MessengerPlusForSkypeService] C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe (Yuna Software)
O4 - HKLM..Run: [NPSStartup] File not found
O4 - HKUS-1-5-21-1801287562-564321180-1989298946-1000..Run: [SearchProtect] C:UsersAlexisAppDataRoamingSearchProtectbincltmng.exe (Conduit)
O4 - Startup: C:UsersAlexisAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupNotification de cadeaux MSN.lnk = File not found
MsConfig:64bit - StartUpReg: BabylonToolbar - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: Bubble Dock - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: MessengerPlusForSkypeService - hkey= - key= - C:Program Files (x86)Yuna SoftwareMessenger Plus! for SkypeMsgPlusForSkypeService.exe (Yuna Software)

:Commands
[reboot]