Virus Facebook 2013-02-20T14:43:55+00:00
  • Auteur
    Messages
  • Lou12345
    Participant
    Post count: 20

    http://cjoint.com/?CDDk2XEdlu6” onclick=”window.open(this.href);return false; Voila, j’espère que je ne me suis pas trompée.

  • Anonyme
    Post count: 0
  • Lou12345
    Participant
    Post count: 20

    D: -> CD-ROM
    E: -> CD-ROM

    ################## | El Desaparecido Section |

    HKLMSOFTWARE | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWARE | Run : [GrooveMonitor] – “C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWARE | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWARE | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWARE | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWARE | Run : [UnlockerAssistant] – “C:Program Files (x86)UnlockerUnlockerAssistant.exe”
    HKLMSOFTWARE | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWARE | Run : [EEventManager] – “C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe”
    HKLMSOFTWARE | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWARE | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    HKLMSOFTWAREwow6432Node | Run : [avast] – “C:Program FilesAVAST SoftwareAvastavastUI.exe” /nogui
    HKLMSOFTWAREwow6432Node | Run : [GrooveMonitor] – “C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe Reader Speed Launcher] – “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”
    HKLMSOFTWAREwow6432Node | Run : [Adobe ARM] – “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”
    HKLMSOFTWAREwow6432Node | Run : [SunJavaUpdateSched] – “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”
    HKLMSOFTWAREwow6432Node | Run : [UnlockerAssistant] – “C:Program Files (x86)UnlockerUnlockerAssistant.exe”
    HKLMSOFTWAREwow6432Node | Run : [APSDaemon] – “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”
    HKLMSOFTWAREwow6432Node | Run : [EEventManager] – “C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe”
    HKLMSOFTWAREwow6432Node | Run : [QuickTime Task] – “C:Program Files (x86)QuickTimeQTTask.exe” -atboottime
    HKLMSOFTWAREwow6432Node | Run : [iTunesHelper] – “C:Program Files (x86)iTunesiTunesHelper.exe”
    HKLMSOFTWARE | RunOnce : [] –
    HKLMSOFTWAREwow6432Node | RunOnce : [] –
    HKUS-1-5-19SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-20SOFTWARE | Run : [Sidebar] – %ProgramFiles%Windows SidebarSidebar.exe /autoRun
    HKUS-1-5-21-82401753-827500433-2952092644-1000SOFTWARE | Run : [DAEMON Tools Lite] – “C:Program Files (x86)DAEMON Tools LiteDTLite.exe” -autorun
    HKUS-1-5-21-82401753-827500433-2952092644-1000SOFTWARE | Run : [Google Update] – “C:UsersKendirgiAppDataLocalGoogleUpdateGoogleUpdate.exe” /c
    HKUS-1-5-21-82401753-827500433-2952092644-1000SOFTWARE | Run : [EA Core] – “C:Program Files (x86)Electronic ArtsEADMCore.exe” -silent
    HKUS-1-5-19SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe
    HKUS-1-5-20SOFTWARE | RunOnce : [mctadmin] – C:WindowsSystem32mctadmin.exe

    ################## | Stopped processes |

    Stopped! C:Windowssystem32atiesrxx.exe (760)
    Stopped! C:Windowssystem32atieclxx.exe (1200)
    Stopped! C:Program FilesAVAST SoftwareAvastAvastSvc.exe (1276)
    Stopped! C:WindowsSystem32spoolsv.exe (1400)
    Stopped! C:Program Files (x86)Common FilesABBYYFineReaderSprint9.00LicensingNetworkLicenseServer.exe (1572)
    Stopped! C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe (1608)
    Stopped! C:Program FilesBonjourmDNSResponder.exe (1716)
    Stopped! C:Windowssystem32sppsvc.exe (1832)
    Stopped! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE (1436)
    Stopped! C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSvcM.exe (1432)
    Stopped! C:Windowssystem32taskhost.exe (2524)
    Stopped! C:Program FilesMicrosoft IntelliPointipoint.exe (2360)
    Stopped! C:Program Files (x86)DAEMON Tools LiteDTLite.exe (2468)
    Stopped! C:Program Files (x86)McAfee Security Scan3.0.285SSScheduler.exe (2628)
    Stopped! C:UsersKendirgiAppDataLocalFacebookMessenger2.1.4651.0FacebookMessenger.exe (2600)
    Stopped! C:UsersKendirgiAppDataLocalGoogleUpdate1.3.21.135GoogleCrashHandler.exe (2636)
    Stopped! C:UsersKendirgiAppDataLocalGoogleUpdate1.3.21.135GoogleCrashHandler64.exe (2756)
    Stopped! C:Windowssystem32SearchIndexer.exe (3044)
    Stopped! C:Program FilesAVAST SoftwareAvastAvastUI.exe (2160)
    Stopped! C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe (2616)
    Stopped! C:Program Files (x86)Common FilesJavaJava Updatejusched.exe (1188)
    Stopped! C:Program Files (x86)UnlockerUnlockerAssistant.exe (2436)
    Stopped! C:Program Files (x86)EPSON SoftwareEvent ManagerEEventManager.exe (900)
    Stopped! C:Program Files (x86)iTunesiTunesHelper.exe (2764)
    Stopped! C:Program FilesiPodbiniPodService.exe (3400)
    Stopped! C:Program FilesWindows Media Playerwmpnetwk.exe (604)
    Stopped! C:Program Files (x86)Common FilesJavaJava Updatejucheck.exe (1816)
    Stopped! C:Program Files (x86)Mozilla Firefoxfirefox.exe (596)
    Stopped! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (3984)
    Stopped! C:Program Files (x86)Mozilla Firefoxplugin-container.exe (3668)
    Stopped! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_6_602_180.exe (3596)
    Stopped! C:WindowsSysWOW64MacromedFlashFlashPlayerPlugin_11_6_602_180.exe (2488)
    Stopped! C:Program Files (x86)MicrosoftBingBar7.1.391.0SeaPort.exe (3412)
    Stopped! C:Windowssystem32taskeng.exe (4808)

    ################## | Files # Infected Folders |

    Deleted ! C:Program Files (x86)Windows Service

    (!) Temporary files deleted.

    ################## | Registry |

    ################## | Mountpoints2 |

    ################## | Listing |

    [22/03/2013 – 19:47:59 | SHD ] C:$Recycle.Bin
    [24/09/2011 – 22:36:51 | D ] C:b5007b2f251377ef16669bb86103
    [24/02/2013 – 21:59:09 | N | 647] C:DelFix.txt
    [14/07/2009 – 06:08:56 | SHD ] C:Documents and Settings
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.1028.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.1031.txt
    [07/11/2007 – 07:00:40 | N | 10134] C:eula.1033.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.1036.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.1040.txt
    [07/11/2007 – 07:00:40 | N | 118] C:eula.1041.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.1042.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.2052.txt
    [07/11/2007 – 07:00:40 | N | 17734] C:eula.3082.txt
    [22/03/2012 – 17:43:25 | D ] C:found.000
    [27/06/2012 – 17:58:54 | D ] C:found.001
    [30/11/2011 – 22:43:17 | D ] C:Fraps
    [07/11/2007 – 07:00:40 | N | 1110] C:globdata.ini
    [24/03/2013 – 11:45:48 | ASH | 2415218688] C:hiberfil.sys
    [07/11/2007 – 07:00:40 | N | 843] C:install.ini
    [29/02/2012 – 14:07:37 | D ] C:Mes Documents
    [28/11/2011 – 21:30:14 | D ] C:MinGW
    [05/04/2011 – 22:26:41 | RHD ] C:MSOCache
    [24/03/2013 – 11:45:50 | ASH | 3220295680] C:pagefile.sys
    [14/07/2009 – 04:20:08 | D ] C:PerfLogs
    [21/02/2013 – 20:14:42 | N | 512] C:PhysicalMBR.bin
    [23/03/2013 – 11:16:21 | D ] C:Pre_Scan
    [22/03/2013 – 19:32:16 | N | 51207] C:Pre_Scan_22_03_2013_18_03_28.txt
    [08/12/2012 – 20:18:41 | D ] C:Program Files
    [23/03/2013 – 19:07:58 | D ] C:Program Files (x86)
    [23/03/2013 – 19:08:01 | HD ] C:ProgramData
    [03/04/2011 – 12:05:19 | SHD ] C:Recovery
    [18/06/2011 – 19:33:38 | D ] C:Riot Games
    [22/03/2013 – 12:14:37 | SHD ] C:System Volume Information
    [24/03/2013 – 12:24:46 | D ] C:UsbFix
    [24/03/2013 – 11:37:22 | N | 7494] C:UsbFix [Clean 1] KENDIRGI-PC.txt
    [24/03/2013 – 12:25:01 | A | 8723] C:UsbFix [Clean 2] KENDIRGI-PC.txt
    [15/02/2013 – 18:21:54 | D ] C:Users
    [07/11/2007 – 07:00:40 | N | 5686] C:vcredist.bmp
    [07/11/2007 – 07:09:22 | N | 1442522] C:VC_RED.cab
    [07/11/2007 – 07:12:28 | N | 232960] C:VC_RED.MSI
    [03/04/2010 – 19:33:31 | N | 2088501] C:VS_EXPBSLN_x64_fra.CAB
    [03/04/2010 – 19:35:56 | N | 555008] C:VS_EXPBSLN_x64_fra.MSI
    [24/03/2013 – 08:49:21 | D ] C:Windows

    ################## | Vaccin |

    C:Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

    ################## | E.O.F | https://www.usb-antivirus.com/fr/ |

  • Lou12345
    Participant
    Post count: 20

    Voici le dernier raport:

    ############################## | UsbFix V 7.118 | [Deletion]

    User: Kendirgi (Administrator) # KENDIRGI-PC
    Updated 24/03/2013 by El Desaparecido
    Started at 12:18:23 | 24/03/2013

    Website: http://sosvirus.org/” onclick=”window.open(this.href);return false;
    Upload Malware: http://upload.sosvirus.org/” onclick=”window.open(this.href);return false;
    Contact: contact@sosvirus.org

    PC: ASUSTeK Computer Inc. (F6V ) (x64-based PC)
    CPU: Intel(R) Core(TM)2 Duo CPU T5800 @ 2.00GHz (2000)
    RAM -> [Total : 3071 | Free : 1853]
    BIOS: Default System BIOS
    BOOT: Normal boot

    OS: Microsoft Windows 7 Édition Intégrale (6.1.7600 64-Bit) #
    WB: Windows Internet Explorer 8.0.7600.16385

    SC: Security Center Service [Enabled]
    WU: Windows Update Service [Enabled]
    AV: avast! Antivirus [(!) Disabled | Updated]
    FW: Windows FireWall Service [Enabled]

    C: (%systemdrive%) -> Fixed drive # 195 Gb (67 Mb free – 34%) [] # NTFS

  • Anonyme
    Post count: 0

    envoi la ici stp : http://upload.sosvirus.org/index.html” onclick=”window.open(this.href);return false;

  • Lou12345
    Participant
    Post count: 20

    Je n’arrive pas a envoier la capture d’écran ..

  • Anonyme
    Post count: 0

    j’ai demandé un diag et El Desaparecido a demandé l’utilisation d’usbfix , tu lis ce qu on ecrit ?

    Déjà tu commences par me parler autrement , lis la charte Helper …

    UsbFix dans sa dernière version intègre cette infection.

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    j’ai demandé un diag et El Desaparecido a demandé l’utilisation d’usbfix , tu lis ce qu on ecrit ?

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    et mon diag ?

  • Anonyme
    Post count: 0

    Bonjour Lou,

    Tu peux m’envoyer des captures de ce qui est posté sur ton FB par ce “virus” ?

    Nettoie avec la dernière version de UsbFix , ensuite regarde si t’as toujours le soucis sur Facebook ;)

    • Télécharge UsbFix sur ton Bureau.
    • Si ton antivirus affiche une alerte, ignore-la et désactive l’antivirus temporairement.
    • Branche toutes test sources de données externes à ton PC (clé USB, disque dur externe, etc…) sans les ouvrir.
    • Double clique sur UsbFix.exe.
    • Clique sur Suppression
    • Laisse travailler l’outil.
    • À la fin du scan, un rapport va s’afficher, poste-le dans ta prochaine réponse sur le forum.
    • Le rapport est aussi sauvegardé à la racine du disque système ( C:UsbFix [Clean ?] Nom de l’ordinateur.txt ).
    • Tutoriel en images
  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    re

    relance-le , clique sur diag , heberge le rapport pre_diag et donne le lien

  • Lou12345
    Participant
    Post count: 20

    http://cjoint.com/13ma/CCwuthKTNA3.htm” onclick=”window.open(this.href);return false; Voila le nouveau rapport, j’espère que je ne me suis pas trompée.

  • Lou12345
    Participant
    Post count: 20
  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    ok retelecharge-le et clique sur Scan|kill

    puis renvoie le rapport

  • Lou12345
    Participant
    Post count: 20
  • Lou12345
    Participant
    Post count: 20

    Je ne sais pas si je me suis trompée, mais voila le liens:
    http://cjoint.com/13ma/CCutvfd2s5V.htm” onclick=”window.open(this.href);return false;

  • g3n-h@ckm@ng3n-h@ckm@n
    Admin bbPress
    Post count: 8287

    hello

    Attention !!! : Seuls ces liens sont officiels ne pas telecharger l’outil sur d’autres liens !!
    Attention !!! : cet outil peut etre détecté à tort comme virus
    Attention !!! : cet outil est puissant suivre scrupuleusement les instructions ci-dessous

    tous les processus “non vitaux de windows” vont être coupés , enregistre ton travail. Il y aura une extinction du bureau pendant le scan –> pas de panique.

    Désactive toutes tes protections si possible , antivirus , sandbox , pare-feux , etc….: http://forum.pcastuces.com/desactiver_les_protections_residentes-f31s4.htm” onclick=”window.open(this.href);return false;

    telecharge et enregistre Pre_Scan sur ton bureau :

    http://services.service-webmaster.fr/cpt-clics/clics-30453-6820.html” onclick=”window.open(this.href);return false; (renommé winlogon)

    ou , si le lien n’est pas fonctionnel :

    http://www.security-helpzone.com/Tools/g3n/winlogon.exe” onclick=”window.open(this.href);return false; (renommé winlogon)

    si l’outil est relancé plusieurs fois , il te proposera un menu et qu’aucune option n’est demandée, lance l’option “Scan|Kill”

    si l’outil est bloqué par l’infection utilise cette version avec ces autres extensions :

    http://www.security-helpzone.com/Tools/g3n/Pre_Scan.scr” onclick=”window.open(this.href);return false;
    http://www.security-helpzone.com/Tools/g3n/Pre_Scan.pif” onclick=”window.open(this.href);return false;
    http://www.security-helpzone.com/Tools/g3n/Pre_Scan.com” onclick=”window.open(this.href);return false;

    si l’outil detecte un proxy et que tu n’en as pas installé clique sur “supprimer le proxy”

    Il se peut que des fenêtres noires clignotent , laisse-le travailler.

    Laisse l’outil redemarrer ton pc.

    Poste Pre_Scan_la_date_et_l’heure.txt qui apparaitra à la racine de ton disque système ( généralement C: )

    NE LE POSTE PAS SUR LE FORUM !!! (il est trop long)

    Heberge le rapport sur http://cjoint.com” onclick=”window.open(this.href);return false; puis donne le lien obtenu en echange sur le forum où tu te fais aider

  • Lou12345
    Participant
    Post count: 20

    Salut, J’ai encore le virus.. :(

  • Anonyme
    Post count: 0

    Hello Lou,

    Pouvons nous dire que ton problème est résolu ?

  • Lou12345
    Participant
    Post count: 20

    # DelFix v10.1 – Logfile created 24/02/2013 at 21:59:09
    # Updated 23/02/2013 by Xplode
    # Username : Kendirgi – KENDIRGI-PC

    ~ Removing disinfection tools …

    Deleted : C:_OTL
    Deleted : C:ZHP
    Deleted : C:AdwCleaner[R1].txt
    Deleted : C:AdwCleaner[S1].txt
    Deleted : C:UsersKendirgiDesktopZHPDiag.txt
    Deleted : C:UsersPublicDesktopMBRCheck.lnk
    Deleted : C:UsersPublicDesktopZHPDiag.lnk
    Deleted : C:UsersPublicDesktopZHPFix.lnk
    Deleted : HKLMSOFTWAREOldTimer Tools
    Deleted : HKLMSOFTWAREAdwCleaner
    Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallZHPDiag_is1

    ########## – EOF – ##########

  • Lou12345
    Participant
    Post count: 20

    J’ai encore le virus..

  • Anonyme
    Post count: 0

    Impec :)

    On va supprimer les outils utilisé :

    # Télécharge [http://general-changelog-team.fr/telechargements/logiciels/viewdownload/75-outils-de-xplode/3-delfix DelFix par Xplode].
    # Exécute delfix.exe
    # Clique sur Suppression.
    # Patiente pendant le scan jusqu’à l’ouverture du rapport.

    # Poste le contenu du rapport dans ta prochaine réponse sur le forum.

  • Lou12345
    Participant
    Post count: 20

    Je n’ai plus l’impression, en tout cas merci 1 000 fois !

  • Anonyme
    Post count: 0

    J’ai un enorme probleme, j’ai l’impression d’avoir 2 virus Facebook ! Le truc avec l’iPhone 5 (mon compte envoie a 200 personnes un messages) et j’ai cliquer sur une vidéo sans faire exprés et depuis sa publie la vidéo sur mon mur on identifient des personnes :$

    Je voulais savoir si ce problème existe toujours ?

  • Lou12345
    Participant
    Post count: 20

    Comment sa des soucis ? :)

  • Lou12345
    Participant
    Post count: 20

    All processes killed
    ========== OTL ==========
    Service wlcomm32 stopped successfully!
    Service wlcomm32 deleted successfully!
    C:Program Files (x86)Windows Serviceservice.exe moved successfully.
    Prefs.js: “Ask.com” removed from browser.search.defaultengine
    Prefs.js: “SearchTheWeb” removed from browser.search.defaultenginename
    Prefs.js: “Ask.com” removed from browser.search.order.1
    Prefs.js: “http://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40893b130e&lcid=1036&ref=homepage” removed from browser.startup.homepage
    Prefs.js: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr_FR&apn_uid=4D7D0AE0-94D1-42B1-B055-1097E8DE7143&apn_ptnrs=RX&apn_sauid=FF60137A-793E-44E7-B099-CCBF50326AD4&apn_dtid=YYYYYYYYFR&q=” removed from keyword.URL
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Execution Control Services deleted successfully.
    C:Program Files (x86)Windows Servicecsrss32.exe moved successfully.
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Facebook Update deleted successfully.
    C:UsersKendirgiAppDataLocalFacebookUpdateFacebookUpdate.exe moved successfully.
    File rity] not found.
    File ptytemp] not found.
    File sethosts] not found.
    File boot] not found.

    OTL by OldTimer – Version 3.2.69.0 log created on 02222013_175002

    FilesFolders moved on Reboot…

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…

  • Anonyme
    Post count: 0

    Pas grave pour le retard ;)

    Toujours des soucis ?

  • Lou12345
    Participant
    Post count: 20

    Re,

    Je suis vraiment désoler pour le retard.. Voici le nouveau rapport:

    All processes killed
    ========== OTL ==========
    Service wlcomm32 stopped successfully!
    Service wlcomm32 deleted successfully!
    C:Program Files (x86)Windows Serviceservice.exe moved successfully.
    Prefs.js: “Ask.com” removed from browser.search.defaultengine
    Prefs.js: “SearchTheWeb” removed from browser.search.defaultenginename
    Prefs.js: “Ask.com” removed from browser.search.order.1
    Prefs.js: “http://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40893b130e&lcid=1036&ref=homepage” removed from browser.startup.homepage
    Prefs.js: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr_FR&apn_uid=4D7D0AE0-94D1-42B1-B055-1097E8DE7143&apn_ptnrs=RX&apn_sauid=FF60137A-793E-44E7-B099-CCBF50326AD4&apn_dtid=YYYYYYYYFR&q=” removed from keyword.URL
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Execution Control Services deleted successfully.
    C:Program Files (x86)Windows Servicecsrss32.exe moved successfully.
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Facebook Update deleted successfully.
    C:UsersKendirgiAppDataLocalFacebookUpdateFacebookUpdate.exe moved successfully.
    File rity] not found.
    File ptytemp] not found.
    File sethosts] not found.
    File boot] not found.

    OTL by OldTimer – Version 3.2.69.0 log created on 02222013_175002

    FilesFolders moved on Reboot…

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…

  • Lou12345
    Participant
    Post count: 20

    Re,

    Je suis vraiment désoler pour le retard.. Voici le nouveau rapport:

    All processes killed
    ========== OTL ==========
    Service wlcomm32 stopped successfully!
    Service wlcomm32 deleted successfully!
    C:Program Files (x86)Windows Serviceservice.exe moved successfully.
    Prefs.js: “Ask.com” removed from browser.search.defaultengine
    Prefs.js: “SearchTheWeb” removed from browser.search.defaultenginename
    Prefs.js: “Ask.com” removed from browser.search.order.1
    Prefs.js: “http://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40893b130e&lcid=1036&ref=homepage” removed from browser.startup.homepage
    Prefs.js: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr_FR&apn_uid=4D7D0AE0-94D1-42B1-B055-1097E8DE7143&apn_ptnrs=RX&apn_sauid=FF60137A-793E-44E7-B099-CCBF50326AD4&apn_dtid=YYYYYYYYFR&q=” removed from keyword.URL
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Execution Control Services deleted successfully.
    C:Program Files (x86)Windows Servicecsrss32.exe moved successfully.
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Facebook Update deleted successfully.
    C:UsersKendirgiAppDataLocalFacebookUpdateFacebookUpdate.exe moved successfully.
    File rity] not found.
    File ptytemp] not found.
    File sethosts] not found.
    File boot] not found.

    OTL by OldTimer – Version 3.2.69.0 log created on 02222013_175002

    FilesFolders moved on Reboot…

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…

  • Lou12345
    Participant
    Post count: 20

    Re,
    Je suis vraiment désoler pour le retard.. Voici le nouveau rapport :

    All processes killed
    ========== OTL ==========
    Service wlcomm32 stopped successfully!
    Service wlcomm32 deleted successfully!
    C:Program Files (x86)Windows Serviceservice.exe moved successfully.
    Prefs.js: “Ask.com” removed from browser.search.defaultengine
    Prefs.js: “SearchTheWeb” removed from browser.search.defaultenginename
    Prefs.js: “Ask.com” removed from browser.search.order.1
    Prefs.js: “http://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40893b130e&lcid=1036&ref=homepage” removed from browser.startup.homepage
    Prefs.js: “http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr_FR&apn_uid=4D7D0AE0-94D1-42B1-B055-1097E8DE7143&apn_ptnrs=RX&apn_sauid=FF60137A-793E-44E7-B099-CCBF50326AD4&apn_dtid=YYYYYYYYFR&q=” removed from keyword.URL
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Execution Control Services deleted successfully.
    C:Program Files (x86)Windows Servicecsrss32.exe moved successfully.
    Registry value HKEY_USERSS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftWindowsCurrentVersionRun\Facebook Update deleted successfully.
    C:UsersKendirgiAppDataLocalFacebookUpdateFacebookUpdate.exe moved successfully.
    File rity] not found.
    File ptytemp] not found.
    File sethosts] not found.
    File boot] not found.

    OTL by OldTimer – Version 3.2.69.0 log created on 02222013_175002

    FilesFolders moved on Reboot…

    PendingFileRenameOperations files…

    Registry entries deleted on Reboot…

  • Anonyme
    Post count: 0

    Hello ,

    Pas de réponse , il y a un soucis ?

  • Anonyme
    Post count: 0

    Re,

    • Relance OTL.
    • Sous Persfonnalisation (Custom Scan), copie-colle le contenu du cadre ci dessous (bien prendre :OTL en début).
    • Clic Correction (Fix), un rapport apparraitra, copie/colle le contenu ici:

    :OTL
    SRV - [2012/12/07 09:27:40 | 000,119,208 | ---- | M] (ServiceEx) [Auto | Running] -- C:Program Files (x86)Windows Serviceservice.exe -- (wlcomm32)
    FF - prefs.js..browser.search.defaultengine: "Ask.com"
    FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
    FF - prefs.js..browser.search.order.1: "Ask.com"
    FF - prefs.js..browser.startup.homepage: "http://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40893b130e&lcid=1036&ref=homepage"
    FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr_FR&apn_uid=4D7D0AE0-94D1-42B1-B055-1097E8DE7143&apn_ptnrs=RX&apn_sauid=FF60137A-793E-44E7-B099-CCBF50326AD4&apn_dtid=YYYYYYYYFR&q="
    O4 - HKUS-1-5-21-82401753-827500433-2952092644-1000..Run: [Execution Control Services] C:Program Files (x86)Windows Servicecsrss32.exe ()
    O4 - HKUS-1-5-21-82401753-827500433-2952092644-1000..Run: [Facebook Update] C:UsersKendirgiAppDataLocalFacebookUpdateFacebookUpdate.exe (Facebook Inc.)

    :files
    C:Program Files (x86)Windows Service

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [reboot]

    • Redemarre le pc sous windows et poste le rapport dans ta prochaine réponse.
    • Le rapport est sauvegardé sous C:_OTLMovedFilesdate_heure.log
  • Lou12345
    Participant
    Post count: 20

    Re,
    J’espere que je ne me suis pas trompé http://pjjoint.malekal.com/files.php?id=OTL_20130221_h6w7w13p8h7

  • Anonyme
    Post count: 0

    Re,

    Là tu m’a envoyé le script OTL

    C’est le nouveau rapport ADWCleaner et le rapport OTL que j’attend :)

  • Lou12345
    Participant
    Post count: 20
  • Anonyme
    Post count: 0

    Relance Adwcleaner, choisi Suppression et post le nouveau rapport stp

    Ensuite :

    * Télécharge https://www.sosvirus.net/telecharger/otl/ sur ton bureau.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu’administrateur)

    Dans le cas d’Avast!, ne pas lancer le programme dans la Sandbox (voir lien d’aide ci-dessus).

    * Lance OTL
    * En haut à droite de Analyse rapide, coche “tous les utilisateurs”
    * Sur OTL, sous Personnalisation, copie-colle le script ci-dessous :

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%Application Data*.
    %ALLUSERSPROFILE%Application Data*.exe /s
    %APPDATA%*.
    %APPDATA%*.exe /s
    %temp%.exe /s
    %SYSTEMDRIVE%*.exe
    %systemroot%*. /mp /s
    %systemroot%system32consrv.dll
    %systemroot%system32*.dll /lockedfiles
    %systemroot%Tasks*.job /lockedfiles
    %systemroot%system32drivers*.sys /lockedfiles
    %systemroot%System32config*.sav
    /md5start
    explorer.exe
    winlogon.exe
    wininit.exe
    /md5stop
    HKEY_CLASSES_ROOTCLSID{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}InprocServer32 /s
    HKEY_LOCAL_MACHINESYSTEMSYSTEMCurrentControlSetServiceslanmanserverparameters /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems /s
    HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerAppCertDlls /s
    HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionProfileList /s
    CREATERESTOREPOINT
    nslookup www.google.fr /c
    SAVEMBR:0
    hklmsoftwareclientsstartmenuinternet|command /rs
    hklmsoftwareclientsstartmenuinternet|command /64 /rs

    * Clique sur le bouton Analyse.

    NE PAS COPIER/COLLER LE RAPPORT ICI – DONNER LE LIEN PJJOINT
    * Quand le scan est fini, utilise le site http://pjjoint.malekal.com/ pour envoyer le rapport OTL.txt (et Extra.txt si présent), donne le ou les liens pjjoint qui pointent vers ces rapports ici dans un nouveau message.
    NE PAS COPIER/COLLER LE RAPPORT ICI – DONNER LE LIEN PJJOINT

  • Lou12345
    Participant
    Post count: 20

    Voici le copier/coller du scan:

    # AdwCleaner v2.112 – Logfile created 02/20/2013 at 18:01:20
    # Updated 10/02/2013 by Xplode
    # Operating system : Windows 7 Ultimate (64 bits)
    # User : Kendirgi – KENDIRGI-PC
    # Boot Mode : Normal
    # Running from : C:Mes DocumentsTéléchargementadwcleaner0.exe
    # Option [Search]

    ***** [Services] *****

    ***** [Files / Folders] *****

    File Found : C:Program Files (x86)Mozilla Firefoxdefaultsprefall-iminent.js
    File Found : C:Program Files (x86)Mozilla FirefoxsearchpluginsSearchTheWeb.xml
    File Found : C:UsersKendirgiAppDataRoamingMicrosoftInternet ExplorerQuick LaunchQuickStores.url
    File Found : C:UsersKendirgiAppDataRoamingMicrosoftWindowsStart MenuQuickStores.url
    File Found : C:UsersKendirgiAppDataRoamingMozillaFirefoxProfilesxx0h8sj4.defaultsearchpluginsAskcom.xml
    File Found : C:UsersKendirgiAppDataRoamingMozillaFirefoxProfilesxx0h8sj4.defaultsearchpluginsSearchTheWeb.xml
    Folder Found : C:Program Files (x86)Iminent
    Folder Found : C:Program Files (x86)IMinent toolbar
    Folder Found : C:Program Files (x86)Mozilla FirefoxExtensionsquickstores@quickstores.de
    Folder Found : C:ProgramDataIminent
    Folder Found : C:ProgramDataMicrosoftWindowsStart MenuProgramsIminent
    Folder Found : C:UsersKendirgiAppDataLocalGoogleChromeUser DataDefaultExtensionsigdhbblpcellaljokkpfhcjlagemhgjl
    Folder Found : C:UsersKendirgiAppDataLocalTempAskSearch
    Folder Found : C:UsersKendirgiAppDataLocalTempIminent
    Folder Found : C:UsersKendirgiAppDataLocalLowAskToolbar
    Folder Found : C:UsersKendirgiAppDataLocalLowToolbar4
    Folder Found : C:UsersKendirgiAppDataRoamingIminent
    Folder Found : C:UsersKendirgiAppDataRoamingNosibay
    Folder Found : C:UsersKendirgiAppDataRoamingQuickStoresToolbar
    Folder Found : C:WindowsassemblyGAC_MSILQuickStoresToolbar
    Folder Found : C:WindowsInstaller{86D4B82A-ABED-442A-BE86-96357B70F4FE}

    ***** [Registry] *****

    Key Found : HKCUSoftwareAppDataLowAskToolbarInfo
    Key Found : HKCUSoftwareAppDataLowSoftwareAskToolbar
    Key Found : HKCUSoftwareAsk.com
    Key Found : HKCUSoftwareIminent
    Key Found : HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKCUSoftwareNosibay
    Key Found : HKCUSoftwareSoftonic
    Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Key Found : HKLMSoftwareAskToolbar
    Key Found : HKLMSOFTWAREClassesAppID{01994268-3C10-4044-A1EA-7A9C1B739A11}
    Key Found : HKLMSOFTWAREClassesAppID{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Found : HKLMSOFTWAREClassesAppID{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Found : HKLMSOFTWAREClassesAppID{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
    Key Found : HKLMSOFTWAREClassesAppIDGenericAskToolbar.DLL
    Key Found : HKLMSOFTWAREClassesAppIDIminent.WebBooster.InternetExplorer.DLL
    Key Found : HKLMSOFTWAREClassesAppIDTbCommonUtils.DLL
    Key Found : HKLMSOFTWAREClassesAppIDTbHelper.EXE
    Key Found : HKLMSOFTWAREClassesComObject.DeskbarEnabler
    Key Found : HKLMSOFTWAREClassesComObject.DeskbarEnabler.1
    Key Found : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd
    Key Found : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd.1
    Key Found : HKLMSOFTWAREClassesIminent
    Key Found : HKLMSOFTWAREClassesIminent.Business.Tinyfying.DownloadArgs
    Key Found : HKLMSOFTWAREClassesIminent.Business.Tinyfying.LinkToPromoteArgs
    Key Found : HKLMSOFTWAREClassesIminent.Business.Tinyfying.RawDataArgs
    Key Found : HKLMSOFTWAREClassesIminent.Business.Tinyfying.TinyUrlArgs
    Key Found : HKLMSOFTWAREClassesIminent.Business.Tinyfying.ViralLinkArgs
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.ClientCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.ContractBase
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.AddToUserContentCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.CleanCacheCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GameOverCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetCreditCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetLoginStatusResult
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetVariableCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.GetVariableResult
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.InstallationContextResult
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.LoadContentCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.LoadContentCommandResult
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.LoginCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.LogoutCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.MergeIdentityCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.MyAccountCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.PlayContentCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.PostContentCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.RecycleViewsCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.SetVariableCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.TestContentCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.UserContentChangedCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.VariableChangedCallback
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.WarmUpCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.DataContracts.WelcomeCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.ServerCommand
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.Communication.ServerResult
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.LightContent
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.LightUri
    Key Found : HKLMSOFTWAREClassesIminent.Mediator.MediatorServiceProxy
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.ActiveContentHandle.1
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.ActiveContentHandler
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.BrowserHelperObject
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.BrowserHelperObject.1
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.ScriptExtender
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.ScriptExtender.1
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.TinyUrlHandler
    Key Found : HKLMSOFTWAREClassesIminentWebBooster.TinyUrlHandler.1
    Key Found : HKLMSoftwareClassesInstallerFeatures482AA67AD25E6E74E9F48BD5FBE8533C
    Key Found : HKLMSoftwareClassesInstallerFeaturesA28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLMSoftwareClassesInstallerProducts482AA67AD25E6E74E9F48BD5FBE8533C
    Key Found : HKLMSoftwareClassesInstallerProductsA28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKLMSOFTWAREClassesTbCommonUtils.CommonUtils
    Key Found : HKLMSOFTWAREClassesTbCommonUtils.CommonUtils.1
    Key Found : HKLMSOFTWAREClassesTbHelper.TbDownloadManager
    Key Found : HKLMSOFTWAREClassesTbHelper.TbDownloadManager.1
    Key Found : HKLMSOFTWAREClassesTbHelper.TbPropertyManager
    Key Found : HKLMSOFTWAREClassesTbHelper.TbPropertyManager.1
    Key Found : HKLMSOFTWAREClassesTbHelper.TbRequest
    Key Found : HKLMSOFTWAREClassesTbHelper.TbRequest.1
    Key Found : HKLMSOFTWAREClassesTbHelper.TbTask
    Key Found : HKLMSOFTWAREClassesTbHelper.TbTask.1
    Key Found : HKLMSOFTWAREClassesTbHelper.ToolbarHelper
    Key Found : HKLMSOFTWAREClassesTbHelper.ToolbarHelper.1
    Key Found : HKLMSOFTWAREClassesTBSB01620.IEToolbar
    Key Found : HKLMSOFTWAREClassesTBSB01620.IEToolbar.1
    Key Found : HKLMSOFTWAREClassesTBSB01620.TBSB01620
    Key Found : HKLMSOFTWAREClassesTBSB01620.TBSB01620.3
    Key Found : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifier
    Key Found : HKLMSOFTWAREClassesToolbar3.ContextMenuNotifier.1
    Key Found : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImpl
    Key Found : HKLMSOFTWAREClassesToolbar3.CustomInternetSecurityImpl.1
    Key Found : HKLMSOFTWAREClassesToolbar3.TBSB01620
    Key Found : HKLMSOFTWAREClassesToolbar3.TBSB01620.1
    Key Found : HKLMSOFTWAREClassesTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
    Key Found : HKLMSOFTWAREClassesTypeLib{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
    Key Found : HKLMSOFTWAREClassesTypeLib{4509D3CC-B642-4745-B030-645B79522C6D}
    Key Found : HKLMSOFTWAREClassesTypeLib{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
    Key Found : HKLMSOFTWAREClassesTypeLib{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Found : HKLMSOFTWAREClassesTypeLib{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Found : HKLMSOFTWAREClassesTypeLib{DB538320-D3C5-433C-BCA9-C4081A054FCF}
    Key Found : HKLMSOFTWAREClassesTypeLib{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Found : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook
    Key Found : HKLMSOFTWAREClassesURLSearchHook.ToolbarURLSearchHook.1
    Key Found : HKLMSoftwareIminent
    Key Found : HKLMSOFTWAREMicrosoftTracingIminent_RASAPI32
    Key Found : HKLMSOFTWAREMicrosoftTracingIminent_RASMANCS
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{01A602A0-D0B9-445B-8081-719E4177C4A7}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{02054E11-5113-4BE3-8153-AA8DFB5D3761}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{0398B101-6DA7-473F-A290-17D2FBC88CC0}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{0CC36196-8589-4B80-A771-D659411D7F90}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{143D96F9-EB64-48B3-B192-91C2C41A1F43}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{187A6488-6E71-4A2A-B118-7BEFBFE58257}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{2D065204-A024-4C39-8A38-EE7078EC7ACF}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{30F5476C-677B-4DB0-B397-51F5BFD86840}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{492A108F-51D0-4BD8-899D-AD4AB2893064}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{76C684D2-C35D-4284-976A-D862F53ADB81}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{79EF3691-EC1A-4705-A01A-D2E36EC11758}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{82F41418-8E64-47EB-A7F1-4702A974D289}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{8AAC123A-1959-4A45-BFC5-E2D50783098A}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{A07956CD-81F8-4A03-B524-5D87E690DC83}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{B89D5309-0367-4494-A92F-3D4C94F88307}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C014EBF8-8854-448B-B5A4-557C4090EDCE}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C339D489-FABC-41DD-B39D-276101667C70}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C4765B07-BC2F-477B-925C-B2BF24887823}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{D8F01233-2DE6-4EE7-8988-37263F00651B}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{DD438708-AAB4-422D-A322-B619589F5680}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{E812AE43-7799-4E67-8CF8-4104297A2D16}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{F92193FD-2243-4401-9ACC-49FF30885898}
    Key Found : HKLMSOFTWAREWow6432NodeClassesCLSID{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : HKLMSOFTWAREWow6432NodeClassesInterface{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : HKLMSOFTWAREWow6432NodeGoogleChromeExtensionsigdhbblpcellaljokkpfhcjlagemhgjl
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{0AF350D9-3916-454B-AC53-0B0B65F41301}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{68B81CCD-A80C-4060-8947-5AE69ED01199}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerLow RightsElevationPolicy{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerSearchScopes{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{58124A0B-DC32-4180-9BFF-E0E21AE34026}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstall{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstall{F7CF0E9A-D48B-4942-9537-259ED0568DF4}
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallIMBoosterARP
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallQuickStores-Toolbar_is1
    Key Found : HKLMSOFTWAREWow6432NodeMicrosoftWindowsCurrentVersionUninstallSearchTheWebARP
    Key Found : HKLMSOFTWAREClassesInterface{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Found : HKLMSOFTWAREClassesInterface{021B4049-F57D-4565-A693-FD3B04786BFA}
    Key Found : HKLMSOFTWAREClassesInterface{0362AA09-808D-48E9-B360-FB51A8CBCE09}
    Key Found : HKLMSOFTWAREClassesInterface{06844020-CD0B-3D3D-A7FE-371153013E49}
    Key Found : HKLMSOFTWAREClassesInterface{0ADC01BB-303B-3F8E-93DA-12C140E85460}
    Key Found : HKLMSOFTWAREClassesInterface{10D3722F-23E6-3901-B6C1-FF6567121920}
    Key Found : HKLMSOFTWAREClassesInterface{1675E62B-F911-3B7B-A046-EB57261212F3}
    Key Found : HKLMSOFTWAREClassesInterface{192929F2-9273-3894-91B0-F54671C4C861}
    Key Found : HKLMSOFTWAREClassesInterface{2932897E-3036-43D9-8A64-B06447992065}
    Key Found : HKLMSOFTWAREClassesInterface{2A42D13C-D427-4787-821B-CF6973855778}
    Key Found : HKLMSOFTWAREClassesInterface{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
    Key Found : HKLMSOFTWAREClassesInterface{32B80AD6-1214-45F4-994E-78A5D482C000}
    Key Found : HKLMSOFTWAREClassesInterface{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
    Key Found : HKLMSOFTWAREClassesInterface{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Found : HKLMSOFTWAREClassesInterface{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Found : HKLMSOFTWAREClassesInterface{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Found : HKLMSOFTWAREClassesInterface{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
    Key Found : HKLMSOFTWAREClassesInterface{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Found : HKLMSOFTWAREClassesInterface{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
    Key Found : HKLMSOFTWAREClassesInterface{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Found : HKLMSOFTWAREClassesInterface{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
    Key Found : HKLMSOFTWAREClassesInterface{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
    Key Found : HKLMSOFTWAREClassesInterface{641593AF-D9FD-30F7-B783-36E16F7A2E08}
    Key Found : HKLMSOFTWAREClassesInterface{6C434537-053E-486D-B62A-160059D9D456}
    Key Found : HKLMSOFTWAREClassesInterface{711FC48A-1356-3932-94D8-A8B733DBC7E4}
    Key Found : HKLMSOFTWAREClassesInterface{72227B7F-1F02-3560-95F5-592E68BACC0C}
    Key Found : HKLMSOFTWAREClassesInterface{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
    Key Found : HKLMSOFTWAREClassesInterface{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Found : HKLMSOFTWAREClassesInterface{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
    Key Found : HKLMSOFTWAREClassesInterface{8C68913C-AC3C-4494-8B9C-984D87C85003}
    Key Found : HKLMSOFTWAREClassesInterface{8D019513-083F-4AA5-933F-7D43A6DA82C4}
    Key Found : HKLMSOFTWAREClassesInterface{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
    Key Found : HKLMSOFTWAREClassesInterface{923F6FB8-A390-370E-A0D2-DD505432481D}
    Key Found : HKLMSOFTWAREClassesInterface{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Found : HKLMSOFTWAREClassesInterface{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
    Key Found : HKLMSOFTWAREClassesInterface{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
    Key Found : HKLMSOFTWAREClassesInterface{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
    Key Found : HKLMSOFTWAREClassesInterface{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
    Key Found : HKLMSOFTWAREClassesInterface{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
    Key Found : HKLMSOFTWAREClassesInterface{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
    Key Found : HKLMSOFTWAREClassesInterface{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
    Key Found : HKLMSOFTWAREClassesInterface{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Found : HKLMSOFTWAREClassesInterface{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Found : HKLMSOFTWAREClassesInterface{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Found : HKLMSOFTWAREClassesInterface{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
    Key Found : HKLMSOFTWAREClassesInterface{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
    Key Found : HKLMSOFTWAREClassesInterface{C58D664A-3DBC-4925-AE74-0382007DF113}
    Key Found : HKLMSOFTWAREClassesInterface{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
    Key Found : HKLMSOFTWAREClassesInterface{D16107CD-2AD5-46A8-BA59-303B7C32C500}
    Key Found : HKLMSOFTWAREClassesInterface{D25B101F-8188-3B43-9D85-201F372BC205}
    Key Found : HKLMSOFTWAREClassesInterface{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
    Key Found : HKLMSOFTWAREClassesInterface{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
    Key Found : HKLMSOFTWAREClassesInterface{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Found : HKLMSOFTWAREClassesInterface{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
    Key Found : HKLMSOFTWAREClassesInterface{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
    Key Found : HKLMSOFTWAREClassesInterface{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
    Key Found : HKLMSOFTWAREClassesInterface{E1B4C9DE-D741-385F-981E-6745FACE6F01}
    Key Found : HKLMSOFTWAREClassesInterface{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Found : HKLMSOFTWAREClassesInterface{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
    Key Found : HKLMSOFTWAREClassesInterface{ED916A7B-7C68-3198-B87D-2DABC30A5587}
    Key Found : HKLMSOFTWAREClassesInterface{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
    Key Found : HKLMSOFTWAREClassesInterface{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
    Key Found : HKLMSOFTWAREClassesInterface{FC32005D-E27C-32E0-ADFA-152F598B75E7}
    Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsA28B4D68DEBAA244EB686953B7074FEF
    Key Found : HKUS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Key Found : HKUS-1-5-21-82401753-827500433-2952092644-1000SoftwareMicrosoftInternet ExplorerSearchScopes{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
    Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
    Value Found : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
    Value Found : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
    Value Found : HKCUSoftwareMicrosoftWindowsCurrentVersionRun [Bubble Dock]
    Value Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [Iminent]
    Value Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [IminentMessenger]
    Value Found : HKLMSOFTWAREMozillaFirefoxExtensions [webbooster@iminent.com]
    Value Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}]
    Value Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
    Value Found : HKLMSOFTWAREWow6432NodeMicrosoftInternet ExplorerToolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

    ***** [Internet Browsers] *****

    -\ Internet Explorer v8.0.7600.16839

    [HKCUSoftwareMicrosoftInternet ExplorerMain – Start Page] = hxxp://search.iminent.com/?appId=3A169464-8357-4AB2-8E13-AA40893B130E

    -\ Mozilla Firefox v19.0 (fr)

    File : C:UsersKendirgiAppDataRoamingMozillaFirefoxProfilesxx0h8sj4.defaultprefs.js

    Found : user_pref(“browser.search.defaultengine”, “Ask.com”);
    Found : user_pref(“browser.search.defaultenginename”, “SearchTheWeb”);
    Found : user_pref(“browser.search.order.1”, “Ask.com”);
    Found : user_pref(“browser.startup.homepage”, “hxxp://search.iminent.com/?appId=3a169464-8357-4ab2-8e13-aa40[…]
    Found : user_pref(“extensions.asktb.abar-war-timeout”, “4000”);
    Found : user_pref(“extensions.asktb.cbid”, “RX”);
    Found : user_pref(“extensions.asktb.config-updated”, false);
    Found : user_pref(“extensions.asktb.crumb”, “2011.04.15+10.07.53-toolbar002iad-FR-Q2FlbixGcmFuY2U%3D”);
    Found : user_pref(“extensions.asktb.default-channel-url-mask”, “hxxp://fr.ask.com/web?q={query}&qsrc={qsrc}&[…]
    Found : user_pref(“extensions.asktb.dtid”, “YYYYYYYYFR”);
    Found : user_pref(“extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget”, true);
    Found : user_pref(“extensions.asktb.ff-original-keyword-url”, “hxxp://websearch.ask.com/redirect?client=ff&s[…]
    Found : user_pref(“extensions.asktb.first-restart-after-config-update”, true);
    Found : user_pref(“extensions.asktb.fresh-install”, false);
    Found : user_pref(“extensions.asktb.hxxp-header-whitelist-hosts”, “[“static-dev.en.dev.ask.com”, “ask.com[…]
    Found : user_pref(“extensions.asktb.l”, “dis”);
    Found : user_pref(“extensions.asktb.last-config-req”, “1303936900068”);
    Found : user_pref(“extensions.asktb.locale”, “fr_FR”);
    Found : user_pref(“extensions.asktb.o”, “15180”);
    Found : user_pref(“extensions.asktb.overlay-reloaded-using-restart”, true);
    Found : user_pref(“extensions.asktb.qsrc”, “2871”);
    Found : user_pref(“extensions.asktb.r”, “2”);
    Found : user_pref(“extensions.asktb.search-suggestions-enabled”, true);
    Found : user_pref(“extensions.asktb.silent-upgrade”, true);
    Found : user_pref(“extensions.asktb.silent-upgrade-from-pre-newtabs-build”, true);
    Found : user_pref(“extensions.asktb.socialmini-first”, true);
    Found : user_pref(“extensions.asktb.socialmini-interval”, “1200000”);
    Found : user_pref(“extensions.asktb.socialmini-max-char-ticker”, “33”);
    Found : user_pref(“extensions.asktb.socialmini-max-items”, “30”);
    Found : user_pref(“extensions.asktb.socialmini-native-on”, true);
    Found : user_pref(“extensions.asktb.socialmini-speed”, “5000”);
    Found : user_pref(“extensions.asktb.socialmini-transition-first-open”, false);
    Found : user_pref(“keyword.URL”, “hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=PF&o=15180&locale=fr[…]
    Found : user_pref(“quickstores.toolbar.affid”, “2017”);
    Found : user_pref(“quickstores.toolbar.guid”, “{8BB10319-C862-543F-E4CC-05CA5906FF9C}”);

    -\ Google Chrome v24.0.1312.57

    File : C:UsersKendirgiAppDataLocalGoogleChromeUser DataDefaultPreferences

    Found [l.39] : keyword = “search.iminent.com”,
    Found [l.42] : search_url = “hxxp://search.iminent.com/?appId=3A169464-8357-4AB2-8E13-AA40893B130E&ref=toolbox&q={searchTerms}”,

    *************************

    AdwCleaner[R1].txt – [35760 octets] – [20/02/2013 18:01:20]

    ########## EOF – C:AdwCleaner[R1].txt – [35821 octets] ##########

  • Anonyme
    Post count: 0

    Re,

    AH OK , c’est le MP sur CCM :)

    • Télécharge AdwCleaner par Xplode sur ton bureau
    • Exécute AdwCleaner.exe.

    • Clic sur RECHERCHE, puis patiente le temps du scan.
    • Une fois le scan fini, un rapport s’ouvrira. Poste son contenu dans ta prochaine réponse.
    • Le rapport est également sauvegardé sous C:AdwCleaner[S1].txt
  • Anonyme
    Post count: 0

    Hello Lou,

    http://pjjoint.malekal.com/files.php?re … 8i12j7s5f6 (<— On m'a dit de faire sa)

    Qui ? tu as ouvert un autre sujet sur un autre forum ?

  • Lou12345
    Participant
    Post count: 20

    Hello !

    J’ai un enorme probleme, j’ai l’impression d’avoir 2 virus Facebook ! Le truc avec l’iPhone 5 (mon compte envoie a 200 personnes un messages) et j’ai cliquer sur une vidéo sans faire exprés et depuis sa publie la vidéo sur mon mur on identifient des personnes :$
    http://pjjoint.malekal.com/files.php?re” onclick=”window.open(this.href);return false; … 8i12j7s5f6 (< --- On m'a dit de faire sa)
    HELP ME ! PLEASE ! (Merci d’avance)

Le sujet ‘Virus Facebook’ est fermé à de nouvelles réponses.