Ransomware Gendarmerie Nationale à éliminer
Fermé
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
-
3 oct. 2012 à 20:26
Utilisateur anonyme - 7 oct. 2012 à 17:34
Utilisateur anonyme - 7 oct. 2012 à 17:34
A voir également:
- Ransomware Gendarmerie Nationale à éliminer
- Panne nationale la poste aujourd'hui - Accueil - Services publics
- Modèle de plainte à la gendarmerie - Accueil - Piratage
- Éliminer les cookies - Guide
- Le fichier pdf à télécharger est disponible avec le même nom sur le site de l'assemblée nationale. mais vous ne le trouverez pas directement avec un moteur de recherche… quelle est l'url de ce fichier pdf sur le site web de l'assemblée nationale ? ✓ - Forum Webmastering
- Comment éliminer les publicités - Guide
16 réponses
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
3 oct. 2012 à 21:22
3 oct. 2012 à 21:22
Bonjour Guillaume
ci-dessous le rapport; il faut savoir qu'entre temps, après avoir suivi un lien envoyé automatiquement par Roguekiller, j'ai lancé "delete" (oui je l'ai en anglais) et donc le rapport est peut-être affecté par ça. Désolé de mon manque de connaissance.
Je suis maintenant en train de faire un scan Malware (depuis 40 minutes) et il y a quatre objets détectés. Voili voilou ...
Merci de ton aide
RogueKiller V8.1.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Fred [Admin rights]
Mode : Remove -- Date : 03/10/2012 20:39:26
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[RUN][Rans.Gendarm] HKCU\[...]\Run : Update (C:\Users\Fred\AppData\Roaming\wgsdgsdgdsgsd.exe) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : Rans.Gendarm|Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
ÿþ1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9640320AS +++++
--- User ---
[MBR] 2f420bc3485ff16bbfd0a9ba5b97162d
[BSP] a9a37c4cab0a14b6ffc5eb8d95438a66 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 262144 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 589301760 | Size: 322735 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] d05562decd58c9ebd0758a24b770260e
[BSP] 545739ad1786c03ef2ba3ef3721301e0 : MaxSS MBR Code!
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 262144 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 589301760 | Size: 322735 Mo
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
ci-dessous le rapport; il faut savoir qu'entre temps, après avoir suivi un lien envoyé automatiquement par Roguekiller, j'ai lancé "delete" (oui je l'ai en anglais) et donc le rapport est peut-être affecté par ça. Désolé de mon manque de connaissance.
Je suis maintenant en train de faire un scan Malware (depuis 40 minutes) et il y a quatre objets détectés. Voili voilou ...
Merci de ton aide
RogueKiller V8.1.1 [03/10/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Fred [Admin rights]
Mode : Remove -- Date : 03/10/2012 20:39:26
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[RUN][Rans.Gendarm] HKCU\[...]\Run : Update (C:\Users\Fred\AppData\Roaming\wgsdgsdgdsgsd.exe) -> DELETED
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ Infection : Rans.Gendarm|Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
ÿþ1
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: ST9640320AS +++++
--- User ---
[MBR] 2f420bc3485ff16bbfd0a9ba5b97162d
[BSP] a9a37c4cab0a14b6ffc5eb8d95438a66 : Windows 7 MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 262144 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 589301760 | Size: 322735 Mo
User != LL1 ... KO!
--- LL1 ---
[MBR] d05562decd58c9ebd0758a24b770260e
[BSP] 545739ad1786c03ef2ba3ef3721301e0 : MaxSS MBR Code!
Partition table:
0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 262144 Mo
2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 589301760 | Size: 322735 Mo
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
Utilisateur anonyme
3 oct. 2012 à 21:31
3 oct. 2012 à 21:31
Re
Impeccable ;-)
Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
Impeccable ;-)
Télécharge Malwaresbytes anti malware ici
http://www.malwarebytes.org/mbam.php
Bouton »Download free version »
* Installe le (choisis bien "français" ; ne modifie pas les paramètres d'installe ) et mets le à jour .
* Potasse le tuto pour te familiariser avec le prg :
https://forum.pcastuces.com/sujet.asp?f=31&s=3
(cela dis, il est très simple d'utilisation).
relance Malwaresbytes en suivant scrupuleusement ces consignes :
! Déconnecte toi et ferme toutes applications en cours !
* Lance Malwarebyte's. Sous Vista et Seven (clic droit de la souris « exécuter en tant que administrateur »)
*Procèdes à une mise à jour
*Fais un examen dit "Complet"
--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "Afficher les résultats" " .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " supprimer la sélection " .
Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !
Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwaresbytes, le dernier en date)
@+
Bonsoir Guillaume,
bon, j'avais déjà lancé Malewarebyte quand j'ai reçu votre message (ça a tourné à peu près 1h40 minutes ....); il m'a bien trouvé 4 fichiers infectés, que j'ai éliminés.
Mais il m'a demandé de redémarrer; ce que j'ai fait après avoir éliminé les 4 fichiers. Après redémarrage (en mode normal), je suis allé cherché le rapport; mais pas de rapport sur ça.
Par contre les 4 fichiers étaient sous quarantine; et le je les ai éliminés. Tout a l'air de fonctionner normalement mainteant, mais je ne peux pas poster le rapport.
J'imagine que l'incident est clos (?)
Merci de votre aide
Fred
bon, j'avais déjà lancé Malewarebyte quand j'ai reçu votre message (ça a tourné à peu près 1h40 minutes ....); il m'a bien trouvé 4 fichiers infectés, que j'ai éliminés.
Mais il m'a demandé de redémarrer; ce que j'ai fait après avoir éliminé les 4 fichiers. Après redémarrage (en mode normal), je suis allé cherché le rapport; mais pas de rapport sur ça.
Par contre les 4 fichiers étaient sous quarantine; et le je les ai éliminés. Tout a l'air de fonctionner normalement mainteant, mais je ne peux pas poster le rapport.
J'imagine que l'incident est clos (?)
Merci de votre aide
Fred
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
4 oct. 2012 à 18:30
4 oct. 2012 à 18:30
Bonsoir
Pour vérification:
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ou ici : https://forospyware.com
>Renomme le pour l'enregistrer sur ton bureau en asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista « exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
- Installe le console de récupération comme demandé ;utile en cas de plantage
- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordinateur (plantage complet)
::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes
@+
Pour vérification:
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Ou ici : https://forospyware.com
>Renomme le pour l'enregistrer sur ton bureau en asdehi (tout simplement pour que l'infection ne le contre pas)
-> Double clique combofix.exe.(ou clic droit sous vista « exécuter en tant que... » )
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
Avant d'utiliser ComboFix :
-> Déconnecte toi d'Internet et referme les fenêtres de tous les programmes en cours.
-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.
Une fois fait, sur ton bureau double-clic sur Combofix.exe ; (ou clic droit sous vista « exécuter en tant que... »)
- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
- Installe le console de récupération comme demandé ;utile en cas de plantage
- Attention Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programme. Risque de figer l'ordinateur
- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.
- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)
-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.
-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
/!\ Ne touche à rien tant que le scan n'est pas terminé. /!\ : risque de figer l'ordinateur (plantage complet)
::Si combofix détecte quelque chose et de demande a redémarrer tu acceptes
@+
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
5 oct. 2012 à 08:28
5 oct. 2012 à 08:28
Bonjour Guillaume,
ci-dessous le rapport Combofix - dans l'attente de tes commentaires et conseils avisés :-)
Fred
ComboFix 12-10-04.02 - Fred 05/10/2012 2:02.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.33.1033.18.3949.2423 [GMT 2:00]
Lancé depuis: c:\users\Fred\Desktop\asdehi.exe
AV: Trend Micro Titanium Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\IMinent Toolbar\tbHElper.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-09-05 au 2012-10-05 ))))))))))))))))))))))))))))))))))))
.
.
2012-10-05 00:50 . 2012-10-05 00:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-05 00:50 . 2012-10-05 00:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-26 04:08 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\users\Fred\AppData\Local\IsolatedStorage
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\programdata\Articque
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\users\Fred\AppData\Local\Articque_Software
2012-09-22 20:45 . 2012-09-22 20:45 -------- d-----w- c:\program files (x86)\Articque Software
2012-09-22 20:42 . 2012-09-22 20:42 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-09-22 20:42 . 2012-09-22 20:42 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-09-22 20:41 . 2012-09-22 20:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-09-22 20:37 . 2012-09-22 20:37 -------- d-----w- c:\programdata\Articque Software
2012-09-22 01:01 . 2012-08-24 10:10 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-09-22 01:01 . 2012-08-24 10:09 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-22 01:01 . 2012-08-24 06:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-09-21 10:34 . 2012-09-21 10:35 -------- d-----w- C:\tempocapt255
2012-09-12 17:12 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 17:12 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 17:12 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 17:12 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 17:12 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 17:12 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 17:12 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 08:17 . 2012-09-12 09:21 -------- d-----w- C:\tempocapt330
2012-09-10 20:34 . 2012-09-10 20:34 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-09 17:59 . 2012-09-09 18:15 -------- d-----w- C:\tempocapt669
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 21:02 . 2012-04-02 21:41 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 21:02 . 2011-07-27 14:45 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-20 21:02 . 2012-04-14 09:51 10213296 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-13 01:02 . 2012-04-03 13:51 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-18 18:15 . 2012-08-17 09:37 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-12 98304]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2010-10-27 328992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logiciel d'impression Marketsplash.lnk - c:\program files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe [2010-10-11 93752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-10 114144]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-12 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-11 203264]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2011-06-04 296808]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-11 7765504]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-11 279040]
S3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 21:02]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000Core.job
- c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-07 22:39]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000UA.job
- c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-07 22:39]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000Core.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-25 13:55]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000UA.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-25 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SweetIM - c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
Wow6432Node-HKLM-Run-Sweetpacks Communicator - c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-10-05 03:15:27
ComboFix-quarantined-files.txt 2012-10-05 01:15
ComboFix2.txt 2012-08-02 10:33
.
Avant-CF: 187 823 505 408 bytes free
Après-CF: 187 493 580 800 bytes free
.
- - End Of File - - 8A48FCD4E7C01DDA148533A944996FD8
ci-dessous le rapport Combofix - dans l'attente de tes commentaires et conseils avisés :-)
Fred
ComboFix 12-10-04.02 - Fred 05/10/2012 2:02.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.33.1033.18.3949.2423 [GMT 2:00]
Lancé depuis: c:\users\Fred\Desktop\asdehi.exe
AV: Trend Micro Titanium Internet Security *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Titanium Internet Security *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\IMinent Toolbar\tbHElper.dll
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2012-09-05 au 2012-10-05 ))))))))))))))))))))))))))))))))))))
.
.
2012-10-05 00:50 . 2012-10-05 00:50 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-10-05 00:50 . 2012-10-05 00:50 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-09-26 04:08 . 2012-08-21 21:01 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\users\Fred\AppData\Local\IsolatedStorage
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\programdata\Articque
2012-09-22 21:15 . 2012-09-22 21:15 -------- d-----w- c:\users\Fred\AppData\Local\Articque_Software
2012-09-22 20:45 . 2012-09-22 20:45 -------- d-----w- c:\program files (x86)\Articque Software
2012-09-22 20:42 . 2012-09-22 20:42 -------- d-----w- c:\program files\Microsoft Synchronization Services
2012-09-22 20:42 . 2012-09-22 20:42 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2012-09-22 20:41 . 2012-09-22 20:41 -------- d-----w- c:\program files (x86)\Microsoft Synchronization Services
2012-09-22 20:37 . 2012-09-22 20:37 -------- d-----w- c:\programdata\Articque Software
2012-09-22 01:01 . 2012-08-24 10:10 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-09-22 01:01 . 2012-08-24 10:09 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-22 01:01 . 2012-08-24 06:43 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-09-21 10:34 . 2012-09-21 10:35 -------- d-----w- C:\tempocapt255
2012-09-12 17:12 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-12 17:12 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-12 17:12 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-12 17:12 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-12 17:12 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-12 17:12 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2012-09-12 17:12 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-12 08:17 . 2012-09-12 09:21 -------- d-----w- C:\tempocapt330
2012-09-10 20:34 . 2012-09-10 20:34 73696 ----a-w- c:\program files (x86)\Mozilla Firefox\breakpadinjector.dll
2012-09-09 17:59 . 2012-09-09 18:15 -------- d-----w- C:\tempocapt669
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-20 21:02 . 2012-04-02 21:41 696240 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-20 21:02 . 2011-07-27 14:45 73136 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-09-20 21:02 . 2012-04-14 09:51 10213296 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-09-13 01:02 . 2012-04-03 13:51 64462936 ----a-w- c:\windows\system32\MRT.exe
2012-07-18 18:15 . 2012-08-17 09:37 3148800 ----a-w- c:\windows\system32\win32k.sys
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 00:08 143360 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"="c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-11 138096]
"ISUSPM"="c:\programdata\FLEXnet\Connect\11\ISUSPM.exe" [2009-05-06 222496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-12 98304]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-05-03 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-07-02 1597440]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-09-01 90448]
"DNS7reminder"="c:\program files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe" [2010-10-27 328992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Logiciel d'impression Marketsplash.lnk - c:\program files (x86)\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe [2010-10-11 93752]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 250288]
R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 135664]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-10 114144]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-07-12 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-11-30 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-11 203264]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 DragonSvc;Dragon Service;c:\program files (x86)\Common Files\Nuance\dgnsvc.exe [2011-06-04 296808]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2010-08-11 7765504]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-08-11 279040]
S3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-07-15 116240]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2010-04-13 135560]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2009-08-18 143472]
S3 JME;JMicron Ethernet Adapter NDIS6.20 Driver (Amd64 Bits);c:\windows\system32\DRIVERS\JME.sys [2010-02-25 115312]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
.
.
Contenu du dossier 'Tâches planifiées'
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 21:02]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000Core.job
- c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-07 22:39]
.
2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000UA.job
- c:\users\Fred\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-07 22:39]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 15:50]
.
2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000Core.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-25 13:55]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2582043935-1700340189-193867673-1000UA.job
- c:\users\Fred\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-25 13:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@="{A8D448F4-0431-45AC-9F5E-E1B434AB2249}"
[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-01 23:52 159744 ----a-w- c:\program files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"ETDWare"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [BU]
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\
FF - prefs.js: browser.search.selectedEngine -
.
- - - - ORPHELINS SUPPRIMES - - - -
.
URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-SweetIM - c:\program files (x86)\SweetIM\Messenger\SweetIM.exe
Wow6432Node-HKLM-Run-Sweetpacks Communicator - c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
Wow6432Node-HKLM-Run-Iminent - c:\program files (x86)\Iminent\Iminent.exe
Wow6432Node-HKLM-Run-IminentMessenger - c:\program files (x86)\Iminent\Iminent.Messengers.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2012-10-05 03:15:27
ComboFix-quarantined-files.txt 2012-10-05 01:15
ComboFix2.txt 2012-08-02 10:33
.
Avant-CF: 187 823 505 408 bytes free
Après-CF: 187 493 580 800 bytes free
.
- - End Of File - - 8A48FCD4E7C01DDA148533A944996FD8
Utilisateur anonyme
5 oct. 2012 à 15:03
5 oct. 2012 à 15:03
Bonjour
1) Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2) SX Check&Update est un outil développé par Igor51.
De nombreuses infections se propagent via des failles logiciels tels que FlashPlayer, Adobe Reader et Java. Il est donc indispensable de les maintenir à jour.
* SX Check&Update permet très facilement de mettre à jour ces programmes grâce à son interface simplifiée.
* SX Check&Update est compatible: Windows XP (32 / 64 bit), Vista (32 / 64 bit), 2008, Windows 7 (32 / 64 bit)
Télécharger SX Check&Update (de igor 51) sur le Bureau.
Utilisateur d'AVAST : Il vous faut désactiver les agents de protections le temps de l'exécution.
Désactiver l'Agent WEB pour que l'outil puisse correctement fonctionner.
* Lancer l'outil.
Il est indispensable que l'ordinateur soit connecté à Internet afin que SX Check&Update puisse vérifier les versions des logiciels à risque.
* Au menu principal, choisir l'option Rapport.
Poste moi ce rapport ;merci
@+
1) Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.
Lance le, clique sur [Suppression] puis patiente le temps du scan.
Une fois le scan fini, un rapport s'ouvrira. Poste moi son contenu dans ta prochaine réponse.
Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt
Les toolbars, c'est pas obligatoire ( par Malekal ) :https://forum.malekal.com/viewtopic.php?t=6173&start=
2) SX Check&Update est un outil développé par Igor51.
De nombreuses infections se propagent via des failles logiciels tels que FlashPlayer, Adobe Reader et Java. Il est donc indispensable de les maintenir à jour.
* SX Check&Update permet très facilement de mettre à jour ces programmes grâce à son interface simplifiée.
* SX Check&Update est compatible: Windows XP (32 / 64 bit), Vista (32 / 64 bit), 2008, Windows 7 (32 / 64 bit)
Télécharger SX Check&Update (de igor 51) sur le Bureau.
Utilisateur d'AVAST : Il vous faut désactiver les agents de protections le temps de l'exécution.
Désactiver l'Agent WEB pour que l'outil puisse correctement fonctionner.
* Lancer l'outil.
Il est indispensable que l'ordinateur soit connecté à Internet afin que SX Check&Update puisse vérifier les versions des logiciels à risque.
* Au menu principal, choisir l'option Rapport.
Poste moi ce rapport ;merci
@+
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
6 oct. 2012 à 16:15
6 oct. 2012 à 16:15
Bonjour Guillaume,
ci-dessous le rapport Adware
# AdwCleaner v2.003 - Logfile created 10/06/2012 at 16:01:45
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Fred - FRED-PC
# Boot Mode : Normal
# Running from : C:\Users\Fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\356MATX1\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Giant Savings
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\IMinent toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Fred\AppData\Local\Giant Savings
Folder Deleted : C:\Users\Fred\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Fred\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Fred\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Folder Deleted : C:\Windows\Installer\{5B58EF61-85F2-4977-97A5-84C19F926579}
Folder Deleted : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8FFA7469-654F-423E-84FE-6A583CB1C284}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0.1 (fr)
Profile name : default
File : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [15108 octets] - [02/04/2012 23:14:59]
AdwCleaner[S2].txt - [31242 octets] - [06/10/2012 16:01:45]
########## EOF - C:\AdwCleaner[S2].txt - [31303 octets] ##########
Ci-dessous le rapport SX Check; à noter, il me dit que je dois Downloader Java update, mais quand je fais Update, il me dit que Java est à jour; bon je vais quand-même downloader la dernière version
SX Check&Update
Lien vers le tutoriel : https://forum.security-x.fr/tutoriels-317/tutoriel-sx-checkupdate/
---
Windows Version : Windows 7 64bits
Service Pack : 1
UserName : Fred
06/10/2012
16:11:32
version = v0.2.5
---
Windows Update Information :
AUOptions : 4
Automatically, no notification
---
Nom : Trend Micro Titanium Internet Security
Version : 3.0
Nom : Trend Micro Titanium Internet Security
Version : 3.00
---
Name : FlashPlayer ActiveX
Version : 11.4.402.278
Flash Player ActiveX est à jour
Name : FlashPlayer Plugin FF
Version : 11.4.402.278
Flash Player Plugin FF est à jour
Name : FlashPlayer Plugin
Version : 11.4.402.278
Flash Player Plugin est à jour
Nom : Mozilla Firefox 15.0.1 (x86 fr)
Version : 15.0.1
Nom : Mozilla Maintenance Service
Version : 15.0.1
Java Information :
Nom : Java(TM) 6 Update 31
Version : 6.0.310
Java(TM) 6 Update 31 n'est pas à jour! (6.0.350)
Nom : Internet Explorer
Version : 9.0.8112.16421
Merci de toute suggestion pour prochaines étapes
Fred
ci-dessous le rapport Adware
# AdwCleaner v2.003 - Logfile created 10/06/2012 at 16:01:45
# Updated 23/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Fred - FRED-PC
# Boot Mode : Normal
# Running from : C:\Users\Fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\356MATX1\adwcleaner.exe
# Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
File Deleted : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml
File Deleted : C:\user.js
Folder Deleted : C:\Program Files (x86)\Giant Savings
Folder Deleted : C:\Program Files (x86)\Iminent
Folder Deleted : C:\Program Files (x86)\IMinent toolbar
Folder Deleted : C:\Program Files (x86)\SweetIM
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Iminent
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\Users\Fred\AppData\Local\Giant Savings
Folder Deleted : C:\Users\Fred\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Fred\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Fred\AppData\Roaming\Iminent
Folder Deleted : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Folder Deleted : C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Folder Deleted : C:\Windows\Installer\{5B58EF61-85F2-4977-97A5-84C19F926579}
Folder Deleted : C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Giant Savings
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8FFA7469-654F-423E-84FE-6A583CB1C284}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIm
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.DownloadArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.RawDataArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.TinyUrlArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Business.Tinyfying.ViralLinkArgs
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ClientCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ContractBase
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerCommand
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.Communication.ServerResult
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightContent
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.LightUri
Key Deleted : HKLM\SOFTWARE\Classes\Iminent.Mediator.MediatorServiceProxy
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandle.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ActiveContentHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.BrowserHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.ScriptExtender.1
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler
Key Deleted : HKLM\SOFTWARE\Classes\IminentWebBooster.TinyUrlHandler.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
Key Deleted : HKLM\SOFTWARE\Classes\sim-packages
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
Key Deleted : HKLM\Software\SweetIm
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022442279}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{33333333-3333-3333-3333-330033443379}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0AF350D9-3916-454B-AC53-0B0B65F41301}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5B58EF61-85F2-4977-97A5-84C19F926579}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
***** [Internet Browsers] *****
-\\ Internet Explorer v9.0.8112.16421
Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
-\\ Mozilla Firefox v15.0.1 (fr)
Profile name : default
File : C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\l1rf5e7e.default\prefs.js
[OK] File is clean.
*************************
AdwCleaner[S1].txt - [15108 octets] - [02/04/2012 23:14:59]
AdwCleaner[S2].txt - [31242 octets] - [06/10/2012 16:01:45]
########## EOF - C:\AdwCleaner[S2].txt - [31303 octets] ##########
Ci-dessous le rapport SX Check; à noter, il me dit que je dois Downloader Java update, mais quand je fais Update, il me dit que Java est à jour; bon je vais quand-même downloader la dernière version
SX Check&Update
Lien vers le tutoriel : https://forum.security-x.fr/tutoriels-317/tutoriel-sx-checkupdate/
---
Windows Version : Windows 7 64bits
Service Pack : 1
UserName : Fred
06/10/2012
16:11:32
version = v0.2.5
---
Windows Update Information :
AUOptions : 4
Automatically, no notification
---
Nom : Trend Micro Titanium Internet Security
Version : 3.0
Nom : Trend Micro Titanium Internet Security
Version : 3.00
---
Name : FlashPlayer ActiveX
Version : 11.4.402.278
Flash Player ActiveX est à jour
Name : FlashPlayer Plugin FF
Version : 11.4.402.278
Flash Player Plugin FF est à jour
Name : FlashPlayer Plugin
Version : 11.4.402.278
Flash Player Plugin est à jour
Nom : Mozilla Firefox 15.0.1 (x86 fr)
Version : 15.0.1
Nom : Mozilla Maintenance Service
Version : 15.0.1
Java Information :
Nom : Java(TM) 6 Update 31
Version : 6.0.310
Java(TM) 6 Update 31 n'est pas à jour! (6.0.350)
Nom : Internet Explorer
Version : 9.0.8112.16421
Merci de toute suggestion pour prochaines étapes
Fred
Utilisateur anonyme
6 oct. 2012 à 17:05
6 oct. 2012 à 17:05
Re
Tu désinstalles Java 6 et tu installes Java 7
Tiens moi au courant;merci
@+
Tu désinstalles Java 6 et tu installes Java 7
Tiens moi au courant;merci
@+
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
7 oct. 2012 à 15:12
7 oct. 2012 à 15:12
Bonjour,
j'ai bien désintallé Java 6 et installé Java 7; avec toutes ces transformations, mon ordinateur n'a jamais été si rapide, c'est génial.
J'ai un problème avec Malwarebytes, mais je suis en contact avec eux pour régler.
Par ailleurs, j'ai une autre machine sur laquelle tout est de plus en plus lent ... Dois-je ouvrir la question sur le forum pour que ce sujet soit terminé, ou pouvez-vous m'aider à partir d'ici?
Merci
j'ai bien désintallé Java 6 et installé Java 7; avec toutes ces transformations, mon ordinateur n'a jamais été si rapide, c'est génial.
J'ai un problème avec Malwarebytes, mais je suis en contact avec eux pour régler.
Par ailleurs, j'ai une autre machine sur laquelle tout est de plus en plus lent ... Dois-je ouvrir la question sur le forum pour que ce sujet soit terminé, ou pouvez-vous m'aider à partir d'ici?
Merci
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
7 oct. 2012 à 15:17
7 oct. 2012 à 15:17
Re-bonjour Guillaume,
en fait, j'ai eu le message suivant de Java:
"Installer: Wrapper. CreateFile failed with error 5: Access is denied"
Je ne sais pas si c'est consécutif à l'installation de Java 7 ou après avoir fait tourner un programme appelé DDS pour comprendre mon souci Malwarebytes. Mais je pense que c'est mieux de tout partager ...
Merci
en fait, j'ai eu le message suivant de Java:
"Installer: Wrapper. CreateFile failed with error 5: Access is denied"
Je ne sais pas si c'est consécutif à l'installation de Java 7 ou après avoir fait tourner un programme appelé DDS pour comprendre mon souci Malwarebytes. Mais je pense que c'est mieux de tout partager ...
Merci
Utilisateur anonyme
7 oct. 2012 à 15:51
7 oct. 2012 à 15:51
Re
Je ne sais pas.
Mais tu fais des manipulations tout seul de ton côté ;tu en gères les conséquences.
Ouvre un autre sujet pour l'autre machine.
@+
Je ne sais pas.
Mais tu fais des manipulations tout seul de ton côté ;tu en gères les conséquences.
Ouvre un autre sujet pour l'autre machine.
@+
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
7 oct. 2012 à 16:17
7 oct. 2012 à 16:17
Merci de votre retour.
Juste pour info, je ne fais pas de manipulations tout seul de mon côté - j'applique ce que m'a demandé la personne en support de Malwarebyte puisque j'ai acheté le produit chez eux.
En tout cas, merci beaucoup de votre aide sur le problème initial et le nettoyage, cela a été très efficace. Est-ce vous ou moi qui doit marquer la discussion comme résolue?
Merci
Fred
Juste pour info, je ne fais pas de manipulations tout seul de mon côté - j'applique ce que m'a demandé la personne en support de Malwarebyte puisque j'ai acheté le produit chez eux.
En tout cas, merci beaucoup de votre aide sur le problème initial et le nettoyage, cela a été très efficace. Est-ce vous ou moi qui doit marquer la discussion comme résolue?
Merci
Fred
Utilisateur anonyme
7 oct. 2012 à 16:26
7 oct. 2012 à 16:26
Re
Avant cela :
1) SX Check&Update est un outil développé par Igor51.
De nombreuses infections se propagent via des failles logiciels tels que FlashPlayer, Adobe Reader et Java. Il est donc indispensable de les maintenir à jour.
* SX Check&Update permet très facilement de mettre à jour ces programmes grâce à son interface simplifiée.
* SX Check&Update est compatible: Windows XP (32 / 64 bit), Vista (32 / 64 bit), 2008, Windows 7 (32 / 64 bit)
Télécharger SX Check&Update (de igor 51) sur le Bureau.
Utilisateur d'AVAST : Il vous faut désactiver les agents de protections le temps de l'exécution.
Désactiver l'Agent WEB pour que l'outil puisse correctement fonctionner.
* Lancer l'outil.
Il est indispensable que l'ordinateur soit connecté à Internet afin que SX Check&Update puisse vérifier les versions des logiciels à risque.
* Au menu principal, choisir l'option Rapport.
Poste moi ce rapport ;merci
@+
Avant cela :
1) SX Check&Update est un outil développé par Igor51.
De nombreuses infections se propagent via des failles logiciels tels que FlashPlayer, Adobe Reader et Java. Il est donc indispensable de les maintenir à jour.
* SX Check&Update permet très facilement de mettre à jour ces programmes grâce à son interface simplifiée.
* SX Check&Update est compatible: Windows XP (32 / 64 bit), Vista (32 / 64 bit), 2008, Windows 7 (32 / 64 bit)
Télécharger SX Check&Update (de igor 51) sur le Bureau.
Utilisateur d'AVAST : Il vous faut désactiver les agents de protections le temps de l'exécution.
Désactiver l'Agent WEB pour que l'outil puisse correctement fonctionner.
* Lancer l'outil.
Il est indispensable que l'ordinateur soit connecté à Internet afin que SX Check&Update puisse vérifier les versions des logiciels à risque.
* Au menu principal, choisir l'option Rapport.
Poste moi ce rapport ;merci
@+
FreddieP
Messages postés
13
Date d'inscription
mercredi 3 octobre 2012
Statut
Membre
Dernière intervention
27 juin 2013
7 oct. 2012 à 16:59
7 oct. 2012 à 16:59
Ci-dessous le rapport; merci
SX Check&Update
Lien vers le tutoriel : https://forum.security-x.fr/tutoriels-317/tutoriel-sx-checkupdate/
---
Windows Version : Windows 7 64bits
Service Pack : 1
UserName : Fred
07/10/2012
16:58:50
version = v0.2.5
---
Windows Update Information :
AUOptions : 4
Automatically, no notification
---
Nom : Trend Micro Titanium Internet Security
Version : 3.0
Nom : Trend Micro Titanium Internet Security
Version : 3.00
---
Name : FlashPlayer ActiveX
Version : 11.4.402.278
Flash Player ActiveX est à jour
Name : FlashPlayer Plugin FF
Version : 11.4.402.278
Flash Player Plugin FF est à jour
Name : FlashPlayer Plugin
Version : 11.4.402.278
Flash Player Plugin est à jour
Nom : Mozilla Firefox 15.0.1 (x86 fr)
Version : 15.0.1
Nom : Mozilla Maintenance Service
Version : 15.0.1
Java Information :
Nom : Java 7 Update 7
Version : 7.0.70
Java 7 Update 7 est à jour
Nom : Internet Explorer
Version : 9.0.8112.16421
SX Check&Update
Lien vers le tutoriel : https://forum.security-x.fr/tutoriels-317/tutoriel-sx-checkupdate/
---
Windows Version : Windows 7 64bits
Service Pack : 1
UserName : Fred
07/10/2012
16:58:50
version = v0.2.5
---
Windows Update Information :
AUOptions : 4
Automatically, no notification
---
Nom : Trend Micro Titanium Internet Security
Version : 3.0
Nom : Trend Micro Titanium Internet Security
Version : 3.00
---
Name : FlashPlayer ActiveX
Version : 11.4.402.278
Flash Player ActiveX est à jour
Name : FlashPlayer Plugin FF
Version : 11.4.402.278
Flash Player Plugin FF est à jour
Name : FlashPlayer Plugin
Version : 11.4.402.278
Flash Player Plugin est à jour
Nom : Mozilla Firefox 15.0.1 (x86 fr)
Version : 15.0.1
Nom : Mozilla Maintenance Service
Version : 15.0.1
Java Information :
Nom : Java 7 Update 7
Version : 7.0.70
Java 7 Update 7 est à jour
Nom : Internet Explorer
Version : 9.0.8112.16421
Utilisateur anonyme
7 oct. 2012 à 17:34
7 oct. 2012 à 17:34
Re
On poursuit
1) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]
2) Ccleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques ou clic droit sous Vista ou Seven sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm
3)Purge la restauration sur Seven
Comment faire :
http://www.forum-seven.com/forum/
Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections
@+
On poursuit
1) Télécharge DelFix de Xplode
* Lance le.
* A l'invite, [Suppression]
* Un rapport va s'ouvrir à la fin, colle le dans la réponse
Ensuite pour le désinstaller ; tu relances et tu passes à l'option [Désinstallation]
2) Ccleaner :
https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/
.enregistres le sur le bureau
.double-cliques sur le fichier pour lancer l'installation
.sur la fenêtre de l'installation langage bien choisir français et OK
.cliques sur <gras>suivant
.lis la licence et j'accepte
.cliques sur suivant
.la tu ne gardes de coché que mettre un raccourci sur le bureau et puis contrôler automatiquement les mises à jour de Ccleaner
.cliques sur installer
.cliques sur fermer
.double-cliques ou clic droit sous Vista ou Seven sur l'icône de Ccleaner pour l'ouvrir
.une fois ouvert tu cliques sur option et puis avancé
.tu décoches effacer uniquement les fichiers, du dossier temp de windows plus vieux que 24 heures
.cliques sur nettoyeur
.cliques sur windows et dans la colonne avancé
. coches la première case vieilles données du perfetch ce qui te donnes la case vielles données du perfetch
.cliques sur analyse une fois l'analyse terminé
.cliques sur lancer le nettoyage et sur la demande de confirmation OK il vas falloir que tu le refasses une autre fois une fois fini vérifies en appuyant de nouveau sur analyse pour être sur qu'il n'y est plus rien
.clique maintenant sur registre et puis sur rechercher les erreurs
.laisse tout coché et clique sur réparer les erreurs sélectionnées
.il te demande de sauvegarder OUI
.tu lui donnes un nom pour pouvoir la retrouver et enregistre
.clique sur corriger toutes les erreurs sélectionnées et sur la demande de confirmation OK
.il supprime et une fois fermé tu vérifies en relançant rechercher les erreurs
.tu retournes dans option et tu recoches la case effacer uniquement les fichiers, du dossier temp de windows plus vieux que 48 heures et sur nettoyeur, windows sous avancé tu décoches la première case vieilles données du perfetch
.tu peux fermer Ccleaner.
Tuto : https://jesses.pagesperso-orange.fr/Docs/Logiciels/CCleaner.htm
3)Purge la restauration sur Seven
Comment faire :
http://www.forum-seven.com/forum/
Cela supprime toutes traces des diverses infections ;et permettra une éventuelle restauration sans infections
@+