ALELUJA.exe

le rapport:


-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU E2180 @ 2.00GHz )
BIOS : BIOS Date: 04/21/08 11:00:40 Ver: 5.23
USER : Mme SALL (Principal) ( Administrator )
BOOT : Normal boot
Antivirus : Microsoft Security Essentials 2.0.6212.0 (Activated)
C:\ (Local Disk) - NTFS - Total:222 Go (Free:88 Go)
D:\ (Local Disk) - NTFS - Total:10 Go (Free:6 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 16/10/2009|13:06 )

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ Extensions

(Mme SALL (Principal)) - {19503e42-ca3c-4c27-b1e2-9cdb2170ee34} => flashgot
(Mme SALL (Principal)) - {20a82645-c095-46ed-80e3-08825760534b} => chrome_user
(Mme SALL (Principal)) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(Mme SALL (Principal)) - {463F6CA5-EE3C-4be1-B7E6-7FEE11953374} => foxytunes
(Mme SALL (Principal)) - {71328583-3CA7-4809-B4BA-570A85818FBB} => cacheviewer
(Mme SALL (Principal)) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(Mme SALL (Principal)) - {E9A1DEE0-C623-4439-8932-001E7D17607D} => ajtoolbar


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="about:blank"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.msn.com/fr-fr/"
"Search Bar"="https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\MMESAL~1\Mes documents\Games\GTA San Andreas\GTA San Andreas Crack
C:\DOCUME~1\MMESAL~1\Mes documents\Games\GTA San Andreas\GTA San Andreas Crack\gta_sa.exe
C:\DOCUME~1\MMESAL~1\Mes documents\Games\Need For Speed\Crack
C:\DOCUME~1\MMESAL~1\Mes documents\Games\Need For Speed\Crack\Serial.txt
C:\DOCUME~1\MMESAL~1\Mes documents\Games\Need For Speed\Crack\speed2.exe
C:\DOCUME~1\MMESAL~1\Mes documents\SETUP\Adobe CS3 (E)\Bonus\Adobe CS3 Master Collection - Keygen Black Squadron.exe



1 - "C:\ToolBar SD\TB_1.txt" - 13/10/2009|22:46 - Option : [2]
2 - "C:\ToolBar SD\TB_2.txt" - 16/10/2009|13:08 - Option : [2]

-----------\\ Fin du rapport a 13:08:14,90

JavaRa 1.15 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Fri Oct 16 18:50:42 2009

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Documents and Settings\Mme SALL (Principal)\Application Data\Sun\Java\jre1.6.0_02

Found and removed: C:\Documents and Settings\Mme SALL (Principal)\Application Data\Sun\Java\jre1.6.0_13

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

------------------------------------

Finished reporting.

ZHPFix v1.12.17 by Nicolas Coolman - Rapport de suppression du 16/10/2009 20:59:24
Fichier d'export Registre :
Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html


Processus mémoire :
(Néant)

Module mémoire :
(Néant)

Clé du Registre :
(Néant)

Valeur du Registre :
(Néant)

Elément de données du Registre :
(Néant)

Dossier :
(Néant)

Fichier :
(Néant)

Logiciel :
O42 - Logiciel: Ask Toolbar => Logiciel non supprimé
O42 - Logiciel: Favorit => Logiciel absent

Script Registre :
(Néant)

Autre :
(Néant)


Récapitulatif :
Processus mémoire : 0
Module mémoire : 0
Clé du Registre : 0
Valeur du Registre : 0
Elément de données du Registre : 0
Dossier : 0
Fichier : 0
Logiciel : 2
Autre : 0


End of the scan

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 10/19/2009 at 10:52 AM

Application Version : 4.29.1004

Core Rules Database Version : 4173
Trace Rules Database Version: 2093

Scan type : Custom Scan
Total Scan Time : 01:27:40

Memory items scanned : 547
Memory threats detected : 0
Registry items scanned : 6615
Registry threats detected : 2
File items scanned : 31944
File threats detected : 12

Adware.MyWebSearch
HKU\S-1-5-21-1242388020-1636778617-1186456173-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Adware.Tracking Cookie
C:\Documents and Settings\Mme SALL (Principal)\Cookies\mme_sall_(principal)@toplist[2].txt
C:\Documents and Settings\Mme SALL (Principal)\Cookies\mme_sall_(principal)@d2.advertserve[1].txt
C:\Documents and Settings\Mme SALL (Principal)\Cookies\mme_sall_(principal)@adserving.favorit-network[2].txt
C:\Documents and Settings\Mme SALL (Principal)\Cookies\mme_sall_(principal)@atdmt[2].txt
C:\Lop SD\Backup-Lop\DOCUME~1\MMESAL~1\Cookies\mme_sall_(principal)@d2.advertserve[1].txt

Trojan.DNSChanger-Codec
HKU\S-1-5-21-1242388020-1636778617-1186456173-1005\Software\fcn

Adware.Vundo/Variant-MSFake
C:\DOCUMENTS AND SETTINGS\MME SALL (PRINCIPAL)\APPLICATION DATA\MICROSOFT\LIVE SEARCH\SUPPRESSION-LIVE-SEARCH.EXE
C:\PROGRAM FILES\NAVILOG1\REG.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{FEEA537F-4E78-4814-A60F-A7A8BE8C9F38}\RP6\A0008772.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{FEEA537F-4E78-4814-A60F-A7A8BE8C9F38}\RP7\A0011972.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{FEEA537F-4E78-4814-A60F-A7A8BE8C9F38}\RP9\A0013315.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{FEEA537F-4E78-4814-A60F-A7A8BE8C9F38}\RP9\A0013361.EXE

Rootkit.Agent/Gen-DNSHack
C:\DOCUMENTS AND SETTINGS\MME SALL (PRINCIPAL)\MES DOCUMENTS\SETUP\WINDOWS XP SWEET (D)\WPI\INSTALL\FLASHFXP\FLASH_FXP_SCRIPT.EXE

RE,
il ne peut pas désinstaller ces programmes; le message qui s'affiche est:
le chemin d'accès spécifié est introuvable.

Bonjour Nicolas,
peux-tu donner un lien pour le télécharger?