50 Fenêtres Internet Explorer

en téchargeant zhpdiag , tu as récupérer 3 nouveaux icones sur ton bureau

1) zhpdiag ==> en forme de parchemin
2) zhpfix ==> en forme de seringue
3) mbrcheck

========> lances zhpdiag , comme indiqué plus haut

Euh, non enfaite.

https://pjjoint.malekal.com/files.php?id=aaf857eeff13510

quel jeu ?

on verra en fonction du rapport malwarebytes

Pour l'instant, deux fichier infectés.

Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Version de la base de données: 6639

Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180

22/05/2011 13:57:28
mbam-log-2011-05-22 (13-57-28).txt

Type d'examen: Examen complet (C:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Elément(s) analysé(s): 257419
Temps écoulé: 2 heure(s), 2 minute(s), 36 seconde(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 49

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (Adware.DoubleD) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} (Adware.ClickPotato) -> Value: {B58926D6-CFB0-45d2-9C28-4B5A0F0368AE} -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2} (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
c:\documents and settings\nath\local settings\Temp\nsd138.tmp\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsd138.tmp\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsi153.tmp\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsi153.tmp\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsl13F.tmp\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsl13F.tmp\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsy14E.tmp\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\local settings\Temp\nsy14E.tmp\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\documents and settings\nath\mes documents\downloads\xvidsetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\Bureau\relou\VLCSetup.exe (Adware.Hotbar) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\Bureau\relou\gameztar_installer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\tdf.dat (Adware.BHO) -> Quarantined and deleted successfully.
c:\program files\fileserve toolbar\ffmpeg.exe (Adware.Mp3Tube) -> Quarantined and deleted successfully.
c:\program files\fileserve toolbar\ShowMsg.exe (PUP.Zwangi) -> Not selected for removal.
c:\RECYCLER\s-1-5-21-1482476501-920026266-682003330-1004\Dc22\uninstall.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-1482476501-920026266-682003330-1004\Dc22\questbrwsearch_deleted_\questbrwsearch.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-1482476501-920026266-682003330-1004\Dc23\quarantine\C\documents and settings\VINC\application data\EoRezo\softwareupdate\softwareupdate.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-1482476501-920026266-682003330-1004\Dc23\quarantine\C\documents and settings\VINC\application data\EoRezo\softwareupdate\softwareupdatehp.exe.vir (Rogue.Eorezo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112430.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112417.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112418.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112423.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112424.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112425.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112426.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112431.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112432.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112433.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP436\A0112437.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115391.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115392.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115393.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115395.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115396.exe (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115397.dll (Adware.ClickPotato) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115706.exe (Adware.QuestBrowse) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115707.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115708.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115713.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115714.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115715.dll (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\system volume information\_restore{b2ee6c28-e6fd-485f-9864-e6127c3f0c91}\RP449\A0115716.exe (Adware.ShopperReports) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\currentversion.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\documents and settings\VINC\local settings\temporary internet files\{d45817b8-3ead-4d1d-8fca-ec63a8e35de2}\Data\productinfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.