Publicité
Publicité
Format du document : text/plain
Prévisualisation
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 15/04/2016
Heure de l'analyse: 11:54
Fichier journal: journal examen anti malware.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.04.15.02
Base de données de rootkits: v2016.04.09.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Christian
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 380311
Temps écoulé: 41 min, 47 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 1
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\ThroatedUncrowned\AntihistaminicDrops.dll, Supprimer au redémarrage, [2fefc6e9d0c9f145c2a848b8877b3ac6],
Clés du Registre: 19
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [021cf8b7514853e3c8389df38e76dc24],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [fe20a40b4a4fdd598ab0852141c3e020],
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E1A93D8-8FC2-4D12-A532-53C9FDD4E878}, Supprimer au redémarrage, [8c92852a524776c0090c66381de7f60a],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{71B15D1B-0376-43F9-A8E8-10065B979CFC}, Supprimer au redémarrage, [021c5857debb2016b08b8a1c7292f50b],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSWALTERS, Supprimer au redémarrage, [928c3a757e1b0630122a1096010358a8],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, En quarantaine, [25f9f3bccecb063048f65b4bf60e8f71],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [9a840ea1326793a392a8d3d312f29c64],
PUP.Optional.WinZipMalwareProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WinZipMalwareProtector_RASAPI32, En quarantaine, [72ac3c737722e254e80b2270966e659b],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5746D7D6}, En quarantaine, [56c8456a21787eb869d4b7ef9d67a957],
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [a37bd6d91089bb7bf163a7fbd0340000],
PUP.Optional.WinZipMalwareProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WinZip Malware Protector, En quarantaine, [8f8f8728c5d4c472c23497fb3cc809f7],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [a678dcd34158bc7a51b01447f50f5fa1],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, En quarantaine, [39e56946c7d23105e71b94c78f75ac54],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [b16d4f6060392d09a758b4db38ccf60a],
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [fc226c4399003204ac340a84996bd729],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\eshopcomp.com, En quarantaine, [3ce2d1deb4e56bcbdd1d277b80845ca4],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\pstatic.eshopcomp.com, En quarantaine, [0f0f139cddbc979fe01b4a5827ddcb35],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\eshopcomp.com, En quarantaine, [77a7b7f87b1e0a2c1fddd3cf986cd12f],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\pstatic.eshopcomp.com, En quarantaine, [30ee743b742531055aa3a8fa36ceb64a],
Valeurs du Registre: 15
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[021cf8b7514853e3c8389df38e76dc24]D4%26b[021cf8b7514853e3c8389df38e76dc24]DIE%26cc[021cf8b7514853e3c8389df38e76dc24]Dfr%26pa[021cf8b7514853e3c8389df38e76dc24]DWincy%26cd[021cf8b7514853e3c8389df38e76dc24]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[021cf8b7514853e3c8389df38e76dc24]D1418353332%26a[021cf8b7514853e3c8389df38e76dc24]Dwbf_dwndlm_16_15%26os_ver[021cf8b7514853e3c8389df38e76dc24]D10.0%26os[021cf8b7514853e3c8389df38e76dc24]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[8797a6098217d4626a963b554db7d32d]D4%26b[8797a6098217d4626a963b554db7d32d]DIE%26cc[8797a6098217d4626a963b554db7d32d]Dfr%26pa[8797a6098217d4626a963b554db7d32d]DWincy%26cd[8797a6098217d4626a963b554db7d32d]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[8797a6098217d4626a963b554db7d32d]D1418353332%26a[8797a6098217d4626a963b554db7d32d]Dwbf_dwndlm_16_15%26os_ver[8797a6098217d4626a963b554db7d32d]D10.0%26os[8797a6098217d4626a963b554db7d32d]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E1A93D8-8FC2-4D12-A532-53C9FDD4E878}|Path, \ChristianThroatedUncrownedV2, Supprimer au redémarrage, [8c92852a524776c0090c66381de7f60a]
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{71B15D1B-0376-43F9-A8E8-10065B979CFC}|Path, \DNSWALTERS, Supprimer au redémarrage, [021c5857debb2016b08b8a1c7292f50b]
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5746d7d6}|1, 1458245016, En quarantaine, [56c8456a21787eb869d4b7ef9d67a957]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{420725dc-aff1-406c-8076-7d5a9436d99e}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [75a9fcb33a5f73c3f531edb93bc9639d]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{73db09fb-afb1-4d8f-93c2-611083d4e8c3}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [71ad2a859603e94d66bf594d3ec67f81]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{88ab0a12-3ec3-4958-b1c6-7c879fa451db}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [0d11a40b3861fd39ea3c713552b29769]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{954d2cac-4835-42e1-a802-3d0995653563}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [d648fcb3188186b082a4b4f2b05460a0]
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg06¶m1=1¶m2=f[a678dcd34158bc7a51b01447f50f5fa1]D4%26b[a678dcd34158bc7a51b01447f50f5fa1]DIE%26cc[a678dcd34158bc7a51b01447f50f5fa1]Dfr%26pa[a678dcd34158bc7a51b01447f50f5fa1]DWincy%26cd[a678dcd34158bc7a51b01447f50f5fa1]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEyCtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAyDzztByB0D0DyDtGyDtBtBtCtG0EyC0AtCtGyEzztAtCtGtBtDzytDyE0EyE0C0Azz0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[a678dcd34158bc7a51b01447f50f5fa1]D1442312069%26a[a678dcd34158bc7a51b01447f50f5fa1]Dwncy_popjar_15_53_ssg06%26os_ver[a678dcd34158bc7a51b01447f50f5fa1]D10.0%26os[a678dcd34158bc7a51b01447f50f5fa1]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg06¶m1=1¶m2=f[8f8f604ff6a3db5b9a676bf0f70d7789]D4%26b[8f8f604ff6a3db5b9a676bf0f70d7789]DIE%26cc[8f8f604ff6a3db5b9a676bf0f70d7789]Dfr%26pa[8f8f604ff6a3db5b9a676bf0f70d7789]DWincy%26cd[8f8f604ff6a3db5b9a676bf0f70d7789]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEyCtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAyDzztByB0D0DyDtGyDtBtBtCtG0EyC0AtCtGyEzztAtCtGtBtDzytDyE0EyE0C0Azz0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[8f8f604ff6a3db5b9a676bf0f70d7789]D1442312069%26a[8f8f604ff6a3db5b9a676bf0f70d7789]Dwncy_popjar_15_53_ssg06%26os_ver[8f8f604ff6a3db5b9a676bf0f70d7789]D10.0%26os[8f8f604ff6a3db5b9a676bf0f70d7789]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_adsrch_16_04¶m1=1¶m2=f[39e56946c7d23105e71b94c78f75ac54]D4%26b[39e56946c7d23105e71b94c78f75ac54]DIE%26cc[39e56946c7d23105e71b94c78f75ac54]Dfr%26pa[39e56946c7d23105e71b94c78f75ac54]DWinYahoo%26cd[39e56946c7d23105e71b94c78f75ac54]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StAyBzzzzyE0DyDtBtGtD0BtAzztG0EyEzzyDtGtDzztDtBtGzztDyEtBtD0CyEyBtD0DyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[39e56946c7d23105e71b94c78f75ac54]D1722201352%26a[39e56946c7d23105e71b94c78f75ac54]Dwny_adsrch_16_04%26os_ver[39e56946c7d23105e71b94c78f75ac54]D10.0%26os[39e56946c7d23105e71b94c78f75ac54]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_adsrch_16_04¶m1=1¶m2=f[d44a02ade0b91d1937cba2b98f7529d7]D4%26b[d44a02ade0b91d1937cba2b98f7529d7]DIE%26cc[d44a02ade0b91d1937cba2b98f7529d7]Dfr%26pa[d44a02ade0b91d1937cba2b98f7529d7]DWinYahoo%26cd[d44a02ade0b91d1937cba2b98f7529d7]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StAyBzzzzyE0DyDtBtGtD0BtAzztG0EyEzzyDtGtDzztDtBtGzztDyEtBtD0CyEyBtD0DyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[d44a02ade0b91d1937cba2b98f7529d7]D1722201352%26a[d44a02ade0b91d1937cba2b98f7529d7]Dwny_adsrch_16_04%26os_ver[d44a02ade0b91d1937cba2b98f7529d7]D10.0%26os[d44a02ade0b91d1937cba2b98f7529d7]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[b16d4f6060392d09a758b4db38ccf60a]D4%26b[b16d4f6060392d09a758b4db38ccf60a]DIE%26cc[b16d4f6060392d09a758b4db38ccf60a]Dfr%26pa[b16d4f6060392d09a758b4db38ccf60a]DWincy%26cd[b16d4f6060392d09a758b4db38ccf60a]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[b16d4f6060392d09a758b4db38ccf60a]D1418353332%26a[b16d4f6060392d09a758b4db38ccf60a]Dwbf_dwndlm_16_15%26os_ver[b16d4f6060392d09a758b4db38ccf60a]D10.0%26os[b16d4f6060392d09a758b4db38ccf60a]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[4ad4a10e7326be7827d8503faa5a0bf5]D4%26b[4ad4a10e7326be7827d8503faa5a0bf5]DIE%26cc[4ad4a10e7326be7827d8503faa5a0bf5]Dfr%26pa[4ad4a10e7326be7827d8503faa5a0bf5]DWincy%26cd[4ad4a10e7326be7827d8503faa5a0bf5]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[4ad4a10e7326be7827d8503faa5a0bf5]D1418353332%26a[4ad4a10e7326be7827d8503faa5a0bf5]Dwbf_dwndlm_16_15%26os_ver[4ad4a10e7326be7827d8503faa5a0bf5]D10.0%26os[4ad4a10e7326be7827d8503faa5a0bf5]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
Données du Registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),Remplacé,[fa24545b524780b681f39e9d56af916f]
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
Dossiers: 4
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.DNSUnlocker.ACMB2, C:\Program Files (x86)\DNS Unlocker, En quarantaine, [2cf2347b49501d19d43450e055ae867a],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned, Supprimer au redémarrage, [041a5b542475b87ed5d15e078085f40c],
Fichiers: 30
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\ThroatedUncrowned\AntihistaminicDrops.dll, Supprimer au redémarrage, [2fefc6e9d0c9f145c2a848b8877b3ac6],
Adware.CloudGuard, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\dnswalters.exe, En quarantaine, [e539218ed2c760d6b8fbf9f808f9a35d],
PUP.Optional.MyPCBackup, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\OLBPre.exe, En quarantaine, [ef2fcfe0ebae88ae4c84fbf750b121df],
Adware.CloudGuard, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\DNS Unlocker.DIR\dnswalters.exe, En quarantaine, [cb531b94bfdadc5af4bf6f82bd449f61],
PUP.Optional.MyPCBackup, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\OLBPre\uninst.exe, En quarantaine, [ea34644ba0f91b1bafb6bc5c64a1aa56],
PUP.Optional.SystemHealer, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\SystemHealer\RescueMonitor.exe, En quarantaine, [cb53e9c6a9f0e6506e24d63619e9857b],
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\Temp\AntihistaminicDrops.dll, En quarantaine, [0e10f7b86237e35318528d73fb076997],
PUP.Optional.InstallCore, C:\Users\Christian\Downloads\AdwCleaner Installer.exe, En quarantaine, [4cd2416e8d0cc96d364aee7db44d45bb],
PUP.Optional.WinYahoo, C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, En quarantaine, [7ea009a63762b680edae038bdd27639d],
PUP.Optional.PriceFountain, C:\Windows\System32\Tasks\ChristianThroatedUncrownedV2, En quarantaine, [e43a337c237605316d79eaa62dd752ae],
PUP.Optional.DNSUnlocker.ACMB2, C:\Windows\System32\Tasks\DNSWALTERS, En quarantaine, [7ba38c23e3b658de053223839c688b75],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_04-14-2016.log, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Rkey.dat, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr .lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.ico, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.smenu.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.tbar.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking .lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.ico, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.smenu.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.tbar.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\TrafficksEvangels.dat, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\uninst.exe, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.Amonetize, C:\Users\Christian\AppData\Local\Temp\aff.conf, En quarantaine, [49d5ddd22e6b90a62b38a1c5a56011ef],
PUP.Optional.WinYahoo, C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\FnpoWNGL.default\prefs.js, Bon : (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (user_pref("browser.startup.homepage", "https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindowsRemplacé,[8995258a85149a9c707dc3a541c409f7]B10Remplacé,[8995258a85149a9c707dc3a541c409f7]BHome");), %5
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
www.malwarebytes.org
Date de l'analyse: 15/04/2016
Heure de l'analyse: 11:54
Fichier journal: journal examen anti malware.txt
Administrateur: Oui
Version: 2.2.1.1043
Base de données de programmes malveillants: v2016.04.15.02
Base de données de rootkits: v2016.04.09.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 10
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Christian
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 380311
Temps écoulé: 41 min, 47 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Activé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 1
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\ThroatedUncrowned\AntihistaminicDrops.dll, Supprimer au redémarrage, [2fefc6e9d0c9f145c2a848b8877b3ac6],
Clés du Registre: 19
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [021cf8b7514853e3c8389df38e76dc24],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [fe20a40b4a4fdd598ab0852141c3e020],
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E1A93D8-8FC2-4D12-A532-53C9FDD4E878}, Supprimer au redémarrage, [8c92852a524776c0090c66381de7f60a],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{71B15D1B-0376-43F9-A8E8-10065B979CFC}, Supprimer au redémarrage, [021c5857debb2016b08b8a1c7292f50b],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\DNSWALTERS, Supprimer au redémarrage, [928c3a757e1b0630122a1096010358a8],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, En quarantaine, [25f9f3bccecb063048f65b4bf60e8f71],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, En quarantaine, [9a840ea1326793a392a8d3d312f29c64],
PUP.Optional.WinZipMalwareProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\WinZipMalwareProtector_RASAPI32, En quarantaine, [72ac3c737722e254e80b2270966e659b],
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5746D7D6}, En quarantaine, [56c8456a21787eb869d4b7ef9d67a957],
PUP.Optional.WinZipRegOp, HKLM\SOFTWARE\WOW6432NODE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [a37bd6d91089bb7bf163a7fbd0340000],
PUP.Optional.WinZipMalwareProtector, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WinZip Malware Protector, En quarantaine, [8f8f8728c5d4c472c23497fb3cc809f7],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [a678dcd34158bc7a51b01447f50f5fa1],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}, En quarantaine, [39e56946c7d23105e71b94c78f75ac54],
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, En quarantaine, [b16d4f6060392d09a758b4db38ccf60a],
PUP.Optional.WinZipRegOp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\NICO MAK COMPUTING\WinZip Registry Optimizer, En quarantaine, [fc226c4399003204ac340a84996bd729],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\eshopcomp.com, En quarantaine, [3ce2d1deb4e56bcbdd1d277b80845ca4],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\pstatic.eshopcomp.com, En quarantaine, [0f0f139cddbc979fe01b4a5827ddcb35],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\eshopcomp.com, En quarantaine, [77a7b7f87b1e0a2c1fddd3cf986cd12f],
PUP.Optional.eShopComp, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\pstatic.eshopcomp.com, En quarantaine, [30ee743b742531055aa3a8fa36ceb64a],
Valeurs du Registre: 15
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[021cf8b7514853e3c8389df38e76dc24]D4%26b[021cf8b7514853e3c8389df38e76dc24]DIE%26cc[021cf8b7514853e3c8389df38e76dc24]Dfr%26pa[021cf8b7514853e3c8389df38e76dc24]DWincy%26cd[021cf8b7514853e3c8389df38e76dc24]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[021cf8b7514853e3c8389df38e76dc24]D1418353332%26a[021cf8b7514853e3c8389df38e76dc24]Dwbf_dwndlm_16_15%26os_ver[021cf8b7514853e3c8389df38e76dc24]D10.0%26os[021cf8b7514853e3c8389df38e76dc24]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[8797a6098217d4626a963b554db7d32d]D4%26b[8797a6098217d4626a963b554db7d32d]DIE%26cc[8797a6098217d4626a963b554db7d32d]Dfr%26pa[8797a6098217d4626a963b554db7d32d]DWincy%26cd[8797a6098217d4626a963b554db7d32d]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[8797a6098217d4626a963b554db7d32d]D1418353332%26a[8797a6098217d4626a963b554db7d32d]Dwbf_dwndlm_16_15%26os_ver[8797a6098217d4626a963b554db7d32d]D10.0%26os[8797a6098217d4626a963b554db7d32d]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.PriceFountain, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E1A93D8-8FC2-4D12-A532-53C9FDD4E878}|Path, \ChristianThroatedUncrownedV2, Supprimer au redémarrage, [8c92852a524776c0090c66381de7f60a]
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{71B15D1B-0376-43F9-A8E8-10065B979CFC}|Path, \DNSWALTERS, Supprimer au redémarrage, [021c5857debb2016b08b8a1c7292f50b]
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5746d7d6}|1, 1458245016, En quarantaine, [56c8456a21787eb869d4b7ef9d67a957]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{420725dc-aff1-406c-8076-7d5a9436d99e}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [75a9fcb33a5f73c3f531edb93bc9639d]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{73db09fb-afb1-4d8f-93c2-611083d4e8c3}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [71ad2a859603e94d66bf594d3ec67f81]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{88ab0a12-3ec3-4958-b1c6-7c879fa451db}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [0d11a40b3861fd39ea3c713552b29769]
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{954d2cac-4835-42e1-a802-3d0995653563}|NameServer, 82.163.143.171,82.163.142.173, En quarantaine, [d648fcb3188186b082a4b4f2b05460a0]
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg06¶m1=1¶m2=f[a678dcd34158bc7a51b01447f50f5fa1]D4%26b[a678dcd34158bc7a51b01447f50f5fa1]DIE%26cc[a678dcd34158bc7a51b01447f50f5fa1]Dfr%26pa[a678dcd34158bc7a51b01447f50f5fa1]DWincy%26cd[a678dcd34158bc7a51b01447f50f5fa1]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEyCtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAyDzztByB0D0DyDtGyDtBtBtCtG0EyC0AtCtGyEzztAtCtGtBtDzytDyE0EyE0C0Azz0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[a678dcd34158bc7a51b01447f50f5fa1]D1442312069%26a[a678dcd34158bc7a51b01447f50f5fa1]Dwncy_popjar_15_53_ssg06%26os_ver[a678dcd34158bc7a51b01447f50f5fa1]D10.0%26os[a678dcd34158bc7a51b01447f50f5fa1]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_popjar_15_53_ssg06¶m1=1¶m2=f[8f8f604ff6a3db5b9a676bf0f70d7789]D4%26b[8f8f604ff6a3db5b9a676bf0f70d7789]DIE%26cc[8f8f604ff6a3db5b9a676bf0f70d7789]Dfr%26pa[8f8f604ff6a3db5b9a676bf0f70d7789]DWincy%26cd[8f8f604ff6a3db5b9a676bf0f70d7789]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEyCtBtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StAyDzztByB0D0DyDtGyDtBtBtCtG0EyC0AtCtGyEzztAtCtGtBtDzytDyE0EyE0C0Azz0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[8f8f604ff6a3db5b9a676bf0f70d7789]D1442312069%26a[8f8f604ff6a3db5b9a676bf0f70d7789]Dwncy_popjar_15_53_ssg06%26os_ver[8f8f604ff6a3db5b9a676bf0f70d7789]D10.0%26os[8f8f604ff6a3db5b9a676bf0f70d7789]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_adsrch_16_04¶m1=1¶m2=f[39e56946c7d23105e71b94c78f75ac54]D4%26b[39e56946c7d23105e71b94c78f75ac54]DIE%26cc[39e56946c7d23105e71b94c78f75ac54]Dfr%26pa[39e56946c7d23105e71b94c78f75ac54]DWinYahoo%26cd[39e56946c7d23105e71b94c78f75ac54]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StAyBzzzzyE0DyDtBtGtD0BtAzztG0EyEzzyDtGtDzztDtBtGzztDyEtBtD0CyEyBtD0DyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[39e56946c7d23105e71b94c78f75ac54]D1722201352%26a[39e56946c7d23105e71b94c78f75ac54]Dwny_adsrch_16_04%26os_ver[39e56946c7d23105e71b94c78f75ac54]D10.0%26os[39e56946c7d23105e71b94c78f75ac54]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_adsrch_16_04¶m1=1¶m2=f[d44a02ade0b91d1937cba2b98f7529d7]D4%26b[d44a02ade0b91d1937cba2b98f7529d7]DIE%26cc[d44a02ade0b91d1937cba2b98f7529d7]Dfr%26pa[d44a02ade0b91d1937cba2b98f7529d7]DWinYahoo%26cd[d44a02ade0b91d1937cba2b98f7529d7]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyEzytCtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StAyBzzzzyE0DyDtBtGtD0BtAzztG0EyEzzyDtGtDzztDtBtGzztDyEtBtD0CyEyBtD0DyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[d44a02ade0b91d1937cba2b98f7529d7]D1722201352%26a[d44a02ade0b91d1937cba2b98f7529d7]Dwny_adsrch_16_04%26os_ver[d44a02ade0b91d1937cba2b98f7529d7]D10.0%26os[d44a02ade0b91d1937cba2b98f7529d7]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[b16d4f6060392d09a758b4db38ccf60a]D4%26b[b16d4f6060392d09a758b4db38ccf60a]DIE%26cc[b16d4f6060392d09a758b4db38ccf60a]Dfr%26pa[b16d4f6060392d09a758b4db38ccf60a]DWincy%26cd[b16d4f6060392d09a758b4db38ccf60a]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[b16d4f6060392d09a758b4db38ccf60a]D1418353332%26a[b16d4f6060392d09a758b4db38ccf60a]Dwbf_dwndlm_16_15%26os_ver[b16d4f6060392d09a758b4db38ccf60a]D10.0%26os[b16d4f6060392d09a758b4db38ccf60a]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, https://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f[4ad4a10e7326be7827d8503faa5a0bf5]D4%26b[4ad4a10e7326be7827d8503faa5a0bf5]DIE%26cc[4ad4a10e7326be7827d8503faa5a0bf5]Dfr%26pa[4ad4a10e7326be7827d8503faa5a0bf5]DWincy%26cd[4ad4a10e7326be7827d8503faa5a0bf5]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr[4ad4a10e7326be7827d8503faa5a0bf5]D1418353332%26a[4ad4a10e7326be7827d8503faa5a0bf5]Dwbf_dwndlm_16_15%26os_ver[4ad4a10e7326be7827d8503faa5a0bf5]D10.0%26os[4ad4a10e7326be7827d8503faa5a0bf5]DWindowsEn quarantaineB10En quarantaineBHome&p={searchTerms}, %4, %5
Données du Registre: 4
PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[938b406fb7e284b27cd6c17a43c23bc5]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[3be309a652470e28341e0c2f55b0f709]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),Remplacé,[fa24545b524780b681f39e9d56af916f]
PUP.Optional.WinYahoo, HKU\S-1-5-21-2213925426-3503192143-2438597147-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=fMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D1%26bMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DIE%26ccMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]Dfr%26paMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DWincy%26cdMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26crMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D1418353332%26aMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]Dwbf_dwndlm_16_15%26os_verMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]D10.0%26osMauvais : (https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),Remplacé,[99853b744950b581410fab90fb0a2dd3]DWindowsBon : (www.google.com)B10Bon : (www.google.com)BHome, %4, %5
Dossiers: 4
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.DNSUnlocker.ACMB2, C:\Program Files (x86)\DNS Unlocker, En quarantaine, [2cf2347b49501d19d43450e055ae867a],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned, Supprimer au redémarrage, [041a5b542475b87ed5d15e078085f40c],
Fichiers: 30
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\ThroatedUncrowned\AntihistaminicDrops.dll, Supprimer au redémarrage, [2fefc6e9d0c9f145c2a848b8877b3ac6],
Adware.CloudGuard, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\dnswalters.exe, En quarantaine, [e539218ed2c760d6b8fbf9f808f9a35d],
PUP.Optional.MyPCBackup, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\OLBPre.exe, En quarantaine, [ef2fcfe0ebae88ae4c84fbf750b121df],
Adware.CloudGuard, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\DNS Unlocker.DIR\dnswalters.exe, En quarantaine, [cb531b94bfdadc5af4bf6f82bd449f61],
PUP.Optional.MyPCBackup, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\OLBPre\uninst.exe, En quarantaine, [ea34644ba0f91b1bafb6bc5c64a1aa56],
PUP.Optional.SystemHealer, C:\Users\Christian\AppData\Roaming\ZHP\Quarantine\SystemHealer\RescueMonitor.exe, En quarantaine, [cb53e9c6a9f0e6506e24d63619e9857b],
PUP.Optional.PriceFountain, C:\Users\Christian\AppData\Local\Temp\AntihistaminicDrops.dll, En quarantaine, [0e10f7b86237e35318528d73fb076997],
PUP.Optional.InstallCore, C:\Users\Christian\Downloads\AdwCleaner Installer.exe, En quarantaine, [4cd2416e8d0cc96d364aee7db44d45bb],
PUP.Optional.WinYahoo, C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, En quarantaine, [7ea009a63762b680edae038bdd27639d],
PUP.Optional.PriceFountain, C:\Windows\System32\Tasks\ChristianThroatedUncrownedV2, En quarantaine, [e43a337c237605316d79eaa62dd752ae],
PUP.Optional.DNSUnlocker.ACMB2, C:\Windows\System32\Tasks\DNSWALTERS, En quarantaine, [7ba38c23e3b658de053223839c688b75],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\ExcludeList.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\log_04-14-2016.log, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\results.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.WinZipRegOp, C:\Users\Christian\AppData\Roaming\Nico Mak Computing\WinZip Registry Optimizer\Version 1\TempHLList.rcp, En quarantaine, [e13dcae5f2a70e285f5342e4c043e020],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Rkey.dat, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr .lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.ico, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.smenu.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\amazon.fr.tbar.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking .lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.ico, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.lnk, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.smenu.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\Booking.tbar.URL, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\TrafficksEvangels.dat, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.PriceFountain.Gen, C:\Users\Christian\AppData\Local\ThroatedUncrowned\uninst.exe, En quarantaine, [041a5b542475b87ed5d15e078085f40c],
PUP.Optional.Amonetize, C:\Users\Christian\AppData\Local\Temp\aff.conf, En quarantaine, [49d5ddd22e6b90a62b38a1c5a56011ef],
PUP.Optional.WinYahoo, C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\FnpoWNGL.default\prefs.js, Bon : (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Mauvais : (user_pref("browser.startup.homepage", "https://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_dwndlm_16_15¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0AtDtB0B0BzzyE0DtCtCyCyD0CyB0DyDtN0D0Tzu0StCyDyCyDtN1L2XzutAtFtBtCtFtDtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyEtBtByDyB0A0DtGtB0CtAyEtGzztDtB0AtGtD0AyD0BtGyE0EtCzytDyE0Dzy0A0CyB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FtCtAyB0CtC0AzztGtBzytDtBtGyEtD0AtDtGzztByCyBtGtDyCtAyB0D0EtD0EyBtByB0E2QtN0A0LzuyE%26cr%3D1418353332%26a%3Dwbf_dwndlm_16_15%26os_ver%3D10.0%26os%3DWindowsRemplacé,[8995258a85149a9c707dc3a541c409f7]B10Remplacé,[8995258a85149a9c707dc3a541c409f7]BHome");), %5
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)