Malwarebytes Anti-Malware www.malwarebytes.org Date de l'analyse: 14/04/2016 Heure de l'analyse: 19:31 Fichier journal: mbam.txt Administrateur: Oui Version: 2.2.1.1043 Base de données de programmes malveillants: v2016.04.14.06 Base de données de rootkits: v2016.04.09.01 Licence: Gratuit Protection contre les programmes malveillants: Désactivé Protection contre les sites Web malveillants: Désactivé Autoprotection: Désactivé Système d'exploitation: Windows 10 Processeur: x64 Système de fichiers: NTFS Utilisateur: Milad Type d'analyse: Analyse des menaces Résultat: Terminé Objets analysés: 413947 Temps écoulé: 7 min, 47 s Mémoire: Activé Démarrage: Activé Système de fichiers: Activé Archives: Activé Rootkits: Activé Heuristique: Activé PUP: Activé PUM: Activé Processus: 0 (Aucun élément malveillant détecté) Modules: 0 (Aucun élément malveillant détecté) Clés du Registre: 63 PUP.Optional.FindWide, HKLM\SOFTWARE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.FindWide, HKLM\SOFTWARE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.FindWide, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.FindWide, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.FindWide, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.FindWide, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{0FEB2313-F89B-4AC6-8153-84025604A06A}, En quarantaine, [506eb4fa59407abcf9f2b72f57abb24e], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [1da12589653494a2d04c9a452bd7b34d], PUP.Optional.DynConIE, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [1da12589653494a2d04c9a452bd7b34d], PUP.Optional.DynConIE, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [1da12589653494a2d04c9a452bd7b34d], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9b94dd1e-f92e-470b-b098-7dfa23b44cf9}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\TYPELIB\{33e0a650-02d2-473b-b950-355b096215c5}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\INTERFACE\{D52892BB-8200-4388-B59A-F1FE38A6EB4F}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D52892BB-8200-4388-B59A-F1FE38A6EB4F}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{D52892BB-8200-4388-B59A-F1FE38A6EB4F}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{33e0a650-02d2-473b-b950-355b096215c5}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{33e0a650-02d2-473b-b950-355b096215c5}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9B94DD1E-F92E-470B-B098-7DFA23B44CF9}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{9B94DD1E-F92E-470B-B098-7DFA23B44CF9}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9B94DD1E-F92E-470B-B098-7DFA23B44CF9}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.Yontoo, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9B94DD1E-F92E-470B-B098-7DFA23B44CF9}, En quarantaine, [00bedcd226731c1a8dee0bb08f7355ab], PUP.Optional.MySearchDial, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, En quarantaine, [c3fb7e303c5d51e5be1d6280b84a9f61], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [c3fb7e303c5d51e5be1d6280b84a9f61], PUP.Optional.MySearchDial, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [c3fb7e303c5d51e5be1d6280b84a9f61], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [c3fb7e303c5d51e5be1d6280b84a9f61], PUP.Optional.MySearchDial, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, En quarantaine, [c3fb7e303c5d51e5be1d6280b84a9f61], PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [724c9e10168375c1f4481e9ece349a66], PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, En quarantaine, [724c9e10168375c1f4481e9ece349a66], Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\TYPELIB\{87CA3845-37FE-414C-81CF-E08A7D0F6779}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{988934A4-064B-11D3-BB80-00104B35E7F9}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A1DD29ED-2598-48E9-9793-64A9CD08AC94}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{988934A4-064B-11D3-BB80-00104B35E7F9}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A1DD29ED-2598-48E9-9793-64A9CD08AC94}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{87CA3845-37FE-414C-81CF-E08A7D0F6779}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], Trojan.Agent.BHO, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{87CA3845-37FE-414C-81CF-E08A7D0F6779}, En quarantaine, [625cddd19efb979fd39d608c946e44bc], PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [2f8fded0e7b2e94dfb168a65748e40c0], PUP.Optional.SweetIM, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DEDAF650-12B8-48F5-A843-BBA100716106}, En quarantaine, [c5f9238bcccdd85ef9f52aba28da04fc], PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{72A6AB0F-2FA8-4C73-9FCB-1E62A608F001}, En quarantaine, [8638842a4b4ed95de036638210f24fb1], PUP.Optional.CloudScout, HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b, En quarantaine, [dfdfc5e937628caab41eb5a222e2649c], PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [9e206d41fc9d64d25997bf75a75da060], PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, En quarantaine, [dae43f6ff8a1a2945a66e1c450b4f10f], PUP.Optional.CloudScout, HKLM\SOFTWARE\WOW6432NODE\5da059a482fd494db3f252126fbc3d5b, En quarantaine, [d1ed8f1f3b5ecb6b4290282f57ad926e], PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, En quarantaine, [ba049717a4f5ff3732e666162adae51b], PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\supTab, En quarantaine, [15a9ac020e8b74c2a7b6bfcfd52f53ad], PUP.Optional.WPM, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, En quarantaine, [d4ea535b0e8b51e5729187c8c63ee61a], PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\supWPM, En quarantaine, [c9f51f8f99003bfb6e8f69dc34d09868], PUP.Optional.eShield, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dkmjljdbbgogihjcapfhgkonfmccbffp, En quarantaine, [338bdad4a0f955e189dd7aa83fc5966a], PUP.Optional.TidyNetwork, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\DRAGDROP\{70BC1CDB-0744-4172-BDA0-B5A487D00C3A}, En quarantaine, [5965505e96037cbae6905deb61a3a35d], PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{E1527582-8509-4011-B922-29E3FB548882}_is1, En quarantaine, [ae108a24c1d8d660dde3dfc6689c817f], PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{89DF8508}, En quarantaine, [07b7e4ca7425f145c4fbe7bea064f808], PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\REG\CLEAN\pro, En quarantaine, [a31b3c729009d066517aafe9f4109f61], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, En quarantaine, [a11d1698cccdd3635b7d0a42f80b20e0], PUP.Optional.IEPluginServices, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, En quarantaine, [6856119deeab360021d74bde729217e9], PUP.Optional.WindowsMangerProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, En quarantaine, [f8c6e9c5a6f343f3c0a3c28cca3abb45], PUP.Optional.WebSearches.ShrtCln, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\SupHpUISoft, En quarantaine, [b10d931b445583b3d820fc4dd42fe719], PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\TNT2, En quarantaine, [8b336f3f2079072ff1a7a99f72929e62], PUP.Optional.DailyWiki, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\APPDATALOW\SOFTWARE\DailyWiki, En quarantaine, [bb035658d6c30234bcccff5ad0346799], PUP.Optional.MultiIE, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, En quarantaine, [02bc8628afeae94d56bb023237cd16ea], PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [734b35796c2d1a1c0bdf092bb54f3ec2], PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{074198EE-4D9F-4472-AC60-8DCE6BE5CC09}, En quarantaine, [b40a2985fb9e44f27a1d6eda60a4b44c], PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33D41F5F-8718-4CCD-B2D0-FBCC98EFE207}, En quarantaine, [f4ca2b83dbbea09610871d2bb15312ee], PUP.Optional.OneSystemCare, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\ONE SYSTEM CARE, En quarantaine, [209e09a565345bdbad0a54e21de713ed], PUP.Optional.RegCleanPro, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\REG\CLEAN\pro, En quarantaine, [6b539618821705319e2cc8d03aca7888], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\SYSTWEAK\ssd, En quarantaine, [1ea04767efaab284d601480428dbc53b], Valeurs du Registre: 25 PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0Ezz0F0Dzz0AyByDzytByEtN0D0Tzu0SyByCyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1966505276&ir=, En quarantaine, [9e206d41fc9d64d25997bf75a75da060] PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0Ezz0F0Dzz0AyByDzytByEtN0D0Tzu0SyByCyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1966505276&ir=, En quarantaine, [556956588b0ec670ed0384b0b351ee12] PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico, En quarantaine, [a11d8b23b6e3a492a050e94bdc288a76] PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, En quarantaine, [d3eb5c529108bf779e52e25212f25ca4] PUP.Optional.MySearchDial, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, En quarantaine, [3f7f7d31f5a4db5b0de3ef4541c358a8] PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{89df8508}|1, 1460563776, En quarantaine, [07b7e4ca7425f145c4fbe7bea064f808] PUP.Optional.SupTab, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, smt, En quarantaine, [10ae684664354ceaa15b1c299c68d62a] PUP.Optional.TNT2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SHAREDACCESS\PARAMETERS\FIREWALLPOLICY\FIREWALLRULES|{EB26ED93-9ED9-4A3C-B12A-B09A3B0204BC}, v2.25|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Milad\AppData\Local\TNT2\2.0.0.2065\TNT2User.exe|Name=TNT2|, En quarantaine, [25999c1279208bab1adececcc93b54ac] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{7e9f5788-f3ac-43a4-88f3-ed6332ca2756}|NameServer, 82.163.142.7 95.211.158.134, En quarantaine, [5866aa04fe9bd066495e01a4a3619d63] PUP.Optional.Trovi, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://www.trovi.com/Results.aspx?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M5C12AFD7-B093-4340-8371-A5E2FFBA80EC&SearchSource=58&CUI=&UM=6&UP=SPF05E8B12-2E7E-4350-994E-AEC208766F9E&q={searchTerms}&SSPV=SP2182A_sp_ie, En quarantaine, [efcfa8063c5d41f59ac9f8512cd8ad53] PUP.Optional.Conduit, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, En quarantaine, [a81626887128ad89f6e9d3460afad828] PUP.Optional.Trovi, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi search, En quarantaine, [2b93347a8118ff37fc67f752db2930d0] PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0Ezz0F0Dzz0AyByDzytByEtN0D0Tzu0SyByCyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1966505276&ir=, En quarantaine, [734b35796c2d1a1c0bdf092bb54f3ec2] PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0103&cd=2XzuyEtN2Y1L1Qzu0EtD0C0ByE0Ezz0F0Dzz0AyByDzytByEtN0D0Tzu0SyByCyEtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1966505276&ir=, En quarantaine, [e4da25897e1b350101e9320210f4e917] PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico, En quarantaine, [6d512688247559ddc228be76c143d729] PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, En quarantaine, [625c7b338415df57a94179bb04008d73] PUP.Optional.MySearchDial, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, En quarantaine, [447a931b0f8acb6b8169f53f40c4c53b] PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{074198EE-4D9F-4472-AC60-8DCE6BE5CC09}|OSDFileURL, file:///C:/Users/Milad/AppData/Local/TNT2/Profiles/14083/yah14083.xml, En quarantaine, [b40a2985fb9e44f27a1d6eda60a4b44c] PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{074198EE-4D9F-4472-AC60-8DCE6BE5CC09}|FaviconURL, http://mirror.mirror-files.com/tnt2/1/Y1404.ico, En quarantaine, [6a5406a82a6ff54140574800e32113ed] PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33D41F5F-8718-4CCD-B2D0-FBCC98EFE207}|OSDFileURL, file:///C:/Users/Milad/AppData/Local/TNT2/Profiles/14083/os14083.xml, En quarantaine, [f4ca2b83dbbea09610871d2bb15312ee] PUP.Optional.TNT, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33D41F5F-8718-4CCD-B2D0-FBCC98EFE207}|FaviconURL, http://mirror.mirror-files.com/tnt2/10999/eShield_16.ico, En quarantaine, [7945cde17d1c9d997423331519ebec14] PUP.Optional.eShield, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33D41F5F-8718-4CCD-B2D0-FBCC98EFE207}|URL, http://search.eshield.com/serp?guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&k={searchTerms}, En quarantaine, [8f2ff3bb148548ee84e134eebe4635cb] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\ONE SYSTEM CARE|OSID, 6.2, En quarantaine, [209e09a565345bdbad0a54e21de713ed] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\ONE SYSTEM CARE|AdvertsLink1, http://dl.softservers.net/121002113/DriverPro.exe, En quarantaine, [fcc2d6d8c6d32d098e2822148b798878] PUP.Optional.OneSystemCare, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\ONE SYSTEM CARE|AdvertsLink2, http://od.onesaveservers.net/291002113/OneSaveSetup.exe, En quarantaine, [7747f5b9f7a21d19ecca7eb80df73cc4] Données du Registre: 6 PUP.Optional.eShield, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=, Bon : (www.google.com), Mauvais : (http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=),Remplacé,[01bd6a44bedbf442e86838ff7095dc24] PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.istartsurf.com/web/?type=ds&ts=1407601199&from=smt&uid=SamsungXSSDX840XPROXSeries_S12PNEAD406023Z&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/web/?type=ds&ts=1407601199&from=smt&uid=SamsungXSSDX840XPROXSeries_S12PNEAD406023Z&q={searchTerms}),Remplacé,[6d51248a7e1b85b1888d141bd72e9f61] PUP.Optional.IStartSurf.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.istartsurf.com/web/?type=ds&ts=1407601199&from=smt&uid=SamsungXSSDX840XPROXSeries_S12PNEAD406023Z&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.istartsurf.com/web/?type=ds&ts=1407601199&from=smt&uid=SamsungXSSDX840XPROXSeries_S12PNEAD406023Z&q={searchTerms}),Remplacé,[5e60d5d9badf979fed2865cacf3610f0] Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.142.7 95.211.158.134, Bon : (8.8.8.8), Mauvais : (82.163.142.7 95.211.158.134),Remplacé,[edd105a9d8c1c5716908fa407e8715eb] PUP.Optional.eShield, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=, Bon : (www.google.com), Mauvais : (http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=),Remplacé,[625cd9d58d0c23132827ef48ba4b32ce] PUP.Optional.eShield, HKU\S-1-5-21-3586332344-1832542479-1255860736-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=, Bon : (www.google.com), Mauvais : (http://services.eshield.com/general/newhometab.php?hometab=home&partner=14083&guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&i=),Remplacé,[00be931b346514222f20c37435d0c33d] Dossiers: 0 (Aucun élément malveillant détecté) Fichiers: 6 PUP.Optional.eShield, C:\Users\Milad\AppData\Local\Temp\7U1ObH0oMbGWfPES\114\eShieldToolbar.exe, En quarantaine, [b00e911d9bfec27448c11439a0613bc5], PUP.Optional.OneSystemCare, C:\Users\Milad\AppData\Local\Temp\7U1ObH0oMbGWfPES\148\OneSystemCare.exe, En quarantaine, [dae4b8f6a3f664d236dedb24a25f8a76], PUP.Optional.Yontoo, C:\Users\Milad\AppData\Local\Temp\7U1ObH0oMbGWfPES\291\setup.exe, En quarantaine, [c0fe88261f7ab87ec63ba169ad558d73], PUP.Optional.eShield, C:\Users\Milad\AppData\Roaming\Mozilla\Firefox\Profiles\jy3i5wmj.default\prefs.js, Bon : (), Mauvais : (user_pref("keyword.URL", "http://search.eshield.com/serp?guid={17D82E65-D7E3-43CA-99AF-856390D60C18}&k=");), Remplacé,[e4dab3fb52473ff793f0ef6f0bfa04fc] PUP.Optional.eShield, C:\Users\Milad\AppData\Roaming\Mozilla\Firefox\Profiles\jy3i5wmj.default\prefs.js, Bon : (), Mauvais : (eShield Safe Web), Remplacé,[dbe3109e80192511ea3c6404768f8b75] PUP.Optional.WinYahoo, C:\Users\Milad\AppData\Roaming\Mozilla\Firefox\Profiles\jy3i5wmj.default\searchplugins\yahoo.xml, En quarantaine, [f0cefeb0940548ee134d98cc1fe6817f], Secteurs physiques: 0 (Aucun élément malveillant détecté) (end)