Compte rendu ComboFix [ AIDE ]

Résolu/Fermé

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016 - 4 juil. 2015 à 18:38
Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 - 6 juil. 2015 à 09:06

Bonjour ayant téléchargé un fichier malveillant qui a ralenti mon ordinateur j'ai lancé une analyse avec Malwarebytes. Ce dernier a détecté plusieurs trojan.downloader que Malwarebytes a normalement supprimé. Par précaution j'ai voulu faire une analyse avec ComboFix. Cependant j'aimerais de l'aide pour analyser le compte rendu et savoir si mon PC est toujours infecté. Merci d'avance.

Le compte rendu dans le prochain post.

A voir également:

Compte rendu ComboFix [ AIDE ]
Supprimer compte instagram - Guide
Compte facebook piraté - Guide
Créer un compte gmail - Guide
Créer un compte google - Guide
Compte instagram piraté - Guide

3 réponses

Réponse 1 / 3

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016
4 juil. 2015 à 18:39

ComboFix 15-06-30.01 - Asus 04/07/2015 18:15:32.1.2 - x64
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.3980.2307 [GMT 2:00]
Lancé depuis: c:\users\Asus\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\install.log
c:\programdata\ma-config.com\Logs\activex.txt
c:\programdata\ma-config.com\Logs\mcdetection.txt
c:\programdata\ma-config.com\Logs\mcstubuser.txt
c:\programdata\ma-config.com\mcbase.db
c:\programdata\ma-config.com\server.pem
c:\users\Asus\AppData\Local\Adobe\AdbeRdr11007_en_US.exe
c:\users\Asus\AppData\Local\Adobe\gccheck.exe
c:\users\Asus\AppData\Local\Adobe\gtbcheck.exe
c:\users\Asus\AppData\Local\Adobe\SecurityScan_Release.exe
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2015-06-04 au 2015-07-04 ))))))))))))))))))))))))))))))))))))
.
.
2015-07-04 16:23 . 2015-07-04 16:23 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2015-07-04 16:23 . 2015-07-04 16:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-04 16:18 . 2015-07-04 16:18 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71A198E4-F4E3-43F1-A50D-62C26C71406A}\offreg.4960.dll
2015-07-04 15:11 . 2015-06-23 23:22 12221144 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{71A198E4-F4E3-43F1-A50D-62C26C71406A}\mpengine.dll
2015-07-04 15:06 . 2015-07-04 15:43 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-04 15:05 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-04 15:05 . 2015-06-18 06:41 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-04 15:05 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-04 15:05 . 2015-07-04 15:05 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2015-07-04 15:05 . 2015-07-04 15:05 -------- d-----w- c:\programdata\Malwarebytes
2015-07-04 01:27 . 2015-07-04 01:56 -------- d---a-w- C:\3590F75ABA9E485486C100C1A9D4FF06ZZZZZZ.....ZZZ.Z
2015-06-29 20:31 . 2015-06-29 20:31 -------- d-----w- c:\users\Asus\AppData\Local\Golden Frog, GmbH
2015-06-29 20:30 . 2015-06-29 20:30 -------- d-----w- c:\programdata\Golden Frog, GmbH
2015-06-29 20:27 . 2015-07-04 03:35 -------- d-----w- c:\program files (x86)\VyprVPN
2015-06-29 02:15 . 2015-06-29 02:15 -------- d-----w- c:\users\Asus\AppData\Local\Geckofx
2015-06-29 02:11 . 2015-06-29 02:33 -------- d-----w- c:\users\Asus\AppData\Roaming\SSN
2015-06-28 17:05 . 2015-06-28 17:05 -------- d-----w- c:\users\Asus\AppData\Roaming\Wireshark
2015-06-28 16:10 . 2015-06-29 02:34 -------- d-----w- c:\program files (x86)\Wireshark
2015-06-24 16:54 . 2015-06-24 16:55 -------- d-----w- c:\users\Asus\AppData\Local\CyberGhost
2015-06-24 16:53 . 2015-07-04 03:35 -------- d-----w- c:\program files\CyberGhost 5
2015-06-22 15:13 . 2015-07-04 03:35 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-06-22 15:13 . 2015-07-04 03:35 -------- d-----r- c:\program files (x86)\Skype
2015-06-11 16:12 . 2015-06-11 16:12 -------- d-----w- c:\users\Asus\AppData\Local\Eraser 6
2015-06-10 19:53 . 2015-05-23 03:15 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2015-06-10 19:53 . 2015-05-23 03:13 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2015-06-10 19:53 . 2015-05-23 03:07 221184 ----a-w- c:\program files (x86)\Internet Explorer\ielowutil.exe
2015-06-10 19:53 . 2015-05-22 19:08 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2015-06-10 19:53 . 2015-05-22 19:00 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2015-06-10 19:53 . 2015-05-22 18:52 34304 ----a-w- c:\windows\system32\iernonce.dll
2015-06-10 19:53 . 2015-05-22 18:47 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2015-06-10 19:53 . 2015-05-22 18:31 276480 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub.ScriptedSandboxPlugin.dll
2015-06-10 19:53 . 2015-05-22 18:07 720384 ----a-w- c:\windows\system32\ie4uinit.exe
2015-06-10 19:42 . 2015-04-29 18:22 14635008 ----a-w- c:\windows\system32\wmp.dll
2015-06-10 19:41 . 2015-05-25 18:19 728576 ----a-w- c:\windows\system32\kerberos.dll
2015-06-10 19:35 . 2015-04-24 18:17 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-06-10 19:35 . 2015-04-24 17:56 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-06-10 19:35 . 2015-05-25 17:08 3206144 ----a-w- c:\windows\system32\win32k.sys
2015-06-10 19:34 . 2015-04-11 03:19 69888 ----a-w- c:\windows\system32\drivers\stream.sys
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-04 14:42 . 2014-01-28 16:17 1041168 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-07-04 14:41 . 2014-01-28 16:17 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2015-06-24 13:19 . 2014-01-28 10:13 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-24 13:19 . 2014-01-28 10:13 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-25 18:01 . 2015-06-10 19:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-01 13:17 . 2015-05-14 15:05 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-01 13:16 . 2015-05-14 15:04 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-20 03:17 . 2015-05-13 09:46 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-04-20 03:17 . 2015-05-13 09:46 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-04-20 02:56 . 2015-05-13 09:45 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-04-18 03:10 . 2015-05-13 09:52 460800 ----a-w- c:\windows\system32\certcli.dll
2015-04-18 02:56 . 2015-05-13 09:52 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-04-13 03:28 . 2015-05-13 09:47 328704 ----a-w- c:\windows\system32\services.exe
2015-04-08 03:29 . 2015-05-13 09:45 275456 ----a-w- c:\windows\system32\InkEd.dll
2015-04-08 03:29 . 2015-05-13 09:45 24576 ----a-w- c:\windows\system32\jnwmon.dll
2015-04-08 03:14 . 2015-05-13 09:45 216064 ----a-w- c:\windows\SysWow64\InkEd.dll
.
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.

Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2014-06-05 248176]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-06-16 53282944]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.exe" [2015-05-21 430048]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-01-28 291608]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-04 4085896]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2015-01-07 2694320]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-07-31 43816]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-08-01 152392]
"AgentMonitor"="c:\program files (x86)\VTech\DownloadManager\System\AgentMonitor.exe" [2014-06-20 401280]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ma-config_amd64;ma-config_amd64;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys;c:\program files\ma-config.com\Drivers\ma-config_amd64.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Pilote de commutateur de contrôleur d'hôte Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 MaConfigAgent;Ma-Config Agent;c:\program files\ma-config.com\MaConfigAgent.exe;c:\program files\ma-config.com\MaConfigAgent.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Son Intel(R) pour écrans;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Pilote de concentrateur Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Pilote du contrôleur d'hôte extensible Intel(R) USB 3.0;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-06-22 23:00 990024 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe
.
Contenu du dossier 'Tâches planifiées'
.
2015-07-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-28 13:19]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-28 10:13]
.
2015-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-28 10:13]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-06 13:05 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2014-01-28 361984]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2014-01-28 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2014-01-28 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2014-01-28 440600]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-09-19 557768]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2012-10-25 5299320]
"Eraser"="c:\program files\Eraser\Eraser.exe" [2015-04-13 1084328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Examen supplémentaire -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Asus\AppData\Roaming\Mozilla\Firefox\Profiles\1fx4ea1c.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.startup.homepage - hxxp://www.google.com
FF - user.js: extensions.astrmndant.aflt - rv_
FF - user.js: extensions.astrmndant.cd - tN1M1B1L1H1Ezu1O2U1M1B
FF - user.js: extensions.astrmndant.cr - 660368761
user_pref(extensions.autoDisableScopes,14);
.
- - - - ORPHELINS SUPPRIMES - - - -
.
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-738575232-1863047309-3874688892-1000)
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-738575232-1863047309-3874688892-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_190_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_190_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_190_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_190.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Heure de fin: 2015-07-04 18:27:24
ComboFix-quarantined-files.txt 2015-07-04 16:27
.
Avant-CF: 429 215 293 440 octets libres
Après-CF: 429 078 556 672 octets libres
.
- - End Of File - - BD235C18D8D4EB58B3081C39E5BA6757
5FB38429D5D77768867C76DCBDB35194

Réponse 2 / 3

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
4 juil. 2015 à 20:20

salut

Suis le tutoriel FRST https://www.malekal.com/tutoriel-farbar-recovery-scan-tool-frst/
Cela va générer trois rapports FRST :

FRST.txt
Shortcut.txt
Additionnal.txt

Envoie comme expliqué, ces trois rapports sur le site pjjoint et donne les trois liens pjjoint de ces rapports afin qu'ils puissent être consultés.

--

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016
4 juil. 2015 à 20:39

Merci de ta réponse,

Voici les 3 liens :
https://pjjoint.malekal.com/files.php?id=20150704_m13k10j1512t12
https://pjjoint.malekal.com/files.php?id=20150704_k7k13p5f14b9
https://pjjoint.malekal.com/files.php?id=20150704_w6m15i9f12d12

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
5 juil. 2015 à 00:04

Pas l'air infecté.

Quels sont les problèmes ?

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016
Modifié par tedted le 5/07/2015 à 00:50

Le problème c'est que Malwarebytes a détecté 800 menaces dont 6 trojans et l'un de ces trojans a visiblement eu accès à mes mots de passe. Je les ai donc supprimé avec Malwarebytes mais je craignais que cela ne soit pas efficace. Ca l'a été donc ?

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016
5 juil. 2015 à 01:22

Voici ce qu'avais donné l'analyse Malewarevybes et les fichiers qui j'espère ont été supprimés.

Malwarebytes Anti-Malware
www.malwarebytes.org

Date de l'analyse: 04/07/2015
Heure de l'analyse: 17:09
Fichier journal: analyse.txt
Administrateur: Oui

Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.07.04.02
Base de données de rootkits: v2015.07.03.01
Licence: Essai
Protection contre les programmes malveillants: Activé
Protection contre les sites Web malveillants: Activé
Autoprotection: Désactivé

Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Asus

Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 399146
Temps écoulé: 24 min, 1 s

Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé

Processus: 2
PUP.Optional.Zebar.A, C:\Program Files (x86)\Zebar\updateZebar.exe, 2024, Supprimer au redémarrage, [c6fc04d9becca78ff381d8a41fe6ae52]
PUP.Optional.Zebar.A, C:\Program Files (x86)\Zebar\bin\utilZebar.exe, 1212, Supprimer au redémarrage, [c6fc04d9becca78ff381d8a41fe6ae52]

Modules: 0
(Aucun élément malveillant détecté)

Clés du registre: 245
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\APPID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C51F7E9-8542-4F25-A30F-2060157752E1}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
Trojan.Downloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{90A52F08-64AC-4DC6-9D7D-4516670275D3}, En quarantaine, [bf03924bafdb69cd2843fdaac3409070],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, En quarantaine, [6d559b426e1ce254e6fd1b9810f3b14f],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, En quarantaine, [6d559b426e1ce254e6fd1b9810f3b14f],
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, En quarantaine, [6d559b426e1ce254e6fd1b9810f3b14f],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [00c213ca33570b2b9cd5bbc4f0137888],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [00c213ca33570b2b9cd5bbc4f0137888],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, En quarantaine, [00c213ca33570b2b9cd5bbc4f0137888],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc.1, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\esrv.mysearchdialESrvc, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\esrv.mysearchdialESrvc.1, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\esrv.mysearchdialESrvc.1, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, En quarantaine, [0cb6a835a9e13303646bc1f215ee6c94],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [18aa95484149cd69118ba9d1c43fa35d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [18aa95484149cd69118ba9d1c43fa35d],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, En quarantaine, [18aa95484149cd69118ba9d1c43fa35d],
PUP.Optional.Babylon.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, En quarantaine, [a71bfedfd4b6ad8925496e0c28db2dd3],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, En quarantaine, [853d9845b3d7f83e2875aecc3bc8a759],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, En quarantaine, [853d9845b3d7f83e2875aecc3bc8a759],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, En quarantaine, [853d9845b3d7f83e2875aecc3bc8a759],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, En quarantaine, [17ab6d709bef46f0ad5ce1d383807c84],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, En quarantaine, [c7fb11cc9ceed462c04ac8ec35ce966a],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [962c0ecfc7c367cf19850ea59a697b85],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\OKitSpace, En quarantaine, [8f339d40cbbf77bfcf0af987788b17e9],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\OKitSpace.1, En quarantaine, [49794c91bcce93a3ddfc6c14d72ced13],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OKitSpace, En quarantaine, [49794c91bcce93a3ddfc6c14d72ced13],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\OKitSpace.1, En quarantaine, [49794c91bcce93a3ddfc6c14d72ced13],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OKitSpace, En quarantaine, [49794c91bcce93a3ddfc6c14d72ced13],
PUP.Optional.OfferBox.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\OKitSpace.1, En quarantaine, [49794c91bcce93a3ddfc6c14d72ced13],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64, En quarantaine, [18aa59847f0b60d6d7d106229a6a0000],
PUP.Optional.Zebar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Zebar, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Zebar, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, En quarantaine, [c6fc04d9becca78ff381d8a41fe6ae52],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{9f93bd66-d3d2-427d-b37f-743603e2388d}w64, En quarantaine, [a81a03da4c3e16209073abd6040130d0],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, En quarantaine, [4a78c716b6d4f73fe1f11a33e61e9c64],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0063107.BHO, En quarantaine, [c1019f3e14760a2cba52c564788c9f61],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0063107.BHO.1, En quarantaine, [4e749f3edbaf6ec88c80d158996b55ab],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0063107.Sandbox, En quarantaine, [5f639c4166245fd736d67aafef15837d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0063107.Sandbox.1, En quarantaine, [c4fe86576129a393aa626abfbe46d12f],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, En quarantaine, [6c565e7f6129a195bf956a27c73eb749],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, En quarantaine, [60624697f49639fdb79d395817eea060],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, En quarantaine, [ab174499c8c2bc7a94c03f528481b34d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, En quarantaine, [c3ffa736503a49edc194820fa164db25],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, En quarantaine, [dae824b9068451e5b79e226f8184936d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, En quarantaine, [bb07d409bfcbfb3b0e477e13768f54ac],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, En quarantaine, [ecd68e4f3f4bed49c194236eaa5bdd23],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, En quarantaine, [dde5924bbdcd1422d28318797491b64a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, En quarantaine, [c8fab12c92f80b2bd97c8d0460a558a8],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, En quarantaine, [17ab736a0c7e8caa72e3058c09fca25e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, En quarantaine, [863c00dda9e1c472ba9b2869a0653dc3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, En quarantaine, [1ea435a82b5f6cca5ff6741d48bd56aa],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, En quarantaine, [be04cd10b1d952e48dc8a1f0976ef20e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, En quarantaine, [853d637a5e2c43f3005597fa42c314ec],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, En quarantaine, [cdf57a6375151d190c49e2af16efe61a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, En quarantaine, [06bc409d3a5070c660f51b76dc29ef11],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, En quarantaine, [e5dd6776cbbff54157fe6031669f9070],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, En quarantaine, [5d659f3e1a70b5817cd9771a4abb2dd3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, En quarantaine, [487a00ddf29872c45005533eeb1a08f8],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, En quarantaine, [41818459e0aa4beb01547b1640c503fd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, En quarantaine, [259dac31bcce0d2985d0c6cb2ed716ea],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, En quarantaine, [efd3b12cc7c35fd7e07598f93acbd52b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, En quarantaine, [7b47617c1575181efe57573aa1641ee2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, En quarantaine, [05bd8459c3c7cd69bb9a405146bf3fc1],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, En quarantaine, [1ca62eafa2e891a551049ff2c342b24e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, En quarantaine, [269c2faefa909a9c68edefa2c045fa06],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, En quarantaine, [f9c9439af595a5912f266c25a95c44bc],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, En quarantaine, [9d25419c0288dc5a1b081364b84dfe02],
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\CLASSES\APPID\OKitSpace.DLL, En quarantaine, [2c96ecf193f7b086e89b62ec46be847c],
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\OKitSpace.DLL, En quarantaine, [07bbc716bdcd6ccaa2e151fd5ca89b65],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, En quarantaine, [c4fec71615757db979d8af8e976d847c],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, En quarantaine, [ffc3607d2466c47224f2b9cdc3426799],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\26549, En quarantaine, [efd30cd15337e155e8652021ca3a57a9],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0BEF1EF2-70ED-4D05-A6C9-E4A5C89780E2}, En quarantaine, [dfe365785f2bc274e57a267026df3ec2],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84E4C088-03D4-4D13-A1BE-CD414ECD1C79}, En quarantaine, [665ce4f90e7ca195114c9df9f411b64a],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [f8cab825820855e1eaf6bb4624e0b64a],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}, En quarantaine, [06bc409d672347efef4b0f80f4115ea2],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, En quarantaine, [586a835a98f2201690d6a8821ce8d030],
Adware.Boxore, HKLM\SOFTWARE\WOW6432NODE\Boxore, En quarantaine, [279b1dc09af0162037b1200da65f916f],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, En quarantaine, [1ba73da0305a45f1bb1793bae51fed13],
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\OKitSpace, En quarantaine, [932f805d612941f5493cfb539c6853ad],
PUP.Optional.SmartSaver.A, HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 12.2, En quarantaine, [e3df2cb1fe8c0d2996b5380fa95b26da],
PUP.Optional.SmartSaver.A, HKLM\SOFTWARE\WOW6432NODE\SmartSaver+ 12.2-nv, En quarantaine, [16ac6875d9b102345eedf84fca3a0ff1],
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SweetIM, En quarantaine, [4d75528b7e0c4de954b255bd1be9639d],
PUP.Optional.Zebar.A, HKLM\SOFTWARE\WOW6432NODE\Zebar, En quarantaine, [d0f2db020486f83eb6c069131ce9c33d],
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [b70b865717730c2aa394d8c3e2239a66],
PUP.Optional.SuperOptimizer.C, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, En quarantaine, [7e4415c869214aecc375b0ebff0659a7],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0063107.BHO, En quarantaine, [dce66875b2d80d29868688a17e865ca4],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0063107.BHO.1, En quarantaine, [546e64796d1d1f17a6663ced7d87738d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0063107.Sandbox, En quarantaine, [17abebf2fd8dd75fec202207e42032ce],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0063107.Sandbox.1, En quarantaine, [348e24b9e8a29a9cc24aab7e768e53ad],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, En quarantaine, [c8fa65780d7d94a26ee6632e9b6a748c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, En quarantaine, [467c04d9f1991f17c193860bcd3826da],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, En quarantaine, [c4fe7f5e1f6b69cd3123ddb4699c11ef],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, En quarantaine, [338fe9f43a50181ec5903b5630d5ee12],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, En quarantaine, [b40ea835ccbed95d2a2b424fc83d5ca4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, En quarantaine, [be047e5fa3e76dc970e57c15a85d8a76],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, En quarantaine, [8c364e8f9ceecc6a470ebfd2f213d42c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, En quarantaine, [e3df5f7ecac05fd7da7bf1a0e71ed729],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, En quarantaine, [efd346977a1050e6e66f622fa0653ec2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, En quarantaine, [c6fc07d61f6b171f02534f42877e1de3],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, En quarantaine, [05bd10cde9a1d4627cd9830e010449b7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, En quarantaine, [536f31ac13771d19be973d54ea1b7b85],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, En quarantaine, [734ffedf3d4df046d580434e59ac946c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, En quarantaine, [ccf6f7e68505280e074e652cfb0ab54b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, En quarantaine, [338fd20b5c2ea195cb8a1f72b05546ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, En quarantaine, [8f330cd1860415210b4a8908689df30d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, En quarantaine, [576b25b896f4bf77c590fe93877e5ea2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, En quarantaine, [f2d094498ffb00364213108125e0de22],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, En quarantaine, [269c00dd5832a393d97cf39eec1950b0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, En quarantaine, [1ca68558addd3600a2b3355cb0558d73],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, En quarantaine, [249e6578c3c71026eb6a058c52b3936d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, En quarantaine, [07bba5380a8064d2b3a29df4db2ac43c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, En quarantaine, [fdc510cdc4c6da5c61f4543da65f02fe],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, En quarantaine, [03bf1cc1afdb65d19db8761bd53006fa],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, En quarantaine, [d5edd00d008a191df65faee3a85d40c0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, En quarantaine, [715174697c0e1b1bf85deba638cd01ff],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, En quarantaine, [9e24f6e7e6a444f2abaa0d849a6b7b85],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, En quarantaine, [3d8508d583077cbad64d3245e71e19e7],
PUP.Optional.OKitSpace.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\OKitSpace.DLL, En quarantaine, [0ab8b22b2a60c2747a092529ea1af20e],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, En quarantaine, [a61cda03c1c9f93d2e32692e47be6a96],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, En quarantaine, [f2d0419cd8b28ea876fed753e02444bc],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, En quarantaine, [c20029b492f82610a0b1ca73e61efb05],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, En quarantaine, [843ef3ea3852be7835e18ff7b2536997],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\26549, En quarantaine, [7a4838a5fa905fd70d40301113f1b14f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0BEF1EF2-70ED-4D05-A6C9-E4A5C89780E2}, En quarantaine, [05bdc11c2f5bb581adb2dfb741c4c937],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84E4C088-03D4-4D13-A1BE-CD414ECD1C79}, En quarantaine, [843ec419a3e761d5312cebabbb4a718f],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE, En quarantaine, [6c56895485050e28610578b248bc758b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, En quarantaine, [79491dc0c3c700361db1d4af0005a65a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, En quarantaine, [f0d26a73701ab581309fc3c02fd6d62a],
PUP.Optional.BrowseMark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update BrowseMark, En quarantaine, [d0f2dc011575af8791b455c0ee16f60a],
PUP.Optional.RockTurner.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Rock Turner, En quarantaine, [972b9a43c1c9f73ffefa2de3be4639c7],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginService, En quarantaine, [972b14c9bbcfcd69014f17ff4cb8946c],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [d8eac5188dfd71c587aff0abb451a35d],
PUP.Optional.SmartSaver.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 12.2, En quarantaine, [f4cec5184a406cca07419fa8cb39e61a],
PUP.Optional.InstallCore.C, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\InstallCore, En quarantaine, [4c76607d1f6bd85efb378714768fda26],
PUP.Optional.Nosibay.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\Nosibay, En quarantaine, [f9c9825b1377dc5acf0663b137cdb64a],
PUP.Optional.SweetIM.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\SweetIM, En quarantaine, [e7db9e3fcac01422d72ee72b51b318e8],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\WSE_Astromenda, En quarantaine, [655d8d50dfabea4ca1982003c4407f81],
PUP.Optional.Zebar.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\Zebar, En quarantaine, [8f3338a50b7f78bed1a4d6a65ca9ad53],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, En quarantaine, [2e94deff03870d29280e98036b9a44bc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, En quarantaine, [338fae2f1e6cad89b5bf6c0add28619f],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, En quarantaine, [7f4328b53b4fa78f68bc324d050007f9],
PUP.Optional.SmartSaver.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\APPDATALOW\SOFTWARE\SmartSaver+ 12.2, En quarantaine, [5e64c9144743c175c781d2750103fa06],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\CONDUIT\DistributionEngine, En quarantaine, [5d65855819711026c99a9bfe768f31cf],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, En quarantaine, [883ab22b0f7b191de4d35ea3af558878],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, En quarantaine, [9a282ab3d5b53df9520090adce3612ee],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pfkfdlcdbajamklbneflfbcmfgddmpae, En quarantaine, [d9e9409d0585da5c76a1d1b54abb817f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{157F935D-1391-47D5-A146-9A79B740B4E1}, En quarantaine, [05bda33a3b4fc4723824c6d0de271fe1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18463F02-1AF7-4238-94F2-69E1CAEF9AA6}, En quarantaine, [744edd00b3d70f27e378286e18ed54ac],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1CE30910-82E5-4170-B2B9-9B291119CCFA}, En quarantaine, [4082b12c1872f73fb2a92571f31202fe],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D0BFD1C-40D8-4BCF-A12A-D7313023F26D}, En quarantaine, [2c964c91b2d87db983d9d8beab5ae11f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EB41B42-253E-4AAA-824B-7CE8DC463CC4}, En quarantaine, [82406b721c6efc3a5efd7323768f7e82],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1FD2E2FC-6823-45D8-B71B-A72AFD6AAEBC}, En quarantaine, [1aa819c4f09a33037be1e7af0ff68f71],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2767A3AB-713D-4D80-BC6A-9F58488DCE24}, En quarantaine, [992935a80684290dc19a2e68f312956b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2956D56E-55EE-40F2-8AF1-98A689193324}, En quarantaine, [378b7469038792a49cc0ecaa43c2fd03],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A575D26-F121-4961-8A8E-9B2CA9C6CA95}, En quarantaine, [f4ce00dd3f4b89ad94c8870f28dd6c94],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{317F63DD-42A9-41C9-8195-EAFBE3FE34BA}, En quarantaine, [49793aa3424873c3c993dabcb64f59a7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{34780C5E-7D13-445C-8B1A-CAC0271F3F69}, En quarantaine, [883ad10c4248fc3aca9126700500669a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36284363-C622-41E2-A395-FC1AD89FDA58}, En quarantaine, [b90948952d5d47efd08bc0d66a9b926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36F095C9-E044-4711-8633-7285DE88D479}, En quarantaine, [0eb42db08ffb1224cd8e4551f70e55ab],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{379C52C4-3C90-4F61-8577-B75C222CB4D0}, En quarantaine, [8c362bb2c6c4cd6989d2484ecd38f808],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C2C5A9D-DE73-47DC-92CD-4421D92EB14D}, En quarantaine, [378b09d4ec9e7eb8a1bb7521b550758b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{41AEC5FC-9089-49C4-86C4-1D17842817CD}, En quarantaine, [7c4627b6b3d77cba5b01a1f5877e6e92],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42B2CE34-5A77-4DC0-A91F-1B13188C9246}, En quarantaine, [952d1fbea9e13ff73d1f44524cb99b65],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43396760-3E5E-49C4-AF6D-4736436C3BDE}, En quarantaine, [c9f95b82b1d91521d3882c6a38cd7c84],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44EDCB38-9FAC-4D2A-AC25-92E044D7A46E}, En quarantaine, [5d652ab3088220166bf13e5843c2ac54],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A8C7260-9EBD-438F-88CF-3DE9B0841D6A}, En quarantaine, [7250419c523885b11745474f07fe60a0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C96FE42-C0BF-46C6-8BDF-BD1788EDB192}, En quarantaine, [fcc632ab137731053625c6d06f96e917],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53CF4BD8-6D5E-4535-87D7-B4F75EF31730}, En quarantaine, [e7db3da01a70a09687d4ddb90cf9b34d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D04EF1F-5FC3-4654-BEA3-9AB91875431E}, En quarantaine, [b70bd10ca2e8ad89cc90e0b6af56a957],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{64E40FC1-EAD9-4CA5-A2ED-12DBE2A1ACF2}, En quarantaine, [b0125b82018951e5e27aa2f4d62f639d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6603C949-16C9-4CB2-8ACB-A6A5BF94FD60}, En quarantaine, [517134a9f9916fc7cb906531ed18d62a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D9E392-A2D0-4B28-BC3F-29567A1DF8E7}, En quarantaine, [e6dc76678a00a78fe675514541c4fb05],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{692528C9-1FFE-4C06-A61E-FA8DE5CB6AFC}, En quarantaine, [1ea4bf1ed3b7dc5a9fbcebab7c89bb45],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DE13289-3AAC-409F-9437-DFA8C9D6F543}, En quarantaine, [f0d275684248e05672ea524447be57a9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75C35072-9A5C-49B8-8231-3D441BC2CC74}, En quarantaine, [dee40ad391f967cf2a31c5d1cb3aa060],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7B4FF41C-F245-4A58-9170-5CFC6AD54013}, En quarantaine, [16aca439acde132386d580167e878b75],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D22588F-B836-42D8-A86C-3F60A717AE35}, En quarantaine, [3c86c31aa4e6989e49139df9fb0a07f9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7DB52645-AAD3-484F-91EF-BF539BB685CB}, En quarantaine, [675b4a9398f268ce2635732331d407f9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FA5DC1D-7E58-467D-A83D-9CCFDE506270}, En quarantaine, [5e64d508eb9fb086de7eade964a145bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84469EC0-4E8A-4289-B854-5F6BF6DCEA5C}, En quarantaine, [368c7766a0eac96d0c50494d8f7615eb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B1AE41E-8ECB-485D-9961-7645E6DAB5CC}, En quarantaine, [4d756a7363276cca401c177fd0355aa6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B555734-D592-48BD-8C46-2F587617D7D6}, En quarantaine, [f0d202db9cee96a03b200d899471bc44],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95691341-A5DC-4E0F-85A9-D494EF9E556B}, En quarantaine, [566c8e4fccbe64d2f2696b2b8d788c74],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F426D1D-1A06-4C3B-A46A-CB7B545F211C}, En quarantaine, [4082a439008a71c59ebe94026b9a6b95],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACA99E41-4B9A-462D-B016-773EFBC4A3E3}, En quarantaine, [7f43a23bcbbf53e393c8b8de768fb050],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AF40EE1D-4E20-4A81-B78A-51F3596AC9AA}, En quarantaine, [734f3da04c3ecc6a4615405609fc867a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B252CA6E-5AE1-4A4F-B4AA-B93A37BC8F5A}, En quarantaine, [f9c907d6c5c561d560fbe1b5bc49f20e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B258C653-7FFB-4EE1-9DB7-13D1EA449098}, En quarantaine, [af136f6eb3d77abc411b3f57fc09cb35],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B68FB102-9643-4F01-8755-A72370E83C72}, En quarantaine, [556d57860e7c88ae213bbfd7af56b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B945C064-7EBB-4356-9E5C-3FE250C046FA}, En quarantaine, [14ae815cd4b668ced586fd997c8929d7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BE9AF459-3FE2-4DB0-8EB0-F23DFE938DEF}, En quarantaine, [744e3f9ec8c22e081f3c4056cc394cb4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C530E54A-831A-4E54-A958-217C8A544773}, En quarantaine, [22a08558a9e15dd9cd8e2f6721e42ad6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BED168-ED1D-4264-A5BB-F2CD7A6C7C3E}, En quarantaine, [883ae9f42169d36354070c8acd3830d0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C895F128-D63C-4EA7-B8BD-63EC51EE275C}, En quarantaine, [b80adb02f1993afcef6d3462ad588f71],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8ABD555-9232-4CF8-BA5B-F0A448DE302A}, En quarantaine, [80423ca13456aa8c1e3dfb9bfd0830d0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CEFA2F08-6B91-4AD4-BC59-B08575D6481E}, En quarantaine, [8e34e3fafd8dc274a3b9870f020324dc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D4035E78-291F-4C63-9036-BE327D76DA9E}, En quarantaine, [0db5fedfa2e823135309c7cfb74e7d83],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D800E2C8-6954-4839-A7DC-BE7E27FEE728}, En quarantaine, [a1217f5e375396a0ca92acea3bcae41c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D81FA69F-5969-4381-A48C-6D1DE41B28C7}, En quarantaine, [853d13caf09a80b64c0ffa9c966f7f81],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8AC4ED3-A394-4E33-9742-27DAFC3E6785}, En quarantaine, [a0226578d2b8ff37d289692dae578e72],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DB6D2D44-A70D-4301-8A42-B0A3811CD4E5}, En quarantaine, [833f8558523831052a31f79f788d6c94],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E0D64C69-C7C4-4928-91A2-77D2A71627B1}, En quarantaine, [91316b72d5b5ad89eb71f89e679e6c94],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E268B612-7F08-486E-832B-D151D6EAEDFE}, En quarantaine, [d4ee23bae2a81c1a89d27521cf36758b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E2B0E734-8326-43D8-B9C1-7AB1FB88C7F4}, En quarantaine, [cbf7429ba0eae0561547d1c507fe2bd5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E64F8115-547F-43A2-A6FE-54A835245C6E}, En quarantaine, [9b27d706d8b2ea4ceb715c3a907556aa],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6669BF4-1974-4CC3-94CA-DBB956BDD2AC}, En quarantaine, [1ba71dc0a9e12c0a0d4f4e481fe6ab55],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EDBCC470-783C-447B-B5E4-3F64E5A6BC6B}, En quarantaine, [f4ce07d613775ed83e1d5e38fa0b0af6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F20DEAE4-B952-4350-9DAB-768775BB5E23}, En quarantaine, [ccf6bb227e0c80b62536197daa5b6a96],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDFCFB6A-F280-4278-BC55-E277AFA5DB82}, En quarantaine, [8a387f5e2f5b270f3f1c672fd035ca36],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE8D6C05-5207-4E91-8C31-4F15AC57FA20}, En quarantaine, [a919f0ed8406989e97c56036ec190bf5],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [30921dc06d1d0a2c776aae533bc9c53b],
PUP.Optional.Conduit.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}, En quarantaine, [cff3ca13fa900a2cacb758aa4eb69c64],
PUP.Optional.Astromenda.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}, En quarantaine, [239f13ca36548fa772c70d826c99c937],
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\OPTIMIZER PRO, En quarantaine, [17ab6b720387af8728bb7622d134639d],
PUP.Optional.WindApp.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\STORE\WindApp Tag, En quarantaine, [9b27edf06f1b96a0671fc345729202fe],
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, En quarantaine, [a220cf0e5634a294c91818e95da7a060],
PUP.Optional.WindApp.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1001\SOFTWARE\STORE\WindApp, En quarantaine, [13af538ad1b937ffb7ceae5af50f12ee],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611311107}, En quarantaine, [15ade1fc9bef8da958c768f365a1c739],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611311107}, En quarantaine, [15ade1fc9bef8da958c768f365a1c739],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CrossriderApp0063107.BHO, En quarantaine, [15ade1fc9bef8da958c768f365a1c739],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CrossriderApp0063107.BHO.1, En quarantaine, [15ade1fc9bef8da958c768f365a1c739],

Valeurs du registre: 124
PUP.Optional.Iminent.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [962c0ecfc7c367cf19850ea59a697b85],
PUP.Optional.Iminent.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, En quarantaine, [ecd64697d7b3ab8b128c7a39db282bd5],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0bef1ef2-70ed-4d05-a6c9-e4a5c89780e2}|AppName, SmartSaver+ 12.2-codedownloader.exe, En quarantaine, [dfe365785f2bc274e57a267026df3ec2]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84e4c088-03d4-4d13-a1be-cd414ecd1c79}|AppName, SmartSaver+ 12.2-bg.exe, En quarantaine, [665ce4f90e7ca195114c9df9f411b64a]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0103&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SyByCtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1186919238&ir=, En quarantaine, [f8cab825820855e1eaf6bb4624e0b64a]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele0103&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SyByCtCtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1186919238&ir=, En quarantaine, [d2f0b825e1a91125707049b87c882ed2]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.21.0\FavIcon.ico, En quarantaine, [655d9e3f2d5d1c1a4a96d52ca55fcd33]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}, Mysearchdial, En quarantaine, [5b670dd02e5c3600bb2540c1a55fe917]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|DisplayName, Mysearchdial, En quarantaine, [ccf65687f595c175ad3321e04eb6f10f]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|URL, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzytCyC0D0BtD0FtGtAyD0CyEtGzyzytB0EtG0D0DyC0DtGyD0E0CyBtCyDtByE0A0B0E0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCzz0E0A0E0A0BtGzyzzyB0CtG0E0EzyzztG0Dzy0BzytGtCzy0D0FyEyByBtB0EtAzz0D2Q&cr=2055645019&ir=, En quarantaine, [f1d119c49eec56e09050fa07b94b956b]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|TopResultURLFallback, http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_16_ie&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SzztAyDtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCzytCyC0D0BtD0FtGtAyD0CyEtGzyzytB0EtG0D0DyC0DtGyD0E0CyBtCyDtByE0A0B0E0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCzz0E0A0E0A0BtGzyzzyB0CtG0E0EzyzztG0Dzy0BzytGtCzy0D0FyEyByBtB0EtAzz0D2Q&cr=2055645019&ir=, En quarantaine, [952d419c4f3b84b2a13f847d798bc739]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|FaviconPath, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, En quarantaine, [2b97bd20dab0d066667a6f9213f1eb15]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Mysearchdial, En quarantaine, [675b7c615f2bae88b22eb150cd374eb2]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}|DisplayName, Mysearchdial, En quarantaine, [ae14617c7a10e1554b95d62b1fe5d22e]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}|URL, http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_33_ch&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SzyyDzztN1L2XzutAtFtCtFtDtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyE0EyEtCtDtCzytBtGyCzyyCtCtGtB0Bzy0BtGtA0D0CzytGyDzzyB0EyD0DyCzztAtA0D0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCzz0E0A0E0A0BtGzyzzyB0CtG0E0EzyzztG0Dzy0BzytGtCzy0D0FyEyByBtB0EtAzz0D2Q&cr=1286825986&ir=, En quarantaine, [06bc409d672347efef4b0f80f4115ea2]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}|TopResultURLFallback, http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_tele_14_33_ch&cd=2XzuyEtN2Y1L1Qzu0D0CzzyD0D0EyBtAtBzyyByDtA0AyC0BtN0D0Tzu0SzyyDzztN1L2XzutAtFtCtFtDtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2SyE0EyEtCtDtCzytBtGyCzyyCtCtGtB0Bzy0BtGtA0D0CzytGyDzzyB0EyD0DyCzztAtA0D0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyCzz0E0A0E0A0BtGzyzzyB0CtG0E0EzyzztG0Dzy0BzytGtCzy0D0FyEyByBtB0EtAzz0D2Q&cr=1286825986&ir=, En quarantaine, [645e0bd29ceeb77f15257f1015f08c74]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, En quarantaine, [3c868855fa90ec4aa694652ab74e4fb1]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}, Astromenda, En quarantaine, [e4de04d9751596a0d8620887927356aa]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{A92E6E0D-46B8-435B-A328-B49126E41BB2}|DisplayName, Astromenda, En quarantaine, [6b57dffe4e3c79bd13277f1016efd12f]
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, En quarantaine, [586a835a98f2201690d6a8821ce8d030]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, En quarantaine, [f2d0419cd8b28ea876fed753e02444bc]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, En quarantaine, [9d25eaf3eb9fe056cb596c959a6af709]
PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, En quarantaine, [49794e8f503a6cca226c8a75bc47f40c]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0bef1ef2-70ed-4d05-a6c9-e4a5c89780e2}|AppName, SmartSaver+ 12.2-codedownloader.exe, En quarantaine, [05bdc11c2f5bb581adb2dfb741c4c937]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84e4c088-03d4-4d13-a1be-cd414ecd1c79}|AppName, SmartSaver+ 12.2-bg.exe, En quarantaine, [843ec419a3e761d5312cebabbb4a718f]
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\DATAMNGRCOORDINATOR.EXE|debugger, tasklist.exe, En quarantaine, [6c56895485050e28610578b248bc758b]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, En quarantaine, [883ab22b0f7b191de4d35ea3af558878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{157F935D-1391-47D5-A146-9A79B740B4E1}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [05bda33a3b4fc4723824c6d0de271fe1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{18463F02-1AF7-4238-94F2-69E1CAEF9AA6}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [744edd00b3d70f27e378286e18ed54ac]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1CE30910-82E5-4170-B2B9-9B291119CCFA}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [4082b12c1872f73fb2a92571f31202fe]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1D0BFD1C-40D8-4BCF-A12A-D7313023F26D}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [2c964c91b2d87db983d9d8beab5ae11f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EB41B42-253E-4AAA-824B-7CE8DC463CC4}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [82406b721c6efc3a5efd7323768f7e82]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1FD2E2FC-6823-45D8-B71B-A72AFD6AAEBC}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [1aa819c4f09a33037be1e7af0ff68f71]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2767A3AB-713D-4D80-BC6A-9F58488DCE24}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [992935a80684290dc19a2e68f312956b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2956D56E-55EE-40F2-8AF1-98A689193324}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [378b7469038792a49cc0ecaa43c2fd03]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A575D26-F121-4961-8A8E-9B2CA9C6CA95}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [f4ce00dd3f4b89ad94c8870f28dd6c94]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{317F63DD-42A9-41C9-8195-EAFBE3FE34BA}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [49793aa3424873c3c993dabcb64f59a7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{34780C5E-7D13-445C-8B1A-CAC0271F3F69}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [883ad10c4248fc3aca9126700500669a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36284363-C622-41E2-A395-FC1AD89FDA58}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [b90948952d5d47efd08bc0d66a9b926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{36F095C9-E044-4711-8633-7285DE88D479}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [0eb42db08ffb1224cd8e4551f70e55ab]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{379C52C4-3C90-4F61-8577-B75C222CB4D0}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [8c362bb2c6c4cd6989d2484ecd38f808]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C2C5A9D-DE73-47DC-92CD-4421D92EB14D}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [378b09d4ec9e7eb8a1bb7521b550758b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{41AEC5FC-9089-49C4-86C4-1D17842817CD}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [7c4627b6b3d77cba5b01a1f5877e6e92]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42B2CE34-5A77-4DC0-A91F-1B13188C9246}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [952d1fbea9e13ff73d1f44524cb99b65]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43396760-3E5E-49C4-AF6D-4736436C3BDE}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [c9f95b82b1d91521d3882c6a38cd7c84]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{44EDCB38-9FAC-4D2A-AC25-92E044D7A46E}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [5d652ab3088220166bf13e5843c2ac54]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4A8C7260-9EBD-438F-88CF-3DE9B0841D6A}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [7250419c523885b11745474f07fe60a0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C96FE42-C0BF-46C6-8BDF-BD1788EDB192}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [fcc632ab137731053625c6d06f96e917]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53CF4BD8-6D5E-4535-87D7-B4F75EF31730}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [e7db3da01a70a09687d4ddb90cf9b34d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D04EF1F-5FC3-4654-BEA3-9AB91875431E}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [b70bd10ca2e8ad89cc90e0b6af56a957]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{64E40FC1-EAD9-4CA5-A2ED-12DBE2A1ACF2}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [b0125b82018951e5e27aa2f4d62f639d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6603C949-16C9-4CB2-8ACB-A6A5BF94FD60}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [517134a9f9916fc7cb906531ed18d62a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{66D9E392-A2D0-4B28-BC3F-29567A1DF8E7}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [e6dc76678a00a78fe675514541c4fb05]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{692528C9-1FFE-4C06-A61E-FA8DE5CB6AFC}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [1ea4bf1ed3b7dc5a9fbcebab7c89bb45]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6DE13289-3AAC-409F-9437-DFA8C9D6F543}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [f0d275684248e05672ea524447be57a9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75C35072-9A5C-49B8-8231-3D441BC2CC74}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [dee40ad391f967cf2a31c5d1cb3aa060]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7B4FF41C-F245-4A58-9170-5CFC6AD54013}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [16aca439acde132386d580167e878b75]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D22588F-B836-42D8-A86C-3F60A717AE35}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [3c86c31aa4e6989e49139df9fb0a07f9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7DB52645-AAD3-484F-91EF-BF539BB685CB}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [675b4a9398f268ce2635732331d407f9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7FA5DC1D-7E58-467D-A83D-9CCFDE506270}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [5e64d508eb9fb086de7eade964a145bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84469EC0-4E8A-4289-B854-5F6BF6DCEA5C}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [368c7766a0eac96d0c50494d8f7615eb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B1AE41E-8ECB-485D-9961-7645E6DAB5CC}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [4d756a7363276cca401c177fd0355aa6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B555734-D592-48BD-8C46-2F587617D7D6}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [f0d202db9cee96a03b200d899471bc44]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{95691341-A5DC-4E0F-85A9-D494EF9E556B}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [566c8e4fccbe64d2f2696b2b8d788c74]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9F426D1D-1A06-4C3B-A46A-CB7B545F211C}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [4082a439008a71c59ebe94026b9a6b95]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACA99E41-4B9A-462D-B016-773EFBC4A3E3}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [7f43a23bcbbf53e393c8b8de768fb050]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AF40EE1D-4E20-4A81-B78A-51F3596AC9AA}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [734f3da04c3ecc6a4615405609fc867a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B252CA6E-5AE1-4A4F-B4AA-B93A37BC8F5A}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-buttonutil.exe, En quarantaine, [f9c907d6c5c561d560fbe1b5bc49f20e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B258C653-7FFB-4EE1-9DB7-13D1EA449098}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [af136f6eb3d77abc411b3f57fc09cb35]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B68FB102-9643-4F01-8755-A72370E83C72}|AppName, edaf381d-e691-4983-b287-0736794ffe2e-2.exe-codedownloader.exe, En quarantaine, [556d57860e7c88ae213bbfd7af56b14f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-738575232-1863047309-3874688892-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B945C064-7EBB-4356-9E5C-3FE250C046FA}|AppName, edaf381d-e6

Réponse 3 / 3

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
Modifié par Malekal_morte- le 5/07/2015 à 07:38

Les détections Malwarebytes sont pour la majorité des adwares.
(bon le rapport a l'air incomplet).
Ce qui a été supprimé par Combofix n'est pas malicieux.
Tes rapports FRST ne montre pas d'infection (du moins pas d'infection active).

Malwarebyte a donc l'air d'avoir tout désinfecté.

Like the angel you are, you laugh creating a lightness in my chest,
Your eyes they penetrate me,
(Your answer's always 'maybe')
That's when I got up and left

tedted Messages postés 13 Date d'inscription samedi 4 juillet 2015 Statut Membre Dernière intervention 20 janvier 2016
5 juil. 2015 à 17:35

D'accord merci beaucoup. Dernière petite question, un trojan supprimé peut-il revenir ?

Malekal_morte- Messages postés 180304 Date d'inscription mercredi 17 mai 2006 Statut Modérateur, Contributeur sécurité Dernière intervention 15 décembre 2020 24 628
6 juil. 2015 à 09:06

Ca dépend, y a pas de réponse à cette question...

Lis ça, Sécurisé ton PC : http://forum.malekal.com/comment-securiser-son-ordinateur.html

Newsletters