Laboratoire antivirus Avira

‹ Retour

PUA/AD.InstallCore.B

Brève description
  • Nom
    PUA/AD.InstallCore.B
  • La date de la découverte
    11 nov. 2017
  • Version VDF
    7.14.34.24 (2017-11-11 11:45)
Description complète

Cette classe d'indicateurs de détection, applications potentiellement indésirables (PUA), peut nuire à la vie privée de l'utilisateur et à la sécurité du système local. Il s'agit d'applications légitimes qui tentent souvent d'utiliser l'ingénierie sociale pour inciter l'utilisateur à installer des offres supplémentaires au cours de l'installation du logiciel voulu initialement par l'utilisateur. Les logiciels, publicités ou sites Internet affichant l'un ou l'autre comportement et/ou propriétés répréhensibles sont classés en tant que PUA. Une liste complète des PUA est disponible sous http://www.avira.com/en/potentially-unwanted-applications. Cette détection ne signifie pas que le fichier est malveillant. Toutefois, si le fichier a été installé sur le système sans que l'utilisateur en soit informé, la vie privée de ce dernier ou la sécurité du système peuvent être en danger. Il n'est recommandé de désactiver cette détection qu'aux seuls utilisateurs avancés connaissant les risques et la façon d'utiliser ces applications.

  • VDF
    7.14.34.24 (2017-11-11 11:45)
  • Captures d'écran
  • Activité réseau
    • rp.quickcl*****.com/
  • Processus
    • %executed_sample%
  • Fichiers
    Les fichiers suivants sont créés:
    • %TEMPDIR%\00032451.log
    • %TEMPDIR%\inH2059211918\csshover3.htc
    • %TEMPDIR%\inH2059211918\form.bmp.Mask
    • %TEMPDIR%\inH2059211918\css\ie6_main.css
    • %TEMPDIR%\inH2059211918\css\main.css
    • %TEMPDIR%\inH2059211918\css\sdk-ui\browse.css
    • %TEMPDIR%\inH2059211918\css\sdk-ui\button.css
    • %TEMPDIR%\inH2059211918\css\sdk-ui\checkbox.css
    • %TEMPDIR%\inH2059211918\css\sdk-ui\progress-bar.css
    • %TEMPDIR%\inH2059211918\css\sdk-ui\images\button-bg.png
    • %TEMPDIR%\inH2059211918\css\sdk-ui\images\progress-bg-corner.png
    • %TEMPDIR%\inH2059211918\css\sdk-ui\images\progress-bg.png
    • %TEMPDIR%\inH2059211918\css\sdk-ui\images\progress-bg2.png
    • %TEMPDIR%\inH2059211918\images\BG.png
    • %TEMPDIR%\inH2059211918\images\Close.png
    • %TEMPDIR%\inH2059211918\images\Close_Hover.png
    • %TEMPDIR%\inH2059211918\images\Color_Button.png
    • %TEMPDIR%\inH2059211918\images\Color_Button_Hover.png
    • %TEMPDIR%\inH2059211918\images\Grey_Button.png
    • %TEMPDIR%\inH2059211918\images\Grey_Button_Hover.png
    • %TEMPDIR%\inH2059211918\images\Icon_Generic.png
    • %TEMPDIR%\inH2059211918\images\Loader.gif
    • %TEMPDIR%\inH2059211918\images\Minimize.png
    • %TEMPDIR%\inH2059211918\images\Minimize_Hover.png
    • %TEMPDIR%\inH2059211918\images\Pause_Button.png
    • %TEMPDIR%\inH2059211918\images\Progress.png
    • %TEMPDIR%\inH2059211918\images\ProgressBar.png
    • %TEMPDIR%\inH2059211918\images\Quick_Specs.png
    • %TEMPDIR%\inH2059211918\images\Resume_Button.png
    • %TEMPDIR%\inH2059211918\images\sponsored.png
    • %TEMPDIR%\inH2059211918\locale\CS.locale
    • %TEMPDIR%\inH2059211918\locale\DA.locale
    • %TEMPDIR%\inH2059211918\locale\DE.locale
    • %TEMPDIR%\inH2059211918\locale\EL.locale
    • %TEMPDIR%\inH2059211918\locale\EN.locale
    • %TEMPDIR%\inH2059211918\locale\ES.locale
    • %TEMPDIR%\inH2059211918\locale\FR.locale
    • %TEMPDIR%\inH2059211918\locale\ID.locale
    • %TEMPDIR%\inH2059211918\locale\IT.locale
    • %TEMPDIR%\inH2059211918\locale\JA.locale
    • %TEMPDIR%\inH2059211918\locale\KO.locale
    • %TEMPDIR%\inH2059211918\locale\NL.locale
    • %TEMPDIR%\inH2059211918\locale\NO.locale
    • %TEMPDIR%\inH2059211918\locale\PL.locale
    • %TEMPDIR%\inH2059211918\locale\PT.locale
    • %TEMPDIR%\inH2059211918\locale\RU.locale
    • %TEMPDIR%\inH2059211918\locale\SV.locale
    • %TEMPDIR%\inH2059211918\locale\TR.locale
    • %TEMPDIR%\inH2059211918\locale\ZH.locale
    • %TEMPDIR%\00036038.log
    • %TEMPDIR%\inH2059211918\bootstrap_54420.html
    • %TEMPDIR%\is-SNPGB.tmp\%executed_sample_name%.tmp
    • %TEMPDIR%\is-VCUH4.tmp\_isetup\_setup64.tmp
    • %TEMPDIR%\is-VCUH4.tmp\_isetup\_shfoldr.dll
    • %PROGRAM FILES% (x86)\Dicesehor\is-MGIBJ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0O0G5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KG686.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EH66I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-ICTTQ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-PGKE8.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-04CDN.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P2HD9.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0CJMC.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-2ILS0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KJQHF.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P8QR0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-G4H20.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0BFP5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EOVI5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-OV59G.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-BDS1E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-MHO9E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-N122I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-7I9MG.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\unins000.dat
    Les fichiers suivants sont modifiés:
    • %APPDATA%\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT
    • %TEMPDIR%\is-SNPGB.tmp\%executed_sample_name%.tmp
    • %TEMPDIR%\is-VCUH4.tmp\_isetup\_setup64.tmp
    • %TEMPDIR%\is-VCUH4.tmp\_isetup\_shfoldr.dll
    • %PROGRAM FILES% (x86)\Dicesehor\is-MGIBJ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0O0G5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KG686.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EH66I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-ICTTQ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-PGKE8.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-04CDN.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P2HD9.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0CJMC.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-2ILS0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KJQHF.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P8QR0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-G4H20.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0BFP5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EOVI5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-OV59G.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-BDS1E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-MHO9E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-N122I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-7I9MG.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\unins000.dat
    Les fichiers suivants sont supprimés:
    • %TEMPDIR%\00032451.log
    • %TEMPDIR%\00036038.log
    Les pilotes suivants sont chargés:
    • \Device\KsecDD
    • %SYSDIR%
    • %WINDIR%\winsxs\FileMaps\program_files_x86_dicesehor_b65ff3c479df97a8.cdf-ms
    • %PROGRAM FILES% (x86)\Dicesehor\is-MGIBJ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0O0G5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KG686.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EH66I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-ICTTQ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-PGKE8.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-04CDN.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P2HD9.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0CJMC.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-2ILS0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KJQHF.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P8QR0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-G4H20.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0BFP5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EOVI5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-OV59G.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-BDS1E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-MHO9E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-N122I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-7I9MG.tmp
    • %TEMPDIR%\%executed_sample%
    • %WINDIR%\SysWOW64\en-US\KERNELBASE.dll.mui
    • %SYSDIR%\netmsg.dll
    • %TEMPDIR%\is-SNPGB.tmp\%executed_sample_name%.tmp
    • %WINDIR%\Globalization\Sorting\sortdefault.nls
    • %SYSDIR%\imageres.dll
    • %SYSDIR%\shell32.dll
    • %PROGRAM FILES% (x86)\Dicesehor\Pederabot.exe
    • %PROGRAM FILES% (x86)\Dicesehor\unins000.dat
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC\statecache.lock
    • %APPDATA%\Local\Microsoft\Windows\WER\ReportArchive
    • %PROGRAMDATA%\Microsoft\Windows\WER\ReportArchive
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC
    Les fichiers suivants sont exécutés:
    • \Device\KsecDD
    • %SYSDIR%
    • %WINDIR%\winsxs\FileMaps\program_files_x86_dicesehor_b65ff3c479df97a8.cdf-ms
    • %PROGRAM FILES% (x86)\Dicesehor\is-MGIBJ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0O0G5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KG686.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EH66I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-ICTTQ.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-PGKE8.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-04CDN.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P2HD9.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0CJMC.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-2ILS0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-KJQHF.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-P8QR0.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-G4H20.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-0BFP5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-EOVI5.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-OV59G.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-BDS1E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-MHO9E.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-N122I.tmp
    • %PROGRAM FILES% (x86)\Dicesehor\is-7I9MG.tmp
    • %TEMPDIR%\%executed_sample%
    • %WINDIR%\SysWOW64\en-US\KERNELBASE.dll.mui
    • %SYSDIR%\netmsg.dll
    • %TEMPDIR%\is-SNPGB.tmp\%executed_sample_name%.tmp
    • %WINDIR%\Globalization\Sorting\sortdefault.nls
    • %SYSDIR%\imageres.dll
    • %SYSDIR%\shell32.dll
    • %PROGRAM FILES% (x86)\Dicesehor\Pederabot.exe
    • %PROGRAM FILES% (x86)\Dicesehor\unins000.dat
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC\statecache.lock
    • %APPDATA%\Local\Microsoft\Windows\WER\ReportArchive
    • %PROGRAMDATA%\Microsoft\Windows\WER\ReportArchive
    • %APPDATA%\Local\Microsoft\Windows\WER\ERC
  • Registre
    Les entrées de registre suivantes sont ajoutées:
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings (""ProxyEnable"": "dword:00000000") ("ProxyServer": "-") ("ProxyOverride": "-") ("AutoConfigURL": "-")
    • HKEY_CLASSES_ROOT\Local Settings\MuiCache\2D\52C64B7E (""LanguageList"": ""en-US;en;"")
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\%executed_sample_name%_RASAPI32 (""EnableFileTracing"": "dword:00000000") (""EnableConsoleTracing"": "dword:00000000") (""FileTracingMask"": "dword:ffff0000") (""ConsoleTracingMask"": "dword:ffff0000") (""MaxFileSize"": "dword:00100000") (""FileDirectory"": ""%windir%\\tracing"")
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\%executed_sample_name%_RASMANCS (""EnableFileTracing"": "dword:00000000") (""EnableConsoleTracing"": "dword:00000000") (""FileTracingMask"": "dword:ffff0000") (""ConsoleTracingMask"": "dword:ffff0000") (""MaxFileSize"": "dword:00100000") (""FileDirectory"": ""%windir%\\tracing"")
    • HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\Location Awareness
    • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap ("ProxyBypass": "-") ("IntranetName": "-")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{58BF48AF-81A4-472D-9931-7D3DA8432D34} (""WpadDecisionReason"": "dword:00000001") (""WpadDecisionTime"": "%hex_values%") (""WpadDecision"": "dword:00000000") (""WpadNetworkName"": ""Network 2"")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\{58BF48AF-81A4-472D-9931-7D3DA8432D34}\00-23-7d-29-a4-a9
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad\00-23-7d-29-a4-a9 (""WpadDecisionReason"": "dword:00000001") (""WpadDecisionTime"": "%hex_values%") (""WpadDecision"": "dword:00000000")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad (""WpadLastNetwork"": ""{58BF48AF-81A4-472D-9931-7D3DA8432D34}"")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Owner": "D [")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("SessionHash": "D(<ss`%$1uR#+8")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Sequence": "1")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0000": "%PROGRAM FILES% (x86)\Dicesehor\Pederabot.exe")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFilesHash": "iWqa?[XaT/g=k")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0001": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegSvcs0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegProcs0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.101.2-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.103.2-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.100.1-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "#ACBlob7[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.102.2-13435153312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlobt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting ("LastQueuePesterTime": "131153085856669921")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobtem")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "#ACBlobdmk:[{01979c6a-42fa-414c-b8aa-eee2c8202018}.notification.0er.txt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\26\52C64B7E ("LanguageList": "en-USen")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Setup Version": "5.5.5 (a)")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: App Path": "%PROGRAM FILES% (x86)\Dicesehor")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("InstallLocation": "%PROGRAM FILES% (x86)\Dicesehor\")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Icon Group": "Dicesehor")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: User": "Administrator")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Language": "default")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("DisplayName": "Dicesehor version 1.3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("UninstallString": ""%PROGRAM FILES% (x86)\Dicesehor\unins000.exe"")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("QuietUninstallString": ""%PROGRAM FILES% (x86)\Dicesehor\unins000.exe" /SILENT")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("DisplayVersion": "1.3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("NoModify": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("NoRepair": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("InstallDate": "20171111")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("MajorVersion": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("MinorVersion": "3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("EstimatedSize": "816")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1
    Les entrées de registre suivantes sont modifiées:
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Owner": "D [")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("SessionHash": "D(<ss`%$1uR#+8")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("Sequence": "1")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0000": "%PROGRAM FILES% (x86)\Dicesehor\Pederabot.exe")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFilesHash": "iWqa?[XaT/g=k")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegFiles0001": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegSvcs0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\RestartManager\Session0000 ("RegProcs0000": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.106
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.101 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.101.2-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.103 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.103.2-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.100 ("CheckSetting": "#ACBlobN[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.100.1-13435003312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.102 ("CheckSetting": "#ACBlob7[{E8433B72-5842-4d43-8645-BC2C35960837}.notification.102.2-13435153312")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{E8433B72-5842-4d43-8645-BC2C35960837}.check.104
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlobt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting ("LastQueuePesterTime": "131153085856669921")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\Windows Error Reporting
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.100 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{852FB1F8-5CC6-4567-9C0E-7C330F8807C2}.check.101 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlobtem")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{01979c6a-42fa-414c-b8aa-eee2c8202018}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.100 ("CheckSetting": "#ACBlobdmk:[{01979c6a-42fa-414c-b8aa-eee2c8202018}.notification.0er.txt")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{01979c6a-42fa-414c-b8aa-eee2c8202018}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{945a8954-c147-4acd-923f-40c45405a658}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{945a8954-c147-4acd-923f-40c45405a658}.check.42
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{DAB69A6A-4D2A-4D44-94BF-E0091898C881}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{11CD958A-C507-4EF3-B3F2-5FD9DFBD2C78}.check.101
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A} ("LastKnownState": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Providers\EventLog\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100 ("CheckSetting": "")
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{A5268B8E-7DB5-465b-BAB7-BDCDA39A394A}.check.100
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Action Center\Checks\{C8E6F269-B90A-4053-A3BE-499AFCEC98C4}.check.0 ("CheckSetting": "#ACBlob")
    • HKEY_CURRENT_USER\Software\Classes\Local Settings\MuiCache\26\52C64B7E ("LanguageList": "en-USen")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Setup Version": "5.5.5 (a)")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: App Path": "%PROGRAM FILES% (x86)\Dicesehor")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("InstallLocation": "%PROGRAM FILES% (x86)\Dicesehor\")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Icon Group": "Dicesehor")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: User": "Administrator")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("Inno Setup: Language": "default")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("DisplayName": "Dicesehor version 1.3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("UninstallString": ""%PROGRAM FILES% (x86)\Dicesehor\unins000.exe"")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("QuietUninstallString": ""%PROGRAM FILES% (x86)\Dicesehor\unins000.exe" /SILENT")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("DisplayVersion": "1.3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("NoModify": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("NoRepair": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("InstallDate": "20171111")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("MajorVersion": "1")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("MinorVersion": "3")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1 ("EstimatedSize": "816")
    • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Dicesehor_is1
    Les valeurs des clés de registre suivantes sont supprimées:
    • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings (""ProxyEnable"": "dword:00000000") ("ProxyServer": "-") ("ProxyOverride": "-") ("AutoConfigURL": "-")
    • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap ("ProxyBypass": "-") ("IntranetName": "-")
  • Alias
    ESET: Win32/InstallCore.Gen.A potentially unwanted application
    Kaspersky Lab: not-a-virus:AdWare.Win32.DealPly.cnpkr