cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser];r64
"{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}"=-;r64
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar];r
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar];r64
"{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}"=-;r64
C:\Program Files (x86)\Optimizer Pro;fs
C:\Windows\Tasks\PerfMonitor_strtp.job;f
C:\Windows\System32\Tasks\PerfMonitor_strtp;f
[-HKEY_CURRENT_USER\Software\ForumerIT];r64
[-HKEY_CURRENT_USER\Software\Software];r64
[-HKEY_CURRENT_USER\Software\TeleCharger];r64
[-HKEY_LOCAL_MACHINE\Software\Software];r
C:\ProgramData\{6D2CFBB4-9D45-4C31-9E6E-AA9EB4FB9A5E};fs
C:\Users\Regis\AppData\Local\PackageStaging;fs
C:\Windows\Prefetch\IMINENTMINIBARIE.EXE-2DC6325F.pf;f
C:\Windows\Prefetch\IMINENT_1712-B2FCAD5E.EXE-A14DCCDC.pf;f
C:\Windows\Prefetch\MINIBARFIREFOX.EXE-D515CE2C.pf;f
C:\Windows\Prefetch\WAJAM_INSTALL.EXE-63E9443F.pf;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BringStar_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\BringStar_RASMANCS];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateBringStar_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateBringStar_RASMANCS];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateEnhanceTronic_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateEnhanceTronic_RASMANCS];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateZebar_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\updateZebar_RASMANCS];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\utilBringStar_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\utilBringStar_RASMANCS];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Zebar_RASAPI32];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\Zebar_RASMANCS];r
HKEY_CURRENT_USER\Software\CC;e
ipconfig /flushdns >> C:\zoek-results.log;b
emptyfolderscheck;delete
emptyclsid;
msconfigcheck;
standardsearch;
drivers-services-list;
installedprogs;
installer-list;
uninstall-list;
torpigcheck;
srinfo;
hostslook;
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost" /v netsvcs /se "%" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components" /s >> C:\zoek-results.log;b
%temp%\*.exe;vs
%SYSTEMDRIVE%\*.exe;v
%ALLUSERSPROFILE%\Application Data;v
%ALLUSERSPROFILE%\Application Data\*.exe;vs
%APPDATA%;v
%APPDATA%\*.exe;vs
C:\Windows\system32\consrv.dll;i
%SystemDrive%\$RECYCLE.BIN;vs
%SystemDrive%\RECYCLER;vs
%SystemRoot%\assembly\GAC;v
%SystemRoot%\assembly\GAC_32;v
%SystemRoot%\assembly\GAC_64;v
reg query "HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32" >> C:\zoek-results.log;b
%WINDIR%\pss;v
%LOCALAPPDATA%;v
%LOCALAPPDATA%\Google\Desktop;vs
C:\Program Files\Google\Desktop;vs
C:\Program Files (x86)\Google\Desktop;vs
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce" >> C:\zoek-results.log;b
%systemroot%\System32\config\*.sav;v
reg query "HKEY_LOCAL_MACHINE\SOFTWARE" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node" >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\SOFTWARE" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Clients\StartMenuInternet" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\FeatureControl" /s /f "svchost.exe" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center" /s >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Unknown\shell\openas\command" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "{*}" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "TCP Query User" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules" /f "UDP Query User" >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v DhcpNameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" /v NameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" /s /v DhcpNameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces" /s /v NameServer >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" /s /v DLLName >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" /s /v DLLName >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Shell >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon" /v Userinit >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v Debugger >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v Debugger >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v BreakOnDllLoad >> C:\zoek-results.log;b
reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" /s /v BreakOnDllLoad >> C:\zoek-results.log;b
reg query "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2" /s /f "command" > %LOCALAPPDATA%\Temp\mount.txt;b
for /f %%i in (%LOCALAPPDATA%\Temp\mount.txt) do reg query %%i >> C:\zoek-results.log;b
nslookup www.google.fr >> C:\zoek-results.log;b
dir /AL /S C:\ >> C:\zoek-results.log;b
shortcutfix;

Publicité


Signaler le contenu de ce document

Publicité