cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
RemoveProxy:


GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-93609834-3616060209-745128814-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-93609834-3616060209-745128814-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2016-07-22] (Skype Technologies)

FF DefaultProfile: qxexr5ou.default-1283357187412
FF ProfilePath: C:\Users\satellite\AppData\Roaming\Mozilla\Firefox\Profiles\qxexr5ou.default-1283357187412 [2016-10-06]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => non trouvé(e)
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => non trouvé(e)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr
CHR StartupUrls: Default -> "hxxp://bem-bac-onefd.blogspot.com/2016/03/2016_63.html","hxxp://www.onec.dz/","hxxps://questionnaire.univ-tlemcen.dz/index.php/132783","hxxp://www.tomohna.org/4ap.html","hxxps://passeport.interieur.gov.dz/Ar/DemandeCNIBE/Demander%20la%20carte%20d'identit%C3%A9%20en%20ligne"
S3 catchme; \??\C:\Users\SATELL~1\AppData\Local\Temp\catchme.sys [X]
S2 egldrv; \??\C:\Program Files\tuEagles\egldrv.sys [X]
S2 eglFS; \??\C:\Program Files\tuEagles\eglfs.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Task: {019FBB05-9628-4C45-B613-40B73018CDE4} - \SparkUpdater -> Pas de fichier <==== ATTENTION
Task: {FAAE9871-BEA8-48FD-B065-6756C61BD4F2} - System32\Tasks\{3C030B53-2E11-4B41-9CDD-B383EB317FA4} => pcalua.exe -a C:\Users\SATELL~1\AppData\Local\Temp\jre-8u73-windows-au.exe -d C:\Windows\system32 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION




CMD: netsh winsock reset all
CMD: ipconfig /flushdns
hosts:
EmptyTemp:
Reboot:
end

Publicité

Signaler le contenu de ce document

Publicité