cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
Hosts:
CreateRestorePoint:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [] => [X]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> Pas de fichier
GroupPolicy: Restriction <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
ManualProxies: 0hxxp://none-stops.org/wpad.dat?96954daca50c816587d00a01922f39ec20627653
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-84980488-1675406136-4010887679-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://mail.ru/cnt/10445?gp=811013
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_chtengin_16_51¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtByEtC0D0CyEzytB0F0F0C0F0C0EtN0D0Tzu0StCzztBtDtN1L2XzutAtFtByDtFtCtFyBzztN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtC0B0BzytByByCtGyB0Ezz0EtG0BtAtBzztGyDtDtCzztG0EyDtCtCtC0FtBzy0CtCyD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0BtA0Dzy0EtAtBtG0D0FzztCtGyE0DtA0DtG0B0C0C0EtGyCyEzz0BtCzy0FyC0E0Czz0E2QtN0A0LzuyE%26cr%3D222809106%26a%3Dwbf_chtengin_16_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-84980488-1675406136-4010887679-1000 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7BEBB95CFA-86A0-41FF-93D1-0DDB0E349A7C%7D&gp=811014
SearchScopes: HKU\S-1-5-21-84980488-1675406136-4010887679-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={8DA34A9B-B89C-4F34-A038-94B3B6667429}&mid=5775d1d58bed47cf9fb6d16d5b207b0c-2f5ddeb55cb820a324679a5890bf5e366f9b9469&lang=fr&ds=AVG&coid=avgtbavg&cmpid=1116avt&pr=fr&d=2016-11-23 13:02:34&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-84980488-1675406136-4010887679-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7BEBB95CFA-86A0-41FF-93D1-0DDB0E349A7C%7D&gp=811014
BHO-x32: Ïîèñê@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\Jin_Kazuma\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2017-01-27] (Mail.Ru)
CHR HomePage: Profile 1 -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR DefaultSearchURL: Profile 1 -> hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR Extension: (???????? ???????? Mail.Ru) - C:\Users\Jin_Kazuma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icanjjkadceebmhanpekkofdhclnoijl [2017-03-15]
CHR Extension: (???????? ???????? Mail.Ru) - C:\Users\Jin_Kazuma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icanjjkadceebmhanpekkofdhclnoijl [2017-03-15]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
U3 aswbdisk; pas de ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]



EmptyTemp:
RemoveProxy:
end

Publicité

Signaler le contenu de ce document

Publicité