start::
closeprocesses:
createrestorepoint:
cmd: type C:\ProgramData\NTUSER.pol
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-01-15] []
FF Extension: (Protected Browsing) - C:\Users\SNCF\AppData\Roaming\Mozilla\Firefox\Profiles\d4m74inp.default\Extensions\protbrowsing@live.xpi [2021-01-20] [UpdateUrl:hxxps://protected-browsing.best/resources/extension.json]
FF Notifications: Mozilla\Firefox\Profiles\d4m74inp.default -> hxxps://www.mydates.com; hxxps://axa-fr-by.accengage.net; hxxps://www.cnetfrance.fr; hxxps://www.youtube.com; hxxps://fr.softonic.com; hxxps://www.banggood.com; hxxps://www.jetcost.com; hxxps://www.gentside.com; hxxps://geek.wish.com; hxxps://www.francetvinfo.fr; hxxps://www.promobutler.be; hxxps://www.piecesauto24.com; hxxps://arml.clicforum.com; hxxps://fr.aliexpress.com; hxxps://wyylde.com; hxxps://fr-fr.wyylde.com; hxxps://onelink.services; hxxps://www.aliexpress.com; hxxps://www.mister-auto.com; hxxps://www.instagram.com; hxxps://cafdelabourse.by.wonderpush.com; hxxps://forums.commentcamarche.net
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [119]
AlternateDataStreams: C:\ProgramData\TEMP:B755D674 [300]
SearchScopes: HKU\S-1-5-21-2670555677-2512078356-1386882956-1001 -> DefaultScope {CE19216F-F035-4939-878F-E70E00C4DC27} URL =
SearchScopes: HKU\S-1-5-21-2670555677-2512078356-1386882956-1001 -> {CE19216F-F035-4939-878F-E70E00C4DC27} URL =
FirewallRules: [UDP Query User{D3259226-CF9E-4153-B2F7-201AAE23812C}E:\ipcamera.exe] => (Allow) E:\ipcamera.exe => Pas de fichier
FirewallRules: [TCP Query User{58A9B5CB-ABA5-450A-BCBC-390E03D0FBF3}E:\ipcamera.exe] => (Allow) E:\ipcamera.exe => Pas de fichier
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
emptytemp:
end::