Posté le 30 mai 2018
Télécharger | Reposter | Largeur fixe

start::
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Pas de fichier
Task: {1B56214D-14AF-4E25-B142-37739B2E3460} - System32\Tasks\Dregol lefa => C:\Windows\SysWOW64\wscript.exe "C:\ProgramData\{5851B092-08D3-6114-B955-119669D7C218}\1.9.3.1\fiber.js" "433a2f50726f6772616d446174612f7b35383531423039322d303844332d363131342d423935352d3131393636394437433231387d2f312e392e332e312f6c6566612e646c6c" "687474703a2f2f73616f2e7265716472652e636f6d2f" "--IsErIk"
Task: {31E4CF3D-EDF0-473E-8F9B-ACECDBB57037} - System32\Tasks\Rocket Updater => C:\Users\Laetitia\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {75BA02D2-7BE4-41F5-BD0C-9368B5AF8D3E} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {8FA10533-5FF4-4BCF-8D24-7BE0ADBCA67B} - System32\Tasks\SweetLabs App Platform => C:\Users\Laetitia\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-04-18] ()
Task: {9B844B79-EBA9-4ADC-B9B8-52BA217CBE31} - System32\Tasks\Run_dregol => C:\Users\Laetitia\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Dregol lefa.job => Wscript.exe C:\ProgramData\{5851B092-08D3-6114-B955-119669D7C218}\1.9.3.1\fiber.js <==== ATTENTION
Task: C:\WINDOWS\Tasks\Rocket Updater.job => C:\Users\Laetitia\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Run_dregol.job => C:\Users\Laetitia\AppData\Roaming\RUN_DR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\ProgramData\{5851B092-08D3-6114-B955-119669D7C218}
C:\Users\Laetitia\AppData\Roaming\Rocket Updater
C:\Users\Laetitia\AppData\Local\SweetLabs App Platform
C:\Users\Laetitia\AppData\Roaming\Run_dregol
virustotal: C:\X4\Chat\ChatAgent.exe
FirewallRules: [{4ABCB1F4-A43F-47FC-9B59-CCAE9F85356E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C829F750-17F8-4B34-B324-3268534433A9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{37CDEE47-3294-4F3E-AFB1-EC70A7D838BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{478C5931-5375-458D-9FD3-9221D823E9FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [TCP Query User{15ECD971-142A-4148-B7FA-8FA46A5054DA}C:\program files (x86)\telemaintenance\rmvnctemp\instantsupportvnc.exe] => (Block) C:\program files (x86)\telemaintenance\rmvnctemp\instantsupportvnc.exe
FirewallRules: [UDP Query User{A523B154-221B-40A4-BFBE-55ABABC9BC34}C:\program files (x86)\telemaintenance\rmvnctemp\instantsupportvnc.exe] => (Block) C:\program files (x86)\telemaintenance\rmvnctemp\instantsupportvnc.exe
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rocket-find.com/?f=1&a=rckt_tele_14_27_ie&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StA0AyCtAyBtCtBtDtG0E0EzytAtGzy0AyBtAtG0DtDyB0BtGtB0C0CtDyEyE0AyC0Bzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtAyDyB0AyEyEtGtCyCzzyCtGtCzyzzyBtG0D0F0A0DtGtDtBtC0B0AyB0F0B0DtBtDyB2Q&cr=1962567485&ir=
HKU\S-1-5-21-2602402571-3999953525-3982690734-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKU\S-1-5-21-2602402571-3999953525-3982690734-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-118-756
SearchScopes: HKLM -> DefaultScope {146A27AA-D71B-47C4-8872-655FAF93C6AE} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_fsvideosft_15_15&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0StCtCzyyEtN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0FyCyByBtC0AtDtG0BtCyEyBtG0E0E0CzztGtA0CyB0EtGtByDyC0EyCyCyD0E0AyD0DtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyCtB0DzztCtB0BtG0A0AyD0BtGyEtDyD0AtG0AyEtCyBtGyE0A0D0E0DyCyB0EtA0AyEyB2QtN0A0LzuyE&cr=807134929&ir=
SearchScopes: HKLM -> {146A27AA-D71B-47C4-8872-655FAF93C6AE} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_fsvideosft_15_15&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0StCtCzyyEtN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0FyCyByBtC0AtDtG0BtCyEyBtG0E0E0CzztGtA0CyB0EtGtByDyC0EyCyCyD0E0AyD0DtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyCtB0DzztCtB0BtG0A0AyD0BtGyEtDyD0AtG0AyEtCyBtGyE0A0D0E0DyCyB0EtA0AyEyB2QtN0A0LzuyE&cr=807134929&ir=
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_tele_14_27_ie&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StA0AyCtAyBtCtBtDtG0E0EzytAtGzy0AyBtAtG0DtDyB0BtGtB0C0CtDyEyE0AyC0Bzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtAyDyB0AyEyEtGtCyCzzyCtGtCzyzzyBtG0D0F0A0DtGtDtBtC0B0AyB0F0B0DtBtDyB2Q&cr=1962567485&ir=
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {146A27AA-D71B-47C4-8872-655FAF93C6AE} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_fsvideosft_15_15&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0StCtCzyyEtN1L2XzutAtFzytFzztFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StB0FyCyByBtC0AtDtG0BtCyEyBtG0E0E0CzztGtA0CyB0EtGtByDyC0EyCyCyD0E0AyD0DtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyCtB0DzztCtB0BtG0A0AyD0BtGyEtDyD0AtG0AyEtCyBtGyE0A0D0E0DyCyB0EtA0AyEyB2QtN0A0LzuyE&cr=807134929&ir=
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {7281D30A-4A67-11E5-8297-F80F41B97015} URL = hxxps://secure.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={1D04D191-92F8-453F-BC01-B60EF42EBE97}&mid=560976be368c47d2a1ef2946075d99e6-6b028f03d84a923527a4d57dc06e9606311b6cd2&lang=fr&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-09-08 11:55:02&v=18.1.9.786&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_tele_14_27_ie&cd=2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0BzyyBtDtCyD0B0DtDtAtN0D0Tzu0SzytCtBtN1L2XzutBtFtBtCtFzztFtDtN1L1CzutCyEtBzytDyD1V1RtN1L1G1B1V1N2Y1L1Qzu2StA0AyCtAyBtCtBtDtG0E0EzytAtGzy0AyBtAtG0DtDyB0BtGtB0C0CtDyEyE0AyC0Bzz0ByD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyDtAyDyB0AyEyEtGtCyCzzyCtGtCzyzzyBtG0D0F0A0DtGtDtBtC0B0AyB0F0B0DtBtDyB2Q&cr=1962567485&ir=
SearchScopes: HKU\S-1-5-21-2602402571-3999953525-3982690734-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
BHO: Pas de nom -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2602402571-3999953525-3982690734-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-07] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-07] (McAfee, Inc.)
S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [70112 2013-08-07] (McAfee, Inc.)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [179664 2013-08-07] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [310224 2013-08-07] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [69264 2013-08-07] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [519064 2013-08-07] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [776168 2013-08-07] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [343568 2013-08-07] (McAfee, Inc.)
cmd: ipconfig /flushdns
emptytemp:
end::



x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.