cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CloseProcesses:
Hosts:
CreateRestorePoint:
(Roozz) C:\Program Files (x86)\Roozz\Updater.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-3365763394-745426455-204747936-1001 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3365763394-745426455-204747936-1001 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
BHO-x32: eye perform 1.0.0.7 -> {7768ecae-6b40-4398-bef1-db0a206f0009} -> C:\Program Files (x86)\eye perform\eyeperformbho.dll [2015-07-15] ()
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -> No File
C:\Program Files (x86)\eye perform\eyeperformbho.dll
FF DefaultSearchEngine,S: WebSearch
FF DefaultSearchUrl: hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/06/04&l=1&q=
FF SearchEngineOrder.1: WebSearch
FF SearchEngineOrder.1,S: WebSearch
FF SelectedSearchEngine,S: WebSearch
FF Keyword.URL: hxxp://websearch.searchfix.info/?unqvl=63&idate=2015/06/04&l=1&q=
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-06-04] (Pando Networks)
FF Plugin-x32: @Roozz.com/RoozzPlugin -> C:\Program Files (x86)\Roozz\nproozz.dll [2013-10-25] (Roozz.com)
FF Plugin HKU\S-1-5-21-3365763394-745426455-204747936-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-06-04] (Pando Networks)
FF Plugin HKU\S-1-5-21-3365763394-745426455-204747936-1001: pokki.com/PokkiDownloadHelper -> C:\Users\Nicolas\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll No File
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Extension: (Tampermonkey) - C:\Users\Nicolas\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-09-10]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4687672 2012-05-15] (INCA Internet Co., Ltd.) [File not signed]
S2 699fd52f; "C:\Windows\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
2015-07-25 18:44 - 2015-07-25 18:44 - 00003212 _____ C:\Windows\System32\Tasks\BoBrowser
C:\Windows\System32\Tasks\BoBrowser
2015-07-25 18:35 - 2015-07-25 18:35 - 00003760 _____ C:\Windows\System32\Tasks\Selection Tools Update
2015-07-25 18:35 - 2015-07-25 18:35 - 00003726 _____ C:\Windows\System32\Tasks\WindApp Update
2015-07-25 18:35 - 2015-07-25 18:35 - 00000078 _____ C:\Users\Nicolas\AppData\Roaming\WindApp.installation.log
2015-07-25 18:35 - 2015-07-25 18:35 - 00000078 _____ C:\Users\Nicolas\AppData\Roaming\Selection Tools.installation.log
2015-07-25 18:33 - 2015-07-25 18:35 - 00005725 _____ C:\Users\Nicolas\AppData\Roaming\Bubble Dock.installation.log
2015-07-25 18:33 - 2015-07-25 18:33 - 00000097 _____ C:\Users\Nicolas\AppData\Roaming\WindApp.boostrap.log
2015-07-25 18:32 - 2015-07-25 18:35 - 00001261 _____ C:\Users\Nicolas\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-25 18:29 - 2015-07-25 18:30 - 00000000 ____D C:\Program Files (x86)\eye perform
2015-07-25 18:32 - 2015-07-25 18:35 - 0001261 _____ () C:\Users\Nicolas\AppData\Roaming\Bubble Dock.boostrap.log
2015-07-25 18:33 - 2015-07-25 18:35 - 0005725 _____ () C:\Users\Nicolas\AppData\Roaming\Bubble Dock.installation.log
2015-07-25 18:35 - 2015-07-25 18:35 - 0000078 _____ () C:\Users\Nicolas\AppData\Roaming\Selection Tools.installation.log
2015-07-25 18:33 - 2015-07-25 18:33 - 0000097 _____ () C:\Users\Nicolas\AppData\Roaming\WindApp.boostrap.log
2015-07-25 18:35 - 2015-07-25 18:35 - 0000078 _____ () C:\Users\Nicolas\AppData\Roaming\WindApp.installation.log
2013-02-22 19:11 - 2013-02-22 19:11 - 0000095 _____ () C:\Users\Nicolas\AppData\Local\fusioncache.dat
2011-10-19 06:26 - 2010-10-06 18:45 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2013-02-16 14:08 - 2012-12-18 14:08 - 0000032 ____R () C:\ProgramData\hash.dat
2012-01-26 02:31 - 2012-01-26 02:31 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2012-01-26 02:30 - 2012-01-26 02:31 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2012-01-26 02:29 - 2012-01-26 02:30 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
C:\ProgramData\hash.dat
CustomCLSID: HKU\S-1-5-21-3365763394-745426455-204747936-1001_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Nicolas\AppData\Local\Chromium\Application\42.0.2302.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3365763394-745426455-204747936-1001_Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}\InprocServer32 -> C:\Users\Nicolas\AppData\Local\Pokki\ocdeskband_0.dll ()
Task: {001988C3-492A-4AB3-BAB2-37232446068D} - System32\Tasks\WindApp Update => C:\Users\Nicolas\AppData\Roaming\Store\WindApp\WindApp Update.exe <==== ATTENTION
Task: {00C4AEA4-A5E3-48FB-BC16-2AA0FCF295B5} - System32\Tasks\ScienceCrew => c:\programdata\{7e2d7cdc-4f2e-3b91-7e2d-d7cdc4f2f371}\2025684959197814349b.exe [2014-07-23] () <==== ATTENTION
Task: {07FE7543-EE4D-49E4-AE6B-749AF81D847F} - System32\Tasks\BarHelper => c:\programdata\{d11c4418-1f7e-f550-d11c-c44181f71060}\9174667573535515490b.exe [2014-07-21] () <==== ATTENTION
Task: {132D22F0-E793-4DF6-9F19-08F455322CF2} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {5767BE9F-7D02-4D32-BF38-1CD694AA65C4} - System32\Tasks\ShadowLoader => c:\programdata\{477974d0-32c1-2821-4779-974d032cd340}\2997578668842450996b.exe [2014-07-23] () <==== ATTENTION
Task: {72A0AD35-FAED-4F5F-876D-042BB99DA2CD} - System32\Tasks\BoBrowser => C:\Users\Nicolas\AppData\Local\BoBrowser\Application\bobrowser.exe
Task: {79500A71-8EE2-4C53-8276-F429AF6AA48E} - System32\Tasks\BoxSoftwareUpdate => C:\ProgramData\BoxUpdChk\updchk.exe <==== ATTENTION
Task: {98C70747-0459-4713-830D-99841E6A277F} - System32\Tasks\RunAsStdUser Task => C:\Users\Nicolas\AppData\Local\gigglinggamesSA\bin\1.0.6.0\GigglingGamesSA.exe <==== ATTENTION
Task: {B15047C7-9110-4A9A-A60A-CCFDBF96CFA8} - System32\Tasks\InstaGainz => c:\programdata\{82c16df8-8d54-dd43-82c1-16df88d5b7e2}\8526611957047196262b.exe [2014-07-21] () <==== ATTENTION
Task: {CD55481F-FAE3-4561-A538-C5B00D755F36} - System32\Tasks\Run_Bobby_Browser => C:\Users\Nicolas\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {DB8DAEFE-5A18-4C9B-9348-7EB02235AD45} - System32\Tasks\Sunrise => C:\Windows\TEMP\CUpdater\s4ts..exe
Task: C:\Windows\Tasks\BarHelper.job => c:\programdata\{d11c4418-1f7e-f550-d11c-c44181f71060}\9174667573535515490b.exe <==== ATTENTION
Task: C:\Windows\Tasks\BikeHunt.job => c:\programdata\{97ff4da3-614f-65f9-97ff-f4da3614368d}\585398133833966672b.exe <==== ATTENTION
Task: C:\Windows\Tasks\InstaGainz.job => c:\programdata\{82c16df8-8d54-dd43-82c1-16df88d5b7e2}\8526611957047196262b.exe <==== ATTENTION
Task: C:\Windows\Tasks\ScienceCrew.job => c:\programdata\{7e2d7cdc-4f2e-3b91-7e2d-d7cdc4f2f371}\2025684959197814349b.exe <==== ATTENTION
Task: C:\Windows\Tasks\ShadowLoader.job => c:\programdata\{477974d0-32c1-2821-4779-974d032cd340}\2997578668842450996b.exe <==== ATTENTION
Task: C:\Windows\Tasks\TattooCrew.job => c:\programdata\{3746d969-61bf-33c9-3746-6d96961b65a5}\3384774128958037486b.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:D20FFA63
MSCONFIG\startupreg: WindApp => "C:\Users\Nicolas\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
FirewallRules: [{BEDBBF8B-3495-43F6-843E-500B890199B5}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{F1BC538C-703D-4B65-97D9-8C239A2CF914}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{514CDDDF-23D3-4D7D-B6C9-5934C07F7416}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.exe
FirewallRules: [{E8B00A13-8266-4F33-B4AE-EF0AAC3C9FC2}] => (Allow) C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{B473AA66-E2F1-498A-AC76-F86030AFDD51}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
FirewallRules: [{BD4D461A-BDD2-4207-B560-65198A4F6076}] => (Allow) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Iminent\Iminent.exe
C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
FirewallRules: [{221BBC09-3665-4D1D-AA87-2FDD22AB48E3}] => (Allow) C:\Users\Nicolas\AppData\Local\BoBrowser\Application\bobrowser.exe
2015-07-23 21:42 - 2015-07-25 21:42 - 00000358 _____ C:\Windows\Tasks\ShadowLoader.job
2015-07-23 21:42 - 2015-07-23 21:42 - 00003274 _____ C:\Windows\System32\Tasks\ShadowLoader
2015-07-23 15:42 - 2015-07-25 21:42 - 00000358 _____ C:\Windows\Tasks\ScienceCrew.job
2015-07-23 15:42 - 2015-07-23 15:42 - 00003274 _____ C:\Windows\System32\Tasks\ScienceCrew
2015-07-22 21:42 - 2015-07-25 21:42 - 00000358 _____ C:\Windows\Tasks\TattooCrew.job
2015-07-22 21:42 - 2015-07-22 21:42 - 00003274 _____ C:\Windows\System32\Tasks\TattooCrew
2015-07-21 21:42 - 2015-07-25 21:42 - 00000356 _____ C:\Windows\Tasks\BikeHunt.job
2015-07-21 21:42 - 2015-07-21 21:42 - 00003272 _____ C:\Windows\System32\Tasks\BikeHunt
2015-07-21 15:42 - 2015-07-25 21:42 - 00000358 _____ C:\Windows\Tasks\BarHelper.job
2015-07-21 15:42 - 2015-07-21 15:42 - 00003274 _____ C:\Windows\System32\Tasks\BarHelper


EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité