Format du document : text/plain
Prévisualisation
start
CloseProcesses:
CreateRestorePoint:
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoRemoteRecursiveEvents] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3773579273-1286502390-278821453-1001\...\Policies\Explorer: [NoResolveSearch] 1
BootExecute: autocheck autochk * sdnclean64.exe
SearchScopes: HKU\S-1-5-21-3773579273-1286502390-278821453-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =
2017-07-26 11:20 - 2017-08-02 17:05 - 000002740 _____ C:\Windows\System32\Tasks\AutoKMSDaily
2017-07-25 09:20 - 2017-08-02 17:05 - 000078848 _____ C:\Windows\KMSEmulator.exe
2017-07-24 16:03 - 2017-08-02 17:05 - 000000202 _____ C:\Windows\Tasks\AutoKMSDaily.job
2017-07-24 16:03 - 2017-08-02 17:05 - 000000200 _____ C:\Windows\Tasks\AutoKMS.job
2017-07-24 16:03 - 2017-07-24 16:03 - 000647168 _____ C:\Windows\AutoKMS.exe
2017-07-24 16:03 - 2017-07-24 16:03 - 000002432 _____ C:\Windows\System32\Tasks\AutoKMS
2017-07-24 16:03 - 2017-07-24 16:03 - 000000184 _____ C:\Windows\AutoKMS.ini
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> No File
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => -> No File
Task: {00A140B1-DA2F-4179-84EA-71BEA24FAC35} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2017-07-24] ()
Task: {057489AC-EFB5-4302-8DCC-E646DEDE842F} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-07-13] (AVAST Software)
Task: {68D175A4-2C7E-4FF5-A4FB-AF49D8E3F069} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2017-07-24] ()
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe
Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe
MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
Cmd: ipconfig /flushdns
end