cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash


[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>HackTool.KMSpico
C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
[HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1] =>HackTool.KMSpico
C:\Program Files\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\Users\Yacintos\AppData\Local\Tempzxpsign04642f2d18e1d980 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign0c3c541f0f66ae7e =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign0ee0669b17472ccc =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign232c890f6d7a0955 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign3aec386532fbe2bb =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign45adf5328d54ea6c =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign51b91027276fadb8 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign578f4c8b1508ff84 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign7028033155aeeede =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign735538dd5060364a =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign842f669d530805ad =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign8ca63ae94e20a186 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsign9e6acd6deb6aa295 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsignb44b057dad5fe7e8 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsigne624ee6328b8a059 =>.Superfluous.Temporary
C:\Users\Yacintos\AppData\Local\Tempzxpsignefff93dd4416d80e =>.Superfluous.Temporary
C:\WINDOWS\Prefetch\KMSPICO_SETUP.TMP-531DA135.pf =>HackTool.KMSpico
C:\WINDOWS\Prefetch\KMSPICO_SETUP.TMP-F6669BEC.pf =>HackTool.KMSpico
C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
[MD5.00000000000000000000000000000000] [APT] [Adobe Acrobat Update Task] (...) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [OneDrive Standalone Update Task v2] (...) -- C:\Users\Yacintos\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [{B0230136-3404-456F-AF58-F022469B7E6A}] (...) -- C:\Program Files (x86)\Audacity\unins000.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.00000000000000000000000000000000] [APT] [Microsoft\Office\Office 15 Subscription Heartbeat] (...) -- C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (.not file.) [0] (.Activate.) =>.Superfluous.Empty
O39 - APT: Adobe Acrobat Update Task - (...) -- C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task [4562] (.Orphan.) =>.Superfluous.Orphan
O39 - APT: {B0230136-3404-456F-AF58-F022469B7E6A} - (...) -- C:\WINDOWS\System32\Tasks\{B0230136-3404-456F-AF58-F022469B7E6A} [3258] (.Orphan.) =>.Superfluous.Orphan
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://clients5.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://fonts.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lh3.googleusercontent.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://notifications.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ogs.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://play.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.com =>.Google Inc.
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com =>.Google Inc.
O17 - HKLM\System\CCS\Services\Tcpip\..\{a8dfacc8-442f-454c-bc2f-0bd90f2122e3}: NameServer = 4.2.2.3,4.2.2.4
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign04642f2d18e1d980 =>.Superfluous.Temporary
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign0c3c541f0f66ae7e =>.Superfluous.Temporary
O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign0ee0669b17472ccc =>.Superfluous.Temporary
O43 - CFD: 28/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign232c890f6d7a0955 =>.Superfluous.Temporary
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign3aec386532fbe2bb =>.Superfluous.Temporary
O43 - CFD: 21/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign45adf5328d54ea6c =>.Superfluous.Temporary
O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign51b91027276fadb8 =>.Superfluous.Temporary
O43 - CFD: 28/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign578f4c8b1508ff84 =>.Superfluous.Temporary
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign7028033155aeeede =>.Superfluous.Temporary
O43 - CFD: 21/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign735538dd5060364a =>.Superfluous.Temporary
O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign842f669d530805ad =>.Superfluous.Temporary
O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign8ca63ae94e20a186 =>.Superfluous.Temporary
O43 - CFD: 28/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsign9e6acd6deb6aa295 =>.Superfluous.Temporary
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsignb44b057dad5fe7e8 =>.Superfluous.Temporary
O43 - CFD: 25/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsigne624ee6328b8a059 =>.Superfluous.Temporary
O43 - CFD: 26/07/2017 - [0] D -- C:\Users\Yacintos\AppData\Local\Tempzxpsignefff93dd4416d80e =>.Superfluous.Temporary
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Auto [29/06/2014] [ 997568] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
[MD5.EE81C6A4186274E057ADC1EE623137A5] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [998080] (.Activate.) =>HackTool.KMSpico
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [3822] =>HackTool.KMSpico
O42 - Logiciel: KMSpico v9.3.1 - (..) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O43 - CFD: 28/07/2017 - [] D -- C:\Program Files\KMSpico =>HackTool.KMSpico
O43 - CFD: 28/07/2017 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O45 - LFCP:[MD5.2B8006EEB2A46120834623F102D5DF4C] 28/07/2017 A -- C:\WINDOWS\Prefetch\KMSPICO_SETUP.TMP-531DA135.pf =>HackTool.KMSpico
O45 - LFCP:[MD5.647BDB07F33FC23E4FFBD8529CEBC8F6] 28/07/2017 A -- C:\WINDOWS\Prefetch\KMSPICO_SETUP.TMP-F6669BEC.pf =>HackTool.KMSpico
O87 - FAEL: "{DFA917CE-F541-4CA2-8106-F5E11AB9EB22}" [In-None-P6-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{AAFB43BC-365B-4A43-AA4E-35972A42A661}" [In-None-P17-TRUE] .(.@ByELDI - AutoPico.) -- C:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{A8D4A4CB-ACD7-4F51-BFCC-2976C6EB5671}" [In-None-P6-TRUE] .(.@ByELDI - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{5356BD26-7440-4186-B162-3A8E0B7C93B6}" [In-None-P17-TRUE] .(.@ByELDI - KMS GUI ELDI.) -- C:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico

Publicité


Signaler le contenu de ce document

Publicité