Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - f:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
SS - Auto [29/06/2014] [ 997568] Service KMSELDI (Service KMSELDI) . (.@ByELDI.) - f:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
MD5.C746CD166372F3C6F364B62F2C2C8B20] [APT] [AutoKMS] (.CODYQX4.) -- C:\Windows\AutoKMS\AutoKMS.exe [3738624] (.Activate.) =>HackTool.AutoKMS
[MD5.EE81C6A4186274E057ADC1EE623137A5] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- f:\Program Files\KMSpico\AutoPico.exe [998080] (.Activate.) =>HackTool.KMSpico
O39 - APT: AutoKMS - (.CODYQX4.) -- C:\WINDOWS\System32\Tasks\AutoKMS [3808] =>HackTool.AutoKMS
O39 - APT: AutoPico Daily Restart - (.@ByELDI.) -- C:\WINDOWS\System32\Tasks\AutoPico Daily Restart [2778] =>HackTool.KMSpico
P2 - EXT: (.Wesley Chen (topolog@gmail.com) - ????(Image Picker).) -- C:\Users\WALID\AppData\Roaming\Mozilla\Firefox\Profiles\urumrye2.default\extensions\ImagePicker@topolog.org =>.Wesley Chen (topolog@gmail.com)
O42 - Logiciel: KMSpico v9.3.1 - (...) [HKLM][64Bits] -- KMSpico_is1 =>HackTool.KMSpico
O43 - CFD: 01/01/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
O43 - CFD: 28/09/2015 - [] D -- C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
O87 - FAEL: "{63932BE2-C607-4CA0-A31D-D2620F940C26}" [In-None-P17-TRUE] .(.@ByELDI - AutoPico.) -- F:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{D331052F-5111-4787-8421-3B5C630EBAB8}" [In-None-P6-TRUE] .(.@ByELDI - AutoPico.) -- F:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
O87 - FAEL: "{2ACF3A70-8B7B-4763-B32E-41789D0DDCF4}" [In-None-P17-TRUE] .(.@ByELDI - KMS GUI ELDI.) -- F:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{04570BF4-1C69-43F1-92BA-118B47D042C6}" [In-None-P6-TRUE] .(.@ByELDI - KMS GUI ELDI.) -- F:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
O87 - FAEL: "{44502ADF-98C4-4E02-BD64-3383B501B8AD}" [In-None-P6-TRUE] .(.@ByELDI - Service_KMS.) -- F:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
O87 - FAEL: "{BC832E39-76A3-4FD3-AACB-313619F70704}" [In-None-P17-TRUE] .(.@ByELDI - Service_KMS.) -- F:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
O87 - FAEL: "{527330A8-BB43-48F5-AA7B-0F2546EFC70B}" [In-None-P17-TRUE] .(...) -- C:\Users\WALID\AppData\Local\Chromium\Application\chrome.exe (.not file.)
O87 - FAEL: "{0D0E740D-337A-42A6-A7E0-581D6CCF2587}" [In-None-P6-TRUE] .(.CODYQX4 - AutoKMS.) -- C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
O87 - FAEL: "{E59B8696-9CD7-462C-8442-12D5974D9459}" [Out-None-P6-TRUE] .(.CODYQX4 - AutoKMS.) -- C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI =>HackTool.KMSpico
f:\Program Files\KMSpico\Service_KMS.exe =>HackTool.KMSpico
C:\Windows\AutoKMS\AutoKMS.exe =>HackTool.AutoKMS
f:\Program Files\KMSpico\AutoPico.exe =>HackTool.KMSpico
C:\WINDOWS\System32\Tasks\AutoKMS =>HackTool.AutoKMS
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart =>HackTool.KMSpico
C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe =>PUP.Optional.Skillbrains
HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KMSpico_is1 =>HackTool.KMSpico
HKLM\SOFTWARE\Wow6432Node\Skillbrains =>PUP.Optional.Skillbrains
HKCU\SOFTWARE\SkillBrains =>PUP.Optional.Skillbrains
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>HackTool.KMSpico
C:\ProgramData\Microsoft Toolkit =>HackTool.AutoKMS
F:\Program Files\KMSpico\KMSELDI.exe =>HackTool.KMSpico
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM64\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies
MD5.E57E2B81EF0463738007CF89664F78CD] - (.Skillbrains - Lightshot.) -- C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe [477184] [PID.6028] =>PUP.Optional.Skillbrains
O4 - HKLM\..\Wow6432Node\Run: [Lightshot] . (.Copyright 2009 - Starter Module.) -- C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe =>PUP.Optional.Skillbrains
O42 - Logiciel: Lightshot-5.2.1.1 - (.Skillbrains.) [HKLM][64Bits] -- {30A5B3C9-2084-4063-A32A-628A98DE512B}_is1 =>PUP.Optional.Skillbrains
HKLM\SOFTWARE\Wow6432Node\Skillbrains =>PUP.Optional.Skillbrains
HKCU\SOFTWARE\SkillBrains =>PUP.Optional.Skillbrains
O43 - CFD: 03/08/2015 - [] D -- C:\Program Files (x86)\Skillbrains =>PUP.Optional.Skillbrains
O69 - SBI: prefs.js [WALID - urumrye2.default] user_pref("extensions.MoneyViking.cg", "f48a7e4a-1158-4421-bb30-e6100295eaeb"); =>PUP.Optional.MoneyViking
O69 - SBI: prefs.js [WALID - urumrye2.default] user_pref("extensions.RecordPage.cg", "f48a7e4a-1158-4421-bb30-e6100295eaeb"); =>PUP.Optional.RecordPage
[MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32 =>.Superfluous.ByteTechnologies
HKLM\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS =>.Superfluous.ByteTechnologies