Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
[MD5.00000000000000000000000000000000] [APT] [KMSAutoNet] (...) -- C:\ProgramData\KMSAutoS\KMSAuto Net.exe (.not file.) [0] (.Activate.) =>HackTool.AutoKMS
O39 - APT: KMSAutoNet - (...) -- C:\WINDOWS\System32\Tasks\KMSAutoNet [3126] (.Orphan.) =>HackTool.AutoKMS
O39 - APT: Unknown - (.Legitimate.) -- C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask [3672]
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.qiandaohutour.cn
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ae01.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://connect.facebook.net =>.Facebook
G0 - GCSP: Preferences [User Data\Default][HomePage] http://gc.kis.v2.scr.kaspersky-labs.com =>.Kaspersky Labs
G0 - GCSP: Preferences [User Data\Default][HomePage] http://i.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lighthouse.aliexpress.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://message.aliexpress.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://u.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://us.ynuf.alipay.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.aliexpress.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
O17 - HKLM\System\CCS\Services\Tcpip\..\{b81b9126-6905-4317-bda8-b56d58aef50d}: DhcpNameServer = 8.8.8.8 8.8.4.4 =>.Google Inc
C:\WINDOWS\System32\Tasks\KMSAutoNet =>HackTool.AutoKMS
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.)
O87 - FAEL: "UDP Query User{6CFCB2B1-94B7-46C6-9550-F5FF595D4D1E}D:\dcs world 2 openalpha\bin\dcs_updater.exe" [In-None-P17-TRUE] .(...) -- D:\dcs world 2 openalpha\bin\dcs_updater.exe (.not file.)
O87 - FAEL: "TCP Query User{BCE96471-6464-4FA6-A23E-962DD78F2982}D:\dcs world 2 openalpha\bin\dcs_updater.exe" [In-None-P6-TRUE] .(...) -- D:\dcs world 2 openalpha\bin\dcs_updater.exe (.not file.)
O87 - FAEL: "UDP Query User{1F19CA5C-BF1A-4BF6-9C75-50495212EBA6}D:\pro evolution soccer 2016\pes2016.exe" [In-None-P17-TRUE] .(...) -- D:\pro evolution soccer 2016\pes2016.exe (.not file.)
O87 - FAEL: "TCP Query User{8B981447-9F5D-4F36-A9FA-F49B205D2513}D:\pro evolution soccer 2016\pes2016.exe" [In-None-P6-TRUE] .(...) -- D:\pro evolution soccer 2016\pes2016.exe (.not file.)
O87 - FAEL: "{79A205D3-F2B0-4601-B4D0-D4AD87C3F6E4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{A1AC4E87-7604-4F64-89DB-946F3B904FAE}" [In-None-P6-TRUE] .(...) -- C:\Program Files\steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{5BCC99FE-1E24-4827-B069-BA76F1711B24}" [In-None-P6-TRUE] .(...) -- C:\Users\PC-ABDERRAHMEN\Desktop\Embratoria G6.4\libs.exe (.not file.)
O87 - FAEL: "{25713C4A-8364-4B37-8BFC-9B8260AB33C6}" [In-None-P17-TRUE] .(...) -- C:\Users\PC-ABDERRAHMEN\Desktop\Embratoria G6.4\libs.exe (.not file.)
FirewallRaz
EmptyPrefetch
EmptyTemp
[MD5.00000000000000000000000000000000] [APT] [KMSAutoNet] (...) -- C:\ProgramData\KMSAutoS\KMSAuto Net.exe (.not file.) [0] (.Activate.) =>HackTool.AutoKMS
O39 - APT: KMSAutoNet - (...) -- C:\WINDOWS\System32\Tasks\KMSAutoNet [3126] (.Orphan.) =>HackTool.AutoKMS
O39 - APT: Unknown - (.Legitimate.) -- C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask [3672]
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.qiandaohutour.cn
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ae01.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://connect.facebook.net =>.Facebook
G0 - GCSP: Preferences [User Data\Default][HomePage] http://gc.kis.v2.scr.kaspersky-labs.com =>.Kaspersky Labs
G0 - GCSP: Preferences [User Data\Default][HomePage] http://i.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://lighthouse.aliexpress.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://message.aliexpress.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://u.alicdn.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://us.ynuf.alipay.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.aliexpress.com
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
O17 - HKLM\System\CCS\Services\Tcpip\..\{b81b9126-6905-4317-bda8-b56d58aef50d}: DhcpNameServer = 8.8.8.8 8.8.4.4 =>.Google Inc
C:\WINDOWS\System32\Tasks\KMSAutoNet =>HackTool.AutoKMS
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (.not file.)
O87 - FAEL: "UDP Query User{6CFCB2B1-94B7-46C6-9550-F5FF595D4D1E}D:\dcs world 2 openalpha\bin\dcs_updater.exe" [In-None-P17-TRUE] .(...) -- D:\dcs world 2 openalpha\bin\dcs_updater.exe (.not file.)
O87 - FAEL: "TCP Query User{BCE96471-6464-4FA6-A23E-962DD78F2982}D:\dcs world 2 openalpha\bin\dcs_updater.exe" [In-None-P6-TRUE] .(...) -- D:\dcs world 2 openalpha\bin\dcs_updater.exe (.not file.)
O87 - FAEL: "UDP Query User{1F19CA5C-BF1A-4BF6-9C75-50495212EBA6}D:\pro evolution soccer 2016\pes2016.exe" [In-None-P17-TRUE] .(...) -- D:\pro evolution soccer 2016\pes2016.exe (.not file.)
O87 - FAEL: "TCP Query User{8B981447-9F5D-4F36-A9FA-F49B205D2513}D:\pro evolution soccer 2016\pes2016.exe" [In-None-P6-TRUE] .(...) -- D:\pro evolution soccer 2016\pes2016.exe (.not file.)
O87 - FAEL: "{79A205D3-F2B0-4601-B4D0-D4AD87C3F6E4}" [In-None-P17-TRUE] .(...) -- C:\Program Files\steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{A1AC4E87-7604-4F64-89DB-946F3B904FAE}" [In-None-P6-TRUE] .(...) -- C:\Program Files\steam\bin\steamwebhelper.exe (.not file.)
O87 - FAEL: "{5BCC99FE-1E24-4827-B069-BA76F1711B24}" [In-None-P6-TRUE] .(...) -- C:\Users\PC-ABDERRAHMEN\Desktop\Embratoria G6.4\libs.exe (.not file.)
O87 - FAEL: "{25713C4A-8364-4B37-8BFC-9B8260AB33C6}" [In-None-P17-TRUE] .(...) -- C:\Users\PC-ABDERRAHMEN\Desktop\Embratoria G6.4\libs.exe (.not file.)