start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
GroupPolicy: Restriction ? <==== ATTENTION
Task: {41C677E1-D853-4991-AE6F-ED54B79696A2} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {BA73AD3D-3DEC-448D-A4C6-CDE1805146A7} - System32\Tasks\smadav => C:\Program Files (x86)\Smadav\SMΔRTP.exe
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
2020-10-26 18:23 - 2020-10-26 18:26 - 000000000 ____D C:\Program Files\KMSpico
2020-10-26 18:23 - 2020-10-26 18:23 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2020-10-26 18:23 - 2020-10-26 18:23 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2020-10-26 17:30 - 2020-10-28 21:58 - 000000000 ____D C:\Users\Landry Ndongo\AppData\Roaming\Smadav
2020-10-26 17:30 - 2020-10-26 17:30 - 000003230 _____ C:\Windows\system32\Tasks\smadav
2020-10-26 17:30 - 2020-10-26 17:30 - 000001145 _____ C:\Users\Public\Desktop\SMADΔV.lnk
2020-10-26 17:30 - 2020-10-26 17:30 - 000001145 _____ C:\ProgramData\Desktop\SMADΔV.lnk
2020-10-26 17:30 - 2020-10-26 17:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus
2020-10-26 17:29 - 2020-10-26 17:30 - 000000000 ____D C:\Program Files (x86)\SMADAV
HKU\S-1-5-21-1896107687-2405397436-2572451123-1001\...\Run: [AdobeBridge] => [X]
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: sfc /scannow
end::