Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2020
Exécuté par Agnès (administrateur) sur LAPTOP-KSV38K3M (HP HP Notebook) (12-08-2020 17:08:18)
Exécuté depuis C:\Users\Agnès\Downloads
Profils chargés: Agnès
Platform: Windows 10 Home Version 1903 18362.959 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(FRANCE TELECOM -> ) [Fichier non signé] C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <8>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportHelper.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\$GetCurrent\media\setup.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows10Upgrade\Windows10UpgraderApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\$GetCurrent\media\sources\setupprep.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\mighost.exe
(Microsoft Windows -> Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1012_none_171983fb2a153d25\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2007.8-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\RunOnce: [!GetCurrentRollback] => C:\Windows10Upgrade\GetCurrentRollback.exe [73344 2020-05-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\Run: [MailNotifier] => C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [1495040 2017-11-17] (Orange) [Fichier non signé]
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:?launchContext1=Microsof (l'élément de données a 355 caractères en plus).
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\MountPoints2: {6dffb9c7-9e8b-11ea-957b-30e1712c2b51} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\MountPoints2: {84c5aadb-48af-11ea-9564-30e1712c2b51} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\MountPoints2: {84c5ab21-48af-11ea-9564-30e1712c2b51} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\MountPoints2: {91b8ef6e-c99f-11e9-953f-30e1712c2b51} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\...\MountPoints2: {972d9ce7-7f02-11e9-951e-30e1712c2b51} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP DeskJet 3630 series): C:\WINDOWS\system32\HPDiscoPME311.dll [803848 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\WINDOWS\system32\hpinkstsE311LM.dll [388792 2016-02-23] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.105\Installer\chrmstp.exe [2020-07-28] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-09-24]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-03-22]
ShortcutTarget: HP JumpStart Launch.lnk -> c:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [Fichier non signé]
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SynRemoveUserSettings.bat [2017-08-17] (Microsoft Windows Hardware Compatibility Publisher -> )
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {011F55D3-D1B9-44F3-B288-122CD7016FEB} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6016008 2015-04-09] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
Task: {0325D0B6-B99A-4D0E-95A9-6D9DC2C44661} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {0B4CE89E-56F7-4134-9D3D-EDAAE7CB0654} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {19B3D009-F637-49F7-A157-5D3418D8AC9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {211633ED-F9F1-4B29-89E3-5843873A542B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {23F0C8F1-4D20-4EE7-8827-747711F1829F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {3B75BDBD-55DB-4DD4-820A-814F5244D219} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4A8EF240-8384-4986-973C-F0C3F56BD677} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {62845EC6-23A5-4B06-AB7D-F9089C5AE83D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {63760945-30EE-4DBD-93CB-A86427B2FBEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {808EE7EE-09C8-4944-A92E-EE59356F95A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {86525388-FC12-4B20-8AC7-520590EB175E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-09] (Google Inc -> Google Inc.)
Task: {930D5F00-63ED-4719-895E-5AD8CD9CE643} - System32\Tasks\maLivebox => C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe [146704 2017-02-07] (Orange -> Orange) [Fichier non signé]
Task: {9B8C525D-BCAF-4C88-9F63-E4C16948A9F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9E4F100A-89FB-44BB-8E26-F2AB51ACA089} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {B8CD811E-521F-4701-B013-AB8D971F549A} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {BDE239F8-B86C-48F5-8737-636FEC0AC961} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2007.8-0\MpCmdRun.exe [516776 2020-08-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8988080-2402-400F-9DA1-BE7C3CD5154F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {D2DAD46C-5812-4A1C-8562-A6B1C33ACAE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {FE406068-0A47-414D-B3A3-2410D5676CC0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-09] (Google Inc -> Google Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6e96e02e-31b0-4539-8ff9-a91e7ef6d36e}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8ac4ae9c-8572-4d3a-b52f-88285d4ed4ba}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-0649525d07a940e0
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://orange.fr/
HKU\S-1-5-21-3186512384-3521834265-2984194369-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE