Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 21-01-2025
Exécuté par Vro (administrateur) sur DESKTOP-U3NB65S (HP 460-a001nf) (24-01-2025 17:22:54)
Exécuté depuis C:\Users\Vro\Desktop\NETTOYAGE PC\FRST64.exe
Profils chargés: Vro
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5371 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <33>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (X-Rite Incorporated -> X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2502.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Vro\AppData\Local\Microsoft\OneDrive\24.244.1204.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [ZoneAlarm Upgrader] => C:\Program Files (x86)\CheckPoint\ICM\UM_Interface.exe [37696 2024-09-23] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12304792 2024-12-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [155136 2024-05-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [24648912 2017-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" [42164600 2022-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2\amd64" [4096 2022-07-11] () [Fichier non signé]
HKU\S-1-5-21-2014682923-2924825109-1543415093-1004\...\RunOnce: [Uninstall 17.3.6917.0607_2] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Visiteur\AppData\Local\Microsoft\OneDrive\17.3.6917.0607_2" [65536 2022-07-11] () [Fichier non signé]
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {6E7BCBB3-0641-4486-9E2C-1A2383F675CB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {70A4A514-A779-4766-9999-F68DD69FEF77} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe  -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {277AAEF6-2CB5-4349-AEC2-236DB7844828} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {352E3040-C81C-43A0-B488-1ACB572E761B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D0FFDB13-A1C4-4EB8-8CA5-BBC230E5CBAB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {21E8A26B-6DD7-4F8C-A3FA-D7CBBB1A7D3F} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\-task -source HPSA
Task: {DDDDD926-6BD8-4B7A-B4CE-D77F05ACA0EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/taskrestart
Task: {60192EA8-34DD-4B52-9E6C-3873F07D33C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/show
Task: {59BF3AA5-7592-4096-9799-1F5AD4F1FD59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-12] (HP Inc. -> HP Inc.)
Task: {28EC55CA-5015-4D43-9F84-ADDB3F33E35E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\\/u
Task: {DA59D0D6-2CF5-49E3-932F-2FE8E85ABF6E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r /m
Task: {2157D956-51D0-48A1-A100-1EBBD1A3CE96} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/r
Task: {7377F1F5-C684-4669-95AE-BEE28DE1EBBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/L Analysis
Task: {521A88D9-0DBA-4D16-9017-D8703466CAB1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe  -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\\/noreport
Task: {C19A082E-24F2-4EAF-9D3D-CE82B4484E1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-12] (HP Inc. -> HP Inc.)
Task: {384DB857-625B-4E55-A098-FD92CE2AC796} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  /DeviceScanR6 (Pas de fichier)
Task: {9D4EB0E9-457A-4E0F-A080-3E61882935DA} - System32\Tasks\HPDAS => C:\Program  -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs
Task: {52713E61-4A1F-405A-BA59-9975A1C2993B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B50B1359-DC10-4C2A-B583-01DBD69A9E19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F810A62B-6600-4150-9FEB-3B41C6E878AA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {180867F5-2270-4E98-9719-AE339032A73A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-11-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {331FD892-BF7D-4543-940B-FF447E0BFD79} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {78FD465A-00D9-4BDF-AC11-C2AE1240F2C0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2014682923-2924825109-1543415093-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [671808 2025-01-22] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {19F7D7A2-B386-473D-B6AC-2FB781909CD9} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2025-01-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {E2761662-4E4D-4690-A07E-B51A0CEBC2BA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{3ce5b15d-7d10-4ed0-b14c-b4ee28aadf30}: [DhcpNameServer] 109.0.66.10 109.0.66.20
Tcpip\..\Interfaces\{d589d63d-a4ba-45b8-9ca9-14ac1c75be62}: [DhcpNameServer] 212.27.40.240 212.27.40.241

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default [2024-08-15]
Edge Extension: (Google Docs hors connexion) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-27]
Edge Extension: (Edge relevant text changes) - C:\Users\Vro\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]