Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2023
Exécuté par JPB (administrateur) sur ASUS (ASUSTeK COMPUTER INC. V230IC-DDR4) (23-07-2023 17:41:41)
Exécuté depuis C:\Users\JPB\Bureau\FRST64.exe
Profils chargés: JPB
Plate-forme: Microsoft Windows 11 Famille Version 22H2 22621.1992 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.82\msedgewebview2.exe <6>
(DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <23>
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(services.exe ->) (CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_e6797382daf01d86\IntelCpHeciSvc.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Audio Sound Control Driver\AsAudioService.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_423.13900.0.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269312 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506368 2018-11-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [MicrosoftEdgeAutoLaunch_CAE618BB992FFA1F7A80B48E750B43C2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-07-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2377123508-1879621490-3387952890-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\114.0.5735.248\Installer\chrmstp.exe [2023-07-21] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {223663D0-3E40-4B7B-9C38-4BACFC5B5407} - System32\Tasks\ASUS\ASUS Audio Service Execution => C:\Program Files (x86)\ASUS\ASUS Audio Sound Control Driver\AsAudioService.exe [656184 2014-12-16] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {AAC0C642-E026-4089-9026-1A55DCB1F080} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe  (Pas de fichier)
Task: {195AA293-CDCC-4336-9799-687D603E6AA4} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe  (Pas de fichier)
Task: {7117944B-74F1-482E-9934-90F6F589A511} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {66924017-3B98-433E-8386-0DEE1EED9481} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4294209b-16aa-464f-b87a-539aec4bf8ac" --version "6.14.10584" --silent
Task: {EA78B86D-9BA9-40F7-A7F3-74FFD5D96CB2} - System32\Tasks\CCleanerSkipUAC - JPB => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {A31C2208-AF9F-4CF0-AEC5-A151E35CD8DF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5071400 2023-07-12] (Microsoft Windows -> Microsoft Corporation)
Task: {16F1AF35-7C4F-4243-8CD7-4B1D5DA924B6} - System32\Tasks\GoogleUpdateTaskMachineCore{93CF0CC8-4F7B-4315-869E-592937227233} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-29] (Google LLC -> Google LLC)
Task: {8AEFA364-0265-45CD-BA26-0C5B17EE8F67} - System32\Tasks\GoogleUpdateTaskMachineUA{FF4A6AC9-8D1D-42FD-9981-BF63A395FD36} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-29] (Google LLC -> Google LLC)
Task: {62097BAE-4E48-44B8-ABF3-1FC4B572AFCD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {601D929C-B9E5-4611-BDDA-659D314CEC56} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D374463D-B406-45FC-991B-1A9E394D982B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {637F1B8D-BDAE-4D99-829A-1233E10746F8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.5-0\MpCmdRun.exe [1650040 2023-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ACBF2756-AF4F-4007-97E4-4A6E6FAB0D3A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-29] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CA0A89DB-89FD-43D5-BC8E-B7C81B3373DB} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-29] (Mozilla Corporation -> Mozilla Foundation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33b9fb54-ba6e-4b59-9a7d-3cefd49e4a2c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c4ccded0-7976-4c0b-8e6f-c6db99e73a3a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{fe7d8e7d-b44c-4b3e-b778-2e2ac94bc9f7}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Profile: C:\Users\JPB\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-22]
Edge Extension: (Edge relevant text changes) - C:\Users\JPB\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-21]

FireFox:
========
FF DefaultProfile: bi20iv0o.default
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\lpd9svy2.default-release-1 [2023-07-22]
FF Extension: (Language: Français (French)) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\lpd9svy2.default-release-1\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-06-18]
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\bi20iv0o.default [2023-07-22]
FF Extension: (Language: Français (French)) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\bi20iv0o.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-06-29]
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\4u2d17mw.default-release-1687421314527 [2023-07-22]
FF DownloadDir: C:\Users\JPB\Bureau
FF Extension: (Language: English (GB)) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\4u2d17mw.default-release-1687421314527\Extensions\langpack-en-GB@firefox.mozilla.org.xpi [2023-06-23]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\4u2d17mw.default-release-1687421314527\Extensions\marcoagpinto@mail.telepac.pt.xpi [2023-06-23]
FF ProfilePath: C:\Users\JPB\AppData\Roaming\Mozilla\Firefox\Profiles\9gt8q4iv.default-release-2 [2023-07-22]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)

Chrome: 
=======
CHR Profile: C:\Users\JPB\AppData\Local\Google\Chrome\User Data\Default [2023-07-23]
CHR DownloadDir: C:\Users\JPB\Bureau
CHR Extension: (Google Docs hors connexion) - C:\Users\JPB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\JPB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-29]