start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
Comment: Elements qui seront supprimés ou restaurés
S3 cpuz150; \??\C:\Windows\temp\cpuz150\cpuz150_x64.sys [X]
HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35646080 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC)
Task: {203850F4-0F18-4310-BC7D-B4E0D0AEB02A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-05] (Google LLC -> Google LLC)
Task: {342872FC-7091-494F-B327-F2EA2F156EB0} - System32\Tasks\PostponeDeviceSetupToast_S-1-5-21-1091027745-2138594127-2253857064-1001_8 => {5ded83ef-1e99-48cf-bf83-676d2a6db408} C:\Windows\System32\oobe\UserOOBE.dll [420864 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
Task: {4F1232A4-C7EE-435F-859A-551E7EE896D8} - System32\Tasks\CCleanerSkipUAC - Nolwenn => C:\Program Files\CCleaner\CCleaner.exe [29764224 2022-02-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5852FECE-19C7-45F5-9D17-2896497D9A70} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-05] (Google LLC -> Google LLC)
Task: {88BB5755-363C-4BB4-A106-29A4C4182AD8} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {92E3592B-BEB8-4725-B9C9-92922A0F7F35} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {A1D15380-CC8C-4533-A3CD-BA13A6CACB31} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339472 2022-02-03] (Nvidia Corporation -> NVIDIA Corporation)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.millenium-eqt.com
HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.millenium-eqt.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> URL: hxxp://www.ccleaner.com/ccleaner
InternetURL: C:\Users\Nolwenn\Favorites\Bing.url -> URL: hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
C:\Users\Nolwenn]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Discord
DeleteValue: HKEY_USERS\S-1-5-21-1091027745-2138594127-2253857064-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Discord
DeleteKey: HKLM\SOFTWARE\410fcd79-1be8-5bf1-986e-ea09c55f7edf
DeleteKey: HKCU\SOFTWARE\Discord
DeleteKey: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\SOFTWARE\Discord
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Install Western Digital Software for Windows.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Install Western Digital Software for Windows.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\documents\TeamViewer_Setup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\documents\TeamViewer_Setup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Install Western Digital Software for Windows.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Install Western Digital Software for Windows.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\documents\TeamViewer_Setup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|E:\documents\TeamViewer_Setup.exe.ApplicationCompany
DeleteKey: HKLM\SOFTWARE\Nahimic
DeleteKey: HKU\.DEFAULT\SOFTWARE\Nahimic
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Malwarebytes
C:\Program Files\Malwarebytes
C:\Users\Nolwenn\AppData\Local\mbam
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-1091027745-2138594127-2253857064-1001\SOFTWARE\AvastAdSDK
DeleteKey: HKU\.DEFAULT\SOFTWARE\JavaSoft
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C17AC4F6-B9C1-49E9-A11C-8B3F148E7DE1}"
C:\Program Files (x86)\Universal Media Server\jre8\bin\java.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6BFE2D3A-A042-4C05-AEF9-06AC247FAB0F}"
C:\Program Files (x86)\Universal Media Server\jre8\bin\javaw.exe
StartBatch:
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
Endbatch:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset 
cmd: Netsh advfirewall set allprofiles state on
C:\Windows\Temp\ *.* 
C:\Users\CurrentUserName\Appdata\Local\Temp\ *.*
EmptyTemp:
C:\Windows\SoftwareDistribution\Download\ *
cmd: dism.exe /online /cleanup-image /restorehealth
cmd: sfc /scannow
Reboot:
end::