start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Task: {015C732E-6E0F-4262-992C-DFB290480516} - \Lenovo\ImController\TimeBasedEvents\ebd7d041-025f-46a0-9984-1fe76e41af7c -> Pas de fichier <==== ATTENTION
Task: {37AFDFD4-B714-4853-9D71-A736D90A4EB0} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {3FABC8AC-0B66-4304-B065-4EC2C6E93F7A} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {5AFCE332-7D8B-4003-B5A7-4E977BB4531B} - \Lenovo\ImController\TimeBasedEvents\4d432e3d-a762-47ac-b300-4f9a48ccef34 -> Pas de fichier <==== ATTENTION
Task: {7F0B33AA-2FFB-4A84-A482-8E5855CEE263} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-242342339-2858294770-2968125053-500 => C:\Users\fred-\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {9F05D859-27C7-4BE8-9543-80CEAA1F55A6} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {A30C485E-D2C0-4E52-A29A-9A1FE9622ACE} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe (Pas de fichier)
Task: {DC834BC1-7026-452F-96B1-9F2339C59017} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {E2125904-5534-4616-B489-FB543A3898C7} - \Lenovo\ImController\TimeBasedEvents\94c23612-3aef-4544-878e-312f33a2750f -> Pas de fichier <==== ATTENTION
HKU\S-1-5-21-242342339-2858294770-2968125053-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32721976 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-242342339-2858294770-2968125053-1001\...\MountPoints2: {3143e945-778b-11eb-b0b5-98fa9b3ae5ca} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\98.0.4758.102\Installer\chrmstp.exe [2022-02-17] (Google LLC -> Google LLC)
Task: {4CAB3654-BC94-4A02-AD9F-E6E0BA2F52B8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-02-16] (Piriform Software Ltd -> Piriform)
Task: {73B30A4F-4F60-4165-A49A-468CA487DCDE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27165752 2021-02-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {7B348072-B216-40B8-8E77-AD8F40347C4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-21] (Google LLC -> Google LLC)
Task: {B9B7C929-F407-419A-B4D3-456FF13F16DC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-21] (Google LLC -> Google LLC)
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
C:\Users\fred-\Desktop\Autres Jeux\Rockstar Games Launcher.lnk
C:\Users\fred-\Desktop\Autres Jeux\Uplay.lnk
StartRegEdit:
Windows Registry Editor Version 5.00
[HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}:]
"NameServer"=""
[HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{ad9b62d5-35e4-4640-b5d9-531417abd23b}:]
"DhcpNameServer"=""
EndRegEdit:
C:\Users\fred-]\Desktop\Discord.lnk
C:\Users\fred-]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk
DeleteKey: HKCU\SOFTWARE\Discord
DeleteKey: HKU\S-1-5-21-242342339-2858294770-2968125053-1001\SOFTWARE\Discord
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
C:\Users\fred-\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm
C:\Users\fred-\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kmhkepipobnjllejbafajoemahjejdcm
DeleteValue: HKU\S-1-5-21-242342339-2858294770-2968125053-1001\Software\Google\Chrome\PreferenceMACs\Default\extensions.settings|kmhkepipobnjllejbafajoemahjejdcm
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SunJavaUpdateSched
DeleteKey: HKLM\SOFTWARE\WOW6432Node\JavaSoft
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-242342339-2858294770-2968125053-1001\SOFTWARE\AvastAdSDK
DeleteKey: HKCU\SOFTWARE\Chromium
DeleteKey: HKU\S-1-5-21-242342339-2858294770-2968125053-1001\SOFTWARE\Chromium
C:\Users\fred-\AppData\Local\Adaware
StartBatch:
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
Endbatch:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
cmd: netsh advfirewall reset 
cmd: netsh advfirewall set allprofiles state on
C:\Windows\Temp\ *.* 
C:\Users\CurrentUserName\Appdata\Local\Temp\ *.*
C:\Users\CurrentUserName\Appdata\Local\Google\Chrome\User Data\Default\Cache\*.*
C:\Users\CurrentUserName\Appdata\Local\ Microsoft\Edge\User Data\Default\Cache\*.*
EmptyTemp:
C:\Windows\SoftwareDistribution\Download\ *
cmd: dism.exe /online /cleanup-image /restorehealth
cmd: sfc /scannow
Reboot:
end::