start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd -> Piriform Ltd)
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D0EB269C-94DD-49C7-BCF1-12C9C3CF0AA8}C:\users\hp\appdata\local\google\chrome\application\chrome.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{01685AAB-BDFF-4E30-90AE-035B94215AD9}C:\users\hp\appdata\local\google\chrome\application\chrome.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{54F1902F-6CFF-4A94-B0A8-C8A0EA31691F}C:\users\hp\appdata\local\google\chrome\application\chrome.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{AA96989C-F3F1-449A-B778-0033CEEC8290}C:\users\hp\appdata\local\google\chrome\application\chrome.exe"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D0067BC3-4234-496B-A1B8-538166B3E49E}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F146D8D3-5A7C-4FB5-8A2B-320960EA00C9}"
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\File System\000
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Documents\LOGICIELS\FoxitReader1013_L10N_Setup_Prom.exe
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\Install_CopyTransControlCenter.exe
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\ZHPSuite.exe
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\FRST64.exe
DeleteValue: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe
DeleteValue: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Documents\LOGICIELS\FoxitReader1013_L10N_Setup_Prom.exe
DeleteValue: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\Install_CopyTransControlCenter.exe
DeleteValue: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\ZHPSuite.exe
DeleteValue: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Downloads\FRST64.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000_Classes\CLSID\{041F9391-C79D-44EE-AA4E-AF4E029C4B47}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.36.112\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000_Classes\CLSID\{69545769-8D02-4B07-A481-AD374CD8D5D1}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000_Classes\CLSID\{CA8FA699-91CD-412F-9D13-9B1222F4370E}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.36.82\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-3750863030-3335241652-3324603176-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.36.132\psuser_64.dll => Pas de fichier
StartBatch:
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\cookies.sqlite" Del /s /q "%%d\cookies.sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
Endbatch:
EmptyTemp:
end::