start:: CreateRestorePoint: cmd: Net stop wuauserv CloseProcesses: Hosts: RemoveProxy: DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\000 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\001 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\002 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\003 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\004 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\005 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\006 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\007 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\008 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\009 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\010 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\011 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\012 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\013 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\014 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\015 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\016 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\017 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\018 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\019 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\020 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\021 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\022 C:\Users\youci\AppData\Local\Google\Chrome\User Data\Default\File System\023 DeleteKey: HKLM\SOFTWARE\Software DeleteKey: HKLM\SOFTWARE\WOW6432Node\360Safe DeleteKey: HKLM\SOFTWARE\WOW6432Node\LiveUpdate360 DeleteKey: HKCU\SOFTWARE\LiveUpdate360 DeleteKey: HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\SOFTWARE\LiveUpdate360 C:\Users\Administrator]\Desktop\ESET Online Scanner.lnk C:\Users\Administrator]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk C:\Users\Guest]\Desktop\ESET Online Scanner.lnk C:\Users\Guest]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk C:\Users\XT20]\Desktop\ESET Online Scanner.lnk C:\Users\XT20]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk C:\Users\youci]\Desktop\ESET Online Scanner.lnk C:\Users\youci]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk C:\Users\youci\AppData\Local\ESET C:\Users\youci\AppData\Roaming\java HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION Task: {EC796CFA-4A81-4D44-B862-FA4113B3D132} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\youci\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File) Task: {404CDD71-761C-4679-B621-17958BBB0BA1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\youci\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File) HKU\S-1-5-21-4056805920-4052010687-4126290545-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Policies\...\system: [UseOEMBackground] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-19\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-19\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-20\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-20\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1001\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-4056805920-4052010687-4126290545-1002\Software\Policies\...\system: [EnableCdp] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-18\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-18\...\Policies\Explorer: [NoInternetOpenWith] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) Task: {EC796CFA-4A81-4D44-B862-FA4113B3D132} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\youci\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File) Task: {404CDD71-761C-4679-B621-17958BBB0BA1} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\youci\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File) Task: {23CFA005-DFD5-48EF-B0DE-4B2869B79A20} - System32\Tasks\GoogleUpdateTaskMachineCore{AD608940-A44A-439B-9D77-1FEA6C9A1DB1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-13] (Google LLC -> Google LLC) Task: {BED99B94-F3CC-411E-B5FE-832918FB06E7} - System32\Tasks\GoogleUpdateTaskMachineUA{C260C511-881C-41C5-B59F-44DE6E88507D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-05-13] (Google LLC -> Google LLC) CHR Notifications: Default -> hxxps://www.duolingo.com U2 aakore; no ImagePath U2 AcrSch2Svc; no ImagePath U2 Adguard Service; no ImagePath U2 afcdpsrv; no ImagePath U2 AVP; no ImagePath U2 avpsus; no ImagePath U3 BluetoothUserService_5c29c; no ImagePath U3 CaptureService_5c29c; no ImagePath U3 cbdhsvc_5c29c; no ImagePath U2 CDPUserSvc_5c29c; no ImagePath U3 ConsentUxUserSvc_5c29c; no ImagePath U3 cphs; no ImagePath U2 debugregsvc; no ImagePath U3 DeveloperToolsService; no ImagePath U2 DolbyDAXAPI; no ImagePath U2 edgeupdate; no ImagePath U3 edgeupdatem; no ImagePath U3 FontCache3.0.0.0; no ImagePath U2 IBMPMSVC; no ImagePath U2 igfxCUIService1.0.0.0; no ImagePath U2 LPlatSvc; no ImagePath U3 MessagingService_5c29c; no ImagePath U3 MicrosoftEdgeElevationService; no ImagePath U2 mmsminisrv; no ImagePath U3 mobile_backup_server; no ImagePath U3 mobile_backup_status_server; no ImagePath U3 MozillaMaintenance; no ImagePath U2 OneSyncSvc_5c29c; no ImagePath U3 QFXUpdateService; no ImagePath U2 RegSrvc; no ImagePath U2 SecureLine; no ImagePath U3 sshd; no ImagePath U3 SshdBroker; no ImagePath U4 syncagentsrv; no ImagePath U2 SynTPEnhService; no ImagePath U3 Tib Mounter Service; no ImagePath U2 USBSafelyRemoveService; no ImagePath U2 VMAuthdService; no ImagePath U2 VMnetDHCP; no ImagePath U2 VMUSBArbService; no ImagePath U2 VMware NAT Service; no ImagePath U2 VMwareHostd; no ImagePath U4 WebManagement; no ImagePath C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e2eSoft iVCam\Uninstall iVCam.lnk C:\Users\youci\Desktop\ESET Online Scanner.lnk C:\Users\youci\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk Comment: Les commandes suivantes supprimeront les fichiers temporaraires. C:\Windows\Temp\*.* C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\* C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\* C:\Users\CurrentUserName\Appdata\Local\Temp\*.* C:\Windows\SoftwareDistribution\Download\* C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.* Comment: La commande suivante videra les caches et historiques. StartBatch: del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*" del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*" del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk" For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History" RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 ipconfig /release ipconfig /renew ipconfig /flushdns ipconfig /registerdns netsh winsock reset netsh advfirewall reset netsh advfirewall set allprofiles state on netsh winhttp reset proxy dism.exe /online /cleanup-image /restorehealth sfc /scannow Endbatch: EmptyTemp: EmptyEventLogs: cmd: Net start wuauserv Reboot: end::