start:: CreateRestorePoint: cmd: Net stop wuauserv CloseProcesses: Hosts: RemoveProxy: DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Discord C:\ProgramData\SquirrelMachineInstalls\Discord.exe C:\Users\capta]\Desktop\Discord.lnk C:\Users\capta]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Discord.lnk DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Discord DeleteKey: HKCU\SOFTWARE\Discord DeleteKey: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\SOFTWARE\Discord DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} C:\Users\capta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\Maxon.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\Maxon.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\rga-uninstaller-helper.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\rgdeploy.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\uninstall-appmanager.bat.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Programs\Lively Wallpaper\Plugins\UI\Lively.UI.WinUI.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Programs\Lively Wallpaper\Plugins\UI\Lively.UI.WinUI.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Temp\7zS091E2351\Maxon App Installer.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Temp\7zS091E2351\Maxon App Installer.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2024\Photoshop.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\Maxon.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\Maxon.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\rga-uninstaller-helper.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\rgdeploy.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Maxon\App Manager\uninstall-appmanager.bat.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Programs\Lively Wallpaper\Plugins\UI\Lively.UI.WinUI.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Programs\Lively Wallpaper\Plugins\UI\Lively.UI.WinUI.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Temp\7zS091E2351\Maxon App Installer.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\capta\AppData\Local\Temp\7zS091E2351\Maxon App Installer.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\Adobe\Adobe Photoshop 2023\Photoshop.exe.ApplicationCompany DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|utweb C:\Users\capta\AppData\Roaming\uTorrent Web\utweb.exe { DeleteValue: HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\\Software\Microsoft\Windows\CurrentVersion\Run|utweb] C:\Users\capta]\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\uTorrent Web.lnk C:\Users\capta]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk C:\Users\Public\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Web.lnk DeleteKey: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\utweb {09B56EF42C8C343391AA2D2CE38550E3}. C:\Users\capta\AppData\Roaming\uTorrent Web C:\Users\capta\AppData\Local\BitTorrentHelper C:\Users\capta\AppData\Roaming\uTorrent Web\helper\helper.exe DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E9A37825-2911-4273-AA31-FB82B7604A58}" DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{45CE0C0E-422E-4859-A0B2-9A95C3DD7433}" Task: {6CD340BF-33AC-4AE3-BB63-5FA0800553C4} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Pas de fichier) S3 ArmouryLiveUpdate; %SystemRoot%\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ArmouryLiveUpdate.exe [X] S3 ROGKB; \SystemRoot\System32\DriverStore\FileRepository\rogkb.inf_amd64_d77507607440a92c\ROGKB.sys [X] S3 ROGMS; \SystemRoot\System32\DriverStore\FileRepository\rogms.inf_amd64_9074891d243b506d\ROGMS.sys [X] HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\...\Run: [GoogleChromeAutoLaunch_3752F12F255311BF9A8E850E9A7FCC9C] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 [2680608 2023-11-14] (Google LLC -> Google LLC) HKU\S-1-5-21-3330784312-2469646917-3487315108-1001\...\Run: [utweb] => C:\Users\capta\AppData\Roaming\uTorrent Web\utweb.exe [6425088 2023-10-11] (Rainberry Inc -> Rainberry Inc.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) Task: {AC4617AC-DCC2-46D4-889C-DEC993E50A38} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [617096 2022-02-25] (Apple Inc. -> Apple Inc.) Task: {9721B13A-ADB2-4569-A629-144480DA78DF} - System32\Tasks\GoogleUpdateTaskMachineCore{2D3F5F90-2E56-44B3-93AC-BF09700739D6} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-17] (Google LLC -> Google LLC) Task: {EC9E3EA2-5241-4AAC-BA89-37AFB7B7B51C} - System32\Tasks\GoogleUpdateTaskMachineUA{AFA8809B-C79D-4BCD-B466-A1F1E5F418DB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-17] (Google LLC -> Google LLC) Task: {753AE7A3-2D9E-448A-8CBA-5852CF154A40} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-10] (NVIDIA Corporation -> NVIDIA Corporation) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) FirewallRules: [{944CDD0E-4A33-492F-A731-442CB9A37EC8}] => (Block) %ProgramFiles%\Maxon\App Manager\Maxon.exe => Pas de fichier FirewallRules: [{13BC33CE-6D12-4D33-A056-B9640CF23B71}] => (Block) %ProgramFiles%\Maxon\App Manager\Maxon.exe => Pas de fichier C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxon App\Maxon.lnk C:\Users\capta\Desktop\4DDIG_20231117_023922\C\Fichiers supprimés\Windows.old\Users\mo\Desktop\EA.lnk C:\Users\capta\Desktop\4DDIG_20231117_023922\C\Fichiers supprimés\Windows.old\Users\mo\Desktop\MSI Afterburner.lnk C:\Users\capta\Desktop\4DDIG_20231117_023922\C\Fichiers supprimés\Windows.old\Users\mo\Desktop\Ubisoft Connect.lnk C:\Users\capta\Desktop\4DDIG_20231117_023922\C\Fichiers supprimés\Windows.old\Users\mo\Desktop\WeMod.lnk C:\Users\capta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Adobe Photoshop 2024.lnk Comment: Les commandes suivantes supprimeront les fichiers temporaraires. C:\Windows\Temp\*.* C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\* C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\* C:\Users\CurrentUserName\Appdata\Local\Temp\*.* C:\Windows\SoftwareDistribution\Download\* C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.* Comment: La commande suivante videra les caches et historiques. StartBatch: For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History" del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*" del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*" del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk" rd /s /q "%userprofile%\AppData\Roaming\discord\Cache" rd /s /q "%userprofile%\AppData\Roaming\discord\code cache" rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache" RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 ipconfig /release ipconfig /renew ipconfig /flushdns ipconfig /registerdns netsh winsock reset netsh advfirewall reset netsh advfirewall set allprofiles state on netsh winhttp reset proxy dism.exe /online /cleanup-image /restorehealth sfc /scannow Endbatch: EmptyTemp: EmptyEventLogs: cmd: Net start wuauserv Reboot: end::