start::
CreateRestorePoint:
cmd: Net stop wuauserv
CloseProcesses:
Hosts:
RemoveProxy:
Task: {9FFFD7A3-AEC6-444C-AC81-6C2AD1FAE042} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Pas de fichier)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\bd_js_config.js [2023-11-19] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\bd_config.cfg [2023-11-19] <==== ATTENTION
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
U3 aspnet_state; pas de ImagePath
S4 nvvad_WaveExtensible; \SystemRoot\system32\drivers\nvvad64v.sys [X]
HKU\S-1-5-21-668651078-3824392964-2467101842-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44525472 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC)
Task: {8B4EB63C-C4A6-4B96-A14C-6D7405467A64} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {FE26FB6E-22DE-43DD-9CD8-51B1B62B04EE} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "d5211eb0-df07-4812-9c7d-3972cfc4da38" --version "6.18.10824" --silent
Task: {CB523C5F-E3CC-43C7-AE5C-87A80072E436} - System32\Tasks\CCleanerSkipUAC - saint => C:\Program Files\CCleaner\CCleaner.exe [37544352 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {233E00F7-B859-4CE9-BF42-886F02959CF5} - System32\Tasks\GoogleUpdateTaskMachineCore{4C7AFB07-0E89-473F-B6D7-597636C3F7D5} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-09] (Google LLC -> Google LLC)
Task: {F0A74CFB-6040-4B3F-B681-73F6744E7981} - System32\Tasks\GoogleUpdateTaskMachineUA{6E52AA09-E346-480A-B5B8-E212C225CE1C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-11-09] (Google LLC -> Google LLC)
Task: {2EBB022F-DF27-4F0B-94B0-8CE0565BD07E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {22CACF91-1E21-42BD-B60F-5F10C4B88083} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {4A752C77-F322-415B-A459-7D4D43AEF4DD} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {051CCB30-45FB-41A6-BE76-243D1D5823DC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {7DDCF72E-FC94-4BAC-99A3-BBAEAA7423BE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {4801A056-92C9-4E87-AD9D-9570BC2FD629} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {2657279B-C086-43B3-AF27-59C434EAAD14} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {B0EDBC91-78A0-44E9-A0BA-1AC7EA477892} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {51858AF9-F86D-42AF-B4B9-43CADA4DD66D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\windows\system32\cmd.exe [323584 2023-11-06] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckTest
Task: {06EB9859-D9E1-4051-BCEB-917DABABD15C} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {C3E84CEA-668B-4F2E-BECB-9C1C8794A6E4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [723872 2023-11-06] (Mozilla Corporation -> Mozilla Foundation)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Edge HKLM-x32\...\Edge\Extension: [dbconhplchnbippmjabbcedokimacfjl]
FF Notifications: Mozilla\Firefox\Profiles\dhr6fauh.default-release -> hxxps://chat.nrj.fr; hxxps://www.tomsguide.fr
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
ContextMenuHandlers1: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Pas de fichier
ContextMenuHandlers2: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Pas de fichier
ContextMenuHandlers4: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Pas de fichier
ContextMenuHandlers6: [Kaspersky Plus 21.15] -> {AE81D5A2-A34B-4D93-8DF8-540DBCE48043} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky 21.15\x64\shellex.dll -> Pas de fichier
AlternateDataStreams: C:\Users\saint\Desktop\FRST64.exe:BDU [0]
FirewallRules: [{E2CBB29B-F537-433D-91F3-68FEC859A1D8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{498E32F1-ABF7-41C5-8950-7236D23F05F9}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe => Pas de fichier
FirewallRules: [{EE755FA4-0B0C-4918-9B09-77167014BD54}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{7FF77567-F7F7-4E40-A6A1-86204BA552A3}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{529C26F7-DB58-41FD-BE64-4D053430EA5E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{E55D5168-8CBE-411C-ACAF-360A0DBA3956}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{D7C1CADD-4A29-4BC9-9122-B3CD8AE4410E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{5D2EDFE0-7D03-41C0-8490-643C8ECFF4EB}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{D74E8CD0-874A-4D97-A096-39EB59CA36F8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{64B5B78D-12AF-4F8D-A72F-67B760BB7782}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{A75992CC-A1AE-4AFD-A4AB-27D531AC05A7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{A51EDF41-1421-469A-AD13-3A3280F2B14C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{B2C31720-A4FC-42BA-9CDA-CB669505231C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{787547E9-F81F-4E68-B5D0-21F99C85D512}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{04CB6D1F-DB8A-42F4-AA7B-35BEF1394E6D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{54B8E953-DA27-4386-A1D4-EFD5F2AF0219}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2302.3.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe => Pas de fichier
FirewallRules: [{77E29394-E8D9-4862-9557-31C4E746E7AF}] => (Allow) D:\FunPlus\King of Avalon\nGame\17.3.0\KingofAvalon.exe => Pas de fichier
FirewallRules: [{68DA5742-C485-4579-AB20-ACB2A1DD9621}] => (Allow) D:\FunPlus\King of Avalon\nGame\17.3.0\KingofAvalon.exe => Pas de fichier
AV: Kaspersky (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
FW: Kaspersky (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\Kaspersky Plus 21.15
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Kaspersky Plus 21.15
C:\Users\saint\AppData\Local\Temp\mat-debug-11688.log
C:\Users\saint\AppData\Local\Temp\mat-debug-12368.log
C:\Users\saint\AppData\Local\Temp\mat-debug-13236.log
C:\Users\saint\AppData\Local\Temp\mat-debug-13332.log
C:\Users\saint\AppData\Local\Temp\mat-debug-13348.log
C:\Users\saint\AppData\Local\Temp\mat-debug-15416.log
C:\Users\saint\AppData\Local\Temp\mat-debug-17700.log
C:\Users\saint\AppData\Local\Temp\mat-debug-20432.log
C:\Users\saint\AppData\Local\Temp\mat-debug-20440.log
C:\Users\saint\AppData\Local\Temp\mat-debug-20492.log
C:\Users\saint\AppData\Local\Temp\mat-debug-20584.log
C:\Users\saint\AppData\Local\Temp\mat-debug-20776.log
C:\Users\saint\AppData\Local\Temp\mat-debug-4948.log
C:\Users\saint\AppData\Local\Temp\mat-debug-6952.log
C:\Users\saint\AppData\Local\Temp\mat-debug-7084.log
C:\Users\saint\AppData\Local\Temp\mat-debug-8020.log
DeleteKey: HKCU\SOFTWARE\BitTorrentPersist
DeleteKey: HKU\S-1-5-21-668651078-3824392964-2467101842-1001\SOFTWARE\BitTorrentPersist
C:\Users\saint\AppData\Local\BitTorrentHelper
C:\Users\saint\AppData\LocalLow\BitTorrent.WebView2
DeleteKey: HKLM\SOFTWARE\Setup
DeleteKey: HKLM\SOFTWARE\KasperskyLab
DeleteKey: HKLM\SOFTWARE\WOW6432Node\KasperskyLab
DeleteKey: HKCU\SOFTWARE\KasperskyLab
DeleteKey: HKU\S-1-5-21-668651078-3824392964-2467101842-1001\SOFTWARE\KasperskyLab
C:\ProgramData\Kaspersky Lab
C:\Program Files (x86)\Common Files\Kaspersky Lab
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15 
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\Kaspersky Plus 21.15 
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15 
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Plus 21.15 
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Kaspersky Plus 21.15 
DeleteKey: HKLM\Software\Classes\CLSID\{AE81D5A2-A34B-4D93-8DF8-540DBCE48043}
DeleteKey: HKLM\SOFTWARE\Wondershare
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Wondershare
DeleteKey: HKCU\SOFTWARE\Wondershare
DeleteKey: HKU\S-1-5-21-668651078-3824392964-2467101842-1001\SOFTWARE\Wondershare
C:\ProgramData\Wondershare
C:\Users\saint\AppData\Local\Wondershare
DeleteKey: HKLM\SOFTWARE\WOW6432Node\WildTangent
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-668651078-3824392964-2467101842-1001\SOFTWARE\AvastAdSDK
Comment: Les commandes suivantes supprimeront les fichiers temporaraires. 
C:\Windows\Temp\*.* 
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\CurrentUserName\Appdata\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
Comment: La commande suivante videra les caches et historiques.
StartBatch:
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset 
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
dism.exe /online /cleanup-image /restorehealth
sfc /scannow
Endbatch:
EmptyTemp:
EmptyEventLogs:
cmd: Net start wuauserv
Reboot:
end::