start:: CreateRestorePoint: cmd: Net stop wuauserv CloseProcesses: Hosts: RemoveProxy: DeleteKey: HKCU\SOFTWARE\13767fb8-1090-5f10-9b1e-b497b7aff594 DeleteKey: HKU\S-1-5-21-1461476808-3071307920-1193196496-1001\SOFTWARE\13767fb8-1090-5f10-9b1e-b497b7aff594 DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} DeleteKey: HKLM\Software\Classes\lnkfile\shellex\ContextMenuHandlers\WinRAR32 DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2023-11-19] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2023-11-19] <==== ATTENTION S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X] Task: {17A1F60A-1F6B-4E16-A4EC-BCEBE8DF0605} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [676256 2023-11-09] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Edge HKU\S-1-5-21-1461476808-3071307920-1193196496-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] CustomCLSID: HKU\S-1-5-21-1461476808-3071307920-1193196496-1001_Classes\CLSID\{4a96f2fa-d820-4a0f-8206-a49e0eaf1de4}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Pas de fichier AlternateDataStreams: C:\Users\ZINO\Desktop\120x IPTV.txt:shield [144] AlternateDataStreams: C:\Users\ZINO\Documents\FactureFA00095578.pdf:shield [94] AlternateDataStreams: C:\Users\ZINO\Documents\Mi AI Translate_4.4.2-202304132029[AND].apk:shield [455] AlternateDataStreams: C:\Users\ZINO\Documents\tv_channels_641688128477098_plus.m3u:shield [200] AlternateDataStreams: C:\Users\ZINO\Documents\twrp-3.7.0_12-v7.9_A13-diting-skkk.img:shield [107] HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1461476808-3071307920-1193196496-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk Comment: Les commandes suivantes supprimeront les fichiers temporaraires. C:\Windows\Temp\*.* C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\* C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\* C:\Users\CurrentUserName\Appdata\Local\Temp\*.* C:\Windows\SoftwareDistribution\Download\* C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.* Comment: La commande suivante videra les caches et historiques. StartBatch: del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*" del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*" del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk" For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History" RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 ipconfig /release ipconfig /renew ipconfig /flushdns ipconfig /registerdns netsh winsock reset netsh advfirewall reset netsh advfirewall set allprofiles state on netsh winhttp reset proxy sfc /scannow Endbatch: EmptyTemp: EmptyEventLogs: cmd: Net start wuauserv Reboot: end::