ÿþstart:: CreateRestorePoint: cmd: Net stop wuauserv CloseProcesses: Hosts: RemoveProxy: HKLM\...\RunOnce: [ZHPCleaner_Folder1] => CMD /c DEL "C:\Users\DAO\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data" /F /Q (Pas de fichier) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION ShortcutTarget: $McRebootA5E6DEAA56$.lnk -> (Pas de fichier) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Task: {3467CE44-7B4D-45A4-8E68-A240E1B47CBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier) Task: {66CA70CD-329F-4C70-88CC-6ABC7A71730B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {CBADAC96-644A-4160-89E1-7FA3BD661054} - System32\Tasks\CorelUpdateHelperTask-D3700389C76368CA39F131FE5AC3ED92 => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe -resume (Pas de fichier) Task: {0030ABEB-D200-4F7A-BC5C-E011D3855FFA} - System32\Tasks\Opera scheduled Autoupdate 1513187509 => C:\Users\DAO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {38D46CA3-0AE1-4680-BBD3-5C8490B81880} - System32\Tasks\Opera scheduled Autoupdate 1700306246 => C:\Users\DAO\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Edge Profile: C:\Users\DAO\AppData\Local\Microsoft\Edge\User Data\cId=128000000001363769&path= [2023-11-23] <==== ATTENTION S2 AvastWscReporter; "C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4921752 2023-11-20] (Avast Software s.r.o. -> AVAST Software) HKLM\...\RunOnce: [ZHPCleaner_File1] => CMD /c DEL "C:\Users\DAO\AppData\Local\Microsoft\Edge\User Data\Default\History" /F /Q (Pas de fichier) HKLM\...\RunOnce: [ZHPCleaner_Folder1] => CMD /c DEL "C:\Users\DAO\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data" /F /Q (Pas de fichier) HKLM\...\RunOnce: [ZHPCleaner] => C:\Users\DAO\AppData\Roaming\ZHP\ZHPCleaner.txt [21154 2023-11-23] () [Fichier non signé] HKU\S-1-5-21-1172736205-2825080849-127684379-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44525472 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1172736205-2825080849-127684379-1001\...\MountPoints2: {29696bc0-76a8-11eb-85df-1c1b0d0e9969} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1172736205-2825080849-127684379-1001\...\MountPoints2: {7d962353-6d32-11e7-84ff-1c1b0d0e9969} - "F:\LaunchU3.exe" -a HKU\S-1-5-21-1172736205-2825080849-127684379-1001\...\MountPoints2: {a6763039-85fa-11ea-8581-1c1b0d0e9969} - "I:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\119.0.6045.160\Installer\chrmstp.exe [2023-11-17] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\118.0.22847.89\Installer\chrmstp.exe [2023-10-26] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\88.0.7980.150\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level Task: {3467CE44-7B4D-45A4-8E68-A240E1B47CBF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (Pas de fichier) Task: {315CA21D-3D5A-4B15-B3EA-B02D4EAEE9D8} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3418472 2023-10-18] (Avast Software s.r.o. -> AVAST Software) Task: {957692FD-43EF-488C-ABA8-F2485799D6DB} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3418472 2023-10-18] (Avast Software s.r.o. -> AVAST Software) Task: {C0731A24-6DFA-4F9D-8C42-AEF6AD17C836} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4845464 2023-11-20] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --log (l'élément de données a 99 caractères en plus). Task: {5A591570-B801-4B8B-B439-6ED3028E2C43} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [7319448 2023-11-20] (Avast Software s.r.o. -> Avast Software) Task: {66CA70CD-329F-4C70-88CC-6ABC7A71730B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {69C1A4CB-4E44-4A5A-930E-62E3194C54D6} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software) Task: {33471C56-1FA3-47D3-A426-0EB4EF3F8D95} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software) Task: {55ACB931-C2A0-4B00-8246-B2CB4F755D66} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {AB1E6672-A772-4841-8CBA-78C6E6F9678C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "9c44ef5d-ff74-464f-9d27-b0d52560c75d" --version "6.18.10824" --silent Task: {6056CE4F-40F7-4E1A-8AE2-71750341D16B} - System32\Tasks\CCleanerSkipUAC - DAO => C:\Program Files\CCleaner\CCleaner.exe [37544352 2023-11-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {B84ED77C-1B9E-4E28-8CF7-35A851A7E0CC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.) Task: {C7A98F30-10E3-43B0-980A-407578CDCEF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-07-13] (Google Inc -> Google Inc.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\EPSON ET-2820 Series Update {4871BE8D-FE1B-4560-B5AB-0D0017B74D61}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSYSE.EXE:/EXE:{4871BE8D-FE1B-4560-B5AB-0D0017B74D61} /F:UpdateWORKGROUP\DAO$ Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON ET-2820 Series Update {9ECC4AD8-96AD-48BF-9D46-D275E9DF8325}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSYSE.EXE:/EXE:{9ECC4AD8-96AD-48BF-9D46-D275E9DF8325} /F:UpdateWORKGROUP\DAO$ Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Notifications: Default -> hxxps://www.youtube.com Edge DefaultSearchURL: Default -> hxxps://lookup.seekitzip.com?c3a00d1ab240bd53031e65827e4a156e=H1xAXFNHX1ZZWFQNEQQwBw9cQ1pZQlddXlFLVVFCX1pZU1QJDB0LUw8DFFlYTFdfRgIWDVJZW1kPU18NUkJdQw5ZRghWQFldDQJCD0cXBw8FDxcAPh0LUwwRC1kHGFkZ&q={searchTerms} Edge HKLM-x32\...\Edge\Extension: [jcpgbnbdnakoblgfkbgggankeidkfcdl] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\DAO\AppData\Roaming\Mozilla\Firefox\Profiles\n75zxmmu.default-1517933578982\Extensions\sp@avast.com.xpi [2021-10-13] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-08-19] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-08-19] (Adobe Inc. -> ) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software) CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [llbcnfanfmjhpedaedhbcnpgeepdnnok] CHR HKLM-x32\...\Chrome\Extension: [njpedbdniajflhgfoipnjkednnlkngbj] CustomCLSID: HKU\S-1-5-21-1172736205-2825080849-127684379-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\DAO\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-1172736205-2825080849-127684379-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\DAO\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-1172736205-2825080849-127684379-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\DAO\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\amd64\FileSyncShell64.dll => Pas de fichier CustomCLSID: HKU\S-1-5-21-1172736205-2825080849-127684379-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\DAO\AppData\Local\Microsoft\OneDrive\18.212.1021.0008\FileCoAuth.exe => Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.fr/ HKU\S-1-5-21-1172736205-2825080849-127684379-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_5E468483BD59BF6C059C125F962DF77B" C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uninstall.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\laetjr\pdf\Guide l'utilisateur.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\laetjr\pdf\Merge PDF.lnk C:\ProgramData\Microsoft\Windows\Start Menu\Programs\laetjr\pdf\Supprimer MergePDF de l'ordinateur.lnk C:\Users\DAO\Downloads\waze.exe.lnk C:\Users\DAO\Desktop\DIVERS\Acrobat Reader DC.lnk C:\Users\DAO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk C:\Users\DAO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEmu\Désinstaller MEmu.lnk C:\Users\DAO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Drive (2).lnk C:\Users\DAO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Drive.lnk C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk C:\Users\Public\Desktop\PDFtoMusic 64-bit.lnk StartRegEdit: Windows Registry Editor Version 5.00 [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{19E59E9E-0CFF-4E56-B492-678F25ED694C} -] "URL"="" EndRegEdit: DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_5E468483BD59BF6C059C125F962DF77B DeleteValue: HKEY_USERS\S-1-5-21-1172736205-2825080849-127684379-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastBrowserAutoLaunch_5E468483BD59BF6C059C125F962DF77B DeleteKey: HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198 DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Active Setup\Installed Components\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe.ApplicationCompany DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\DAO\Desktop\7z2107-x64.exe.FriendlyAppName DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\DAO\Desktop\7z2107-x64.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\AVAST Software\Driver Updater\DriverUpdUI.exe.ApplicationCompany DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\DAO\Desktop\7z2107-x64.exe.FriendlyAppName DeleteValue: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\DAO\Desktop\7z2107-x64.exe.ApplicationCompany DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\AvastWscReporter) DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Maintenance\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{66CA70CD-329F-4C70-88CC-6ABC7A71730B} C:\Windows\System32\Tasks\Avast Software\Overseer C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe C:\WINDOWS\System32\Tasks\Avast Software\Overseer DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|AvWscRemove C:\Windows\Temp\wsc_proxy.exe C:\Users\DAO\AppData\Roaming\Mozilla\Firefox\Profiles\n75zxmmu.default-1517933578982\extensions\sp@avast.com.xpi DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|AvastUI.exe DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|AvastUI.exe DeleteKey: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} DeleteKey: HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} DeleteKey: HKLM\SOFTWARE\Classes\CLSID\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} DeleteKey: HKCR\CLSID\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19C3AB22-3718-4E4D-B203-242F5001565B} DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} DeleteKey: HKLM\SOFTWARE\AVAST Software DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software DeleteKey: HKCU\SOFTWARE\Avast Software DeleteKey: HKCU\SOFTWARE\AvastAdSDK DeleteKey: HKCU\SOFTWARE\Browser Cleanup DeleteKey: HKU\.DEFAULT\SOFTWARE\Avast Software DeleteKey: HKU\.DEFAULT\SOFTWARE\Browser Cleanup DeleteKey: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\SOFTWARE\Avast Software DeleteKey: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\SOFTWARE\AvastAdSDK DeleteKey: HKU\S-1-5-21-1172736205-2825080849-127684379-1001\SOFTWARE\Browser Cleanup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater C:\ProgramData\AVAST Software C:\Users\DAO\AppData\Local\AVAST Software DeleteKey: HKLM\SOFTWARE\McAfee C:\ProgramData\McAfee DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avira DeleteKey: HKLM\SOFTWARE\WOW6432Node\X-AVCSD C:\ProgramData\Avira DeleteKey: HKLM\SOFTWARE\WOW6432Node\Yahoo C:\Program Files (x86)\Yahoo! C:\Users\DAO\AppData\Roaming\Yahoo Comment: Les commandes suivantes supprimeront les fichiers temporaraires. C:\Windows\Temp\*.* C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\* C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\* C:\Users\CurrentUserName\Appdata\Local\Temp\*.* C:\Windows\SoftwareDistribution\Download\* C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.* Comment: La commande suivante videra les caches et historiques. StartBatch: del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*" del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*" del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk" For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*" del /s /q "%userprofile%\AppData\Local\Opera Software\*" For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*") For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite") del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History" del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History" del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera Stable\History" del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera GX Stable\History" RunDll32.exe InetCpl.cpl,ClearMyTracksByProcess 8 ipconfig /release ipconfig /renew ipconfig /flushdns ipconfig /registerdns netsh winsock reset netsh advfirewall reset netsh advfirewall set allprofiles state on netsh winhttp reset proxy dism.exe /online /cleanup-image /restorehealth sfc /scannow Endbatch: EmptyTemp: EmptyEventLogs: cmd: Net start wuauserv Reboot: end::