start::
CreateRestorePoint:
cmd: Net stop wuauserv
CloseProcesses:
Hosts:
RemoveProxy:
C:\Users\Administrator]\Desktop\Discord.lnk
C:\Users\Guest]\Desktop\Discord.lnk
C:\Users\pasca]\Desktop\Discord.lnk
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip
DeleteKey: HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu
DeleteKey: HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}
DeleteKey: HKLM\Software\Wow6432Node\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip
DeleteKey: HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\7-Zip
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|BitTorrent
DeleteValue: HKEY_USERS\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|BitTorrent
DeleteKey: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitTorrent
DeleteKey: HKCU\SOFTWARE\BitTorrent
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\BitTorrent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
C:\Users\pasca\AppData\Roaming\BitTorrent
C:\Users\pasca\AppData\Roaming\deluge
C:\Users\pasca\AppData\Roaming\uTorrent
C:\Users\pasca\AppData\LocalLow\uTorrent
C:\Users\pasca\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Avira SystrayStartTrigger
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Avira System Speedup User Starter
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{47430B15-7CE6-46CF-903E-B85CD2D29A7D}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{f24507a8-a438-4e46-9563-6d53c727bd7e}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avira
DeleteKey: HKCU\SOFTWARE\Avira
DeleteKey: HKU\.DEFAULT\SOFTWARE\Avira
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\Avira
C:\ProgramData\Avira
C:\Users\pasca\AppData\Local\Avira
C:\Users\pasca\AppData\Local\AviraSpeedup
C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Avira
C:\WINDOWS\Installer\275fa8b3.msi  [
C:\WINDOWS\Installer\2d66f.msi  [
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}
DeleteKey: HKLM\SOFTWARE\WOW6432Node\JavaSoft
DeleteKey: HKCU\SOFTWARE\JavaSoft
DeleteKey: HKCU\SOFTWARE\AppDataLow\Software\JavaSoft
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\JavaSoft
C:\Users\pasca\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|mcpltui_exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder|McAfee Security Scan Plus.lnk
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F210DAEC-9E43-467E-87E8-B02DA469CFFC}
DeleteKey: HKLM\SOFTWARE\McAfee.com
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee.com
DeleteKey: HKCU\SOFTWARE\McAfee, Inc
DeleteKey: HKU\.DEFAULT\SOFTWARE\McAfee
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\McAfee, Inc
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
C:\ProgramData\McAfee
C:\Users\pasca\AppData\Roaming\McAfee Safe Connect
C:\Users\pasca\AppData\Local\McAfee_Inc
C:\WINDOWS\Installer\57070dc.msi  [
C:\Users\Administrator]\Desktop\Wondershare Filmora.lnk
C:\Users\Guest]\Desktop\Wondershare Filmora.lnk
C:\Users\pasca]\Desktop\Wondershare Filmora.lnk
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Wondershare Helper Compact.exe
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|Wondershare Helper Compact.exe
DeleteKey: HKLM\SOFTWARE\Wondershare
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Wondershare
DeleteKey: HKCU\SOFTWARE\Wondershare
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\Wondershare
C:\Program Files\Wondershare
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
C:\ProgramData\Wondershare
C:\ProgramData\Wondershare Video Editor
C:\Users\pasca\AppData\Roaming\Wondershare
C:\Users\pasca\AppData\Local\Wondershare
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\GamesAppIntegrationService)
C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
DeleteKey: HKLM\SOFTWARE\WOW6432Node\WildTangent
C:\ProgramData\WildTangent
C:\WINDOWS\System32\Config\systemprofile\AppData\Roaming\WildTangent
DeleteKey: HKCU\SOFTWARE\AvastAdSDK
DeleteKey: HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\AvastAdSDK
unlock: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\ACDaemon)
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
unlock: C:\WINDOWS\System32\drivers\dtlitescsibus.sys
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\dtlitescsibus)
C:\WINDOWS\System32\drivers\dtlitescsibus.sys
unlock: C:\WINDOWS\System32\drivers\dtliteusbbus.sys
DeleteKey: HKLM\SYSTEM\CurrentControlSet\Services\dtliteusbbus)
C:\WINDOWS\System32\drivers\dtliteusbbus.sys
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ArcSoft Connection Service
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DAEMON Tools Lite Automount
DeleteValue: HKEY_USERS\S-1-5-21-2690875692-3361707652-1921272154-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|DAEMON Tools Lite Automount
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|APSDaemon
C:\ProgramData\DAEMON Tools Lite
C:\Users\pasca\AppData\Roaming\DAEMON Tools Lite
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {65246574-AAA4-4F16-A532-281FF1A309B3} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {F5BE7AEA-43F1-4DD6-81DE-8876BB15C570} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-pascal.morin71@sfr.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  -mode=scheduled (Pas de fichier)
Task: {F4DE2EAB-31A0-46F3-92A6-56D4D0FBD0B2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe  -task (Pas de fichier)
Task: {EA270164-0DCC-4D33-B190-91BBE485533E} - System32\Tasks\ASUS\AEGIS II Matrix => C:\Program Files (x86)\ASUS\AEGIS II\LaunchAtStartupHelper.exe  (Pas de fichier)
Task: {157C09F6-F526-49D5-B049-421648B92EF0} - System32\Tasks\ASUS\AEGIS_II Lighting AudioDetect Execute => C:\Program Files (x86)\ASUS\AEGIS II\Lighting\AudioDetect.exe  (Pas de fichier)
Task: {A40235C4-74CE-4CF2-8161-00CF5241B5A5} - System32\Tasks\ASUS\ASUS AiCharger_II TrayIcon => C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe  (Pas de fichier)
Task: {071A01FD-C9B1-4F18-8182-38E6E38C7447} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe  (Pas de fichier)
Task: {19694B13-DE72-4895-B57F-E4F5DED472DC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe  (Pas de fichier)
Task: {C5E15FDD-24D3-4E45-B9A4-60DBF551A93E} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe  (Pas de fichier)
Task: {5A8BCA64-F52D-4960-BF32-00A150F0E436} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe  (Pas de fichier)
Task: {59469634-5A5F-4D4D-BC76-1BA2ED50AC98} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe  (Pas de fichier)
Task: {0F6B1FF3-B96B-4263-91BD-BBC61741FF8A} - System32\Tasks\maLivebox => "C:\Program Files (x86)\Orange\ma Livebox\maLivebox.exe "  systray (Pas de fichier)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
FF Plugin-x32: @Diginext.fr/VirtualGeoGP -> C:\Program Files (x86)\VirtualGeo3-GP\WebPlugin\Win32\npQtAPI3DPlugin.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [Pas de fichier]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [Pas de fichier]
FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [Pas de fichier]
FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.101\elevation_service.exe" [X]
S3 ChromniusElevationService; "C:\Program Files\Chromnius\Application\116.0.5791.0\elevation_service.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\...\Policies\Explorer: [DisallowCpl] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-01] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\120.1.61.101\Installer\chrmstp.exe [2023-12-07] (Brave Software, Inc. -> Brave Software, Inc.)
Task: {6B84545E-7139-41C5-BBA0-4DAAACB2DA1F} - System32\Tasks\{14C46B85-54E6-4773-9392-F73642ADAB23} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {0EEF2746-42BC-49D0-AFCE-D1B3E6523EA1} - System32\Tasks\{3EBA4905-23EB-4B4F-8C86-E0DD47B0FB3C} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.18.0.112/fr/abandoninstall?source=lightinstaller&page=tsInstall
Task: {22626E76-1DE2-4590-97F9-4F86B3C5A1FA} - System32\Tasks\{85CF761F-961C-4E6E-B59F-8A53EEA91230} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {804CEE05-9A85-40C8-9821-02BA82A6AD2C} - System32\Tasks\{999A66A6-A423-4EF4-AAEA-CD4D7E841908} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {3DAB2F12-F8A1-4F5C-87D2-11E35BC22A32} - System32\Tasks\{A9AE10FE-66D9-4A76-A9A1-E80480AB8212} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {6B353292-FA22-4F2D-9B14-51DEAD4D4E85} - System32\Tasks\{CB9504E1-A375-4344-ACD3-031960402711} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {2F3ECBDB-1347-4635-A9FB-DB7C7BF6C0E8} - System32\Tasks\{EA1C59C6-270D-4DE4-BD32-A7A16D716B49} => "c:\program files (x86)\google\chrome\application\chrome.exe"  -> hxxp://ui.skype.com/ui/0/7.22.0.109/fr/abandoninstall?page=tsProgressBar
Task: {00016359-6F74-4E42-A17E-EB6E6622BBFF} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{82B989E3-A000-46B4-ABBF-04A2C4C45AA7} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-29] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {627CDCE6-A84C-43E2-909C-CB23BBF79CB2} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{8ECA386C-8975-4394-B562-176043F5E555} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174960 2023-04-29] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {D377F378-A378-410E-A0AF-18E8DA6D2B41} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EA176E36-5467-423E-AF14-0C102C8FEA5D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "cc2ee333-9a40-48cc-90d7-2aac0f5617bd" --version "6.18.10838" --silent
Task: {95D4955D-2291-491A-B436-566E7FA32BB9} - System32\Tasks\CCleanerSkipUAC - pasca => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {609577FA-F6DA-45BA-925D-1195B10B2E33} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-02] (Google LLC -> Google LLC)
Task: {F178EA06-9370-4147-BB5B-69582AE38BD8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162072 2023-06-02] (Google LLC -> Google LLC)
Task: {26A933E5-6438-4313-B4D9-112C1100BAF2} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674208 2023-12-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CDFF2A96-0C4F-47B9-B036-BA25BCA40632} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {66AF868E-DFEC-4B38-A5FC-25B9FFF4EBDD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342080 2022-03-30] (Nvidia Corporation -> NVIDIA Corporation)
Task: {D2334BDD-EC3F-4E1B-B883-5ED6C2C1E651} - System32\Tasks\Opera scheduled assistant Autoupdate 1619202869 => C:\Users\pasca\AppData\Local\Programs\Opera\launcher.exe [2527216 2022-07-07] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\pasca\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-342 343 345 Series Update {2A4C6C91-531A-47D1-A7C4-57A5AAC6074F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE:/EXE:{2A4C6C91-531A-47D1-A7C4-57A5AAC6074F} /F:UpdateWORKGROUP\DESKTOP-1S68QIB$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-342 343 345 Series Update {6EC54335-6A5C-453E-ABC5-FEA4DC49A4AD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSREE.EXE:/EXE:{6EC54335-6A5C-453E-ABC5-FEA4DC49A4AD} /F:UpdateWORKGROUP\DESKTOP-1S68QIB$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
2019-03-30 23:05 - 2023-11-27 13:08 - 000003075 _____ () C:\Users\pasca\AppData\Local\oobelibMkey.log
ShellIconOverlayIdentifiers: [     !AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} =>  -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> Pas de fichier
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Pas de fichier
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> Pas de fichier
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Pas de fichier
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> Pas de fichier
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Pas de fichier
AlternateDataStreams: C:\Recovery:err [1798]
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
BHO: Pas de nom -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Pas de fichier
BHO-x32: Pas de nom -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Pas de fichier
BHO-x32: Pas de nom -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> Pas de fichier
BHO-x32: Pas de nom -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Pas de fichier
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  Pas de fichier
HKU\S-1-5-21-2690875692-3361707652-1921272154-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ASUS15.msn.com/?pc=ASTE
StartRegedit: 
Windows Registry Editor Version 5.00
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_USERS\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains]
@=""
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains]
[-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P]
EndRegedit:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro Tryout.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Zip - Compresseur de fichiers.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Meeting LAB by CRIJ.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite NCH.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virbela Open Campus.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxal Modificateur de voix.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\Filmora\Wondershare Filmora.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TI Connect CE\TI Connect CE.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSC Service Utility\SSC Service Utility.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ROCCAT\Lua Mouse\Uninstall Lua Driver.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC VGA Camer@ Plus\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Base.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Calc.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Draw.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Impress.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Math.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice Writer.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.7\OpenOffice.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\OBS Studio (64bit).lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OBS Studio\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue\NewBlue Video Essentials for Windows\Uninstall.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Launcher\Minecraft Launcher.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingo ROOT\Uninstall Kingo ROOT.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etiam\ETIAM Viewer Lite\ETIAM Viewer Lite .lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Etiam\ETIAM Viewer Lite\ETIAM Viewer Lite Documentation.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enjoy6\Désinstaller Enjoy6.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enjoy6\Enjoy 6.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Video Downloader\Direct Video Downloader.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Direct Video Downloader\Uninstall Direct Video Downloader.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeTwo\QR Code Desktop Reader & Generator\QR Code Desktop Reader & Generator.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ROG Gaming Center.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\AEGIS III\AEGIS III.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 2\WebCam Companion 2.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoImpression 5\PhotoImpression 5.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\FoneLab pour Android\Désinstaller.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\FoneLab pour Android\FoneLab pour Android.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\FoneLab pour Android\Visiter le Produit.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6\Adobe Photoshop CS6.lnk
C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Defender.lnk
C:\Users\pasca\Suite NCH Software\Convertisseur d'images.lnk
C:\Users\pasca\Suite NCH Software\Convertisseur de fichiers audio.lnk
C:\Users\pasca\Suite NCH Software\Convertisseur de fichiers vidéo.lnk
C:\Users\pasca\Suite NCH Software\Convertisseur VHS en numérique.lnk
C:\Users\pasca\Suite NCH Software\Créateur d'étiquettes de disque.lnk
C:\Users\pasca\Suite NCH Software\Didacticiel de dactylographie.lnk
C:\Users\pasca\Suite NCH Software\Doxillion - Convertisseur de documents.lnk
C:\Users\pasca\Suite NCH Software\Enregistreur d'appels.lnk
C:\Users\pasca\Suite NCH Software\Enregistreur de streaming audio.lnk
C:\Users\pasca\Suite NCH Software\Enregistreur multipiste.lnk
C:\Users\pasca\Suite NCH Software\Extracteur de CD.lnk
C:\Users\pasca\Suite NCH Software\Graveur de CD, DVD, BluRay.lnk
C:\Users\pasca\Suite NCH Software\Logiciel Classic FTP.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de caisse enregistreuse.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de capture vidéo.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de comptabilité.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de design pour maison.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de diagrammes et d'organigrammes.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de diaporama.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de dictée.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de facturation.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de finances personnelles.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de gestion de l’inventaire.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de montage vidéo.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de retouche photo.lnk
C:\Users\pasca\Suite NCH Software\Logiciel de transcription.lnk
C:\Users\pasca\Suite NCH Software\Logiciel développeur de texte.lnk
C:\Users\pasca\Suite NCH Software\Éditeur audio.lnk
C:\Users\pasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AEGIS Toast Helper.lnk
C:\Users\pasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editions_Retz\Désinstaller Réussir en grammaire - CE2.lnk
C:\Users\pasca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Editions_Retz\Réussir en grammaire - CE2.lnk
C:\Users\pasca\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FoneLab pour Android.lnk
C:\Users\Public\Desktop\Adobe Photoshop CS6.lnk
C:\Users\Public\Desktop\AEGIS III.lnk
C:\Users\Public\Desktop\Audacity.lnk
C:\Users\Public\Desktop\Express Zip - Compresseur de fichiers.lnk
C:\Users\Public\Desktop\Meeting LAB by CRIJ.lnk
C:\Users\Public\Desktop\Minecraft Launcher.lnk
C:\Users\Public\Desktop\Notepad++.lnk
C:\Users\Public\Desktop\OpenOffice 4.1.7.lnk
C:\Users\Public\Desktop\Photo Impression 5.lnk
C:\Users\Public\Desktop\Suite NCH.lnk
C:\Users\Public\Desktop\Virbela Open Campus.lnk
C:\Users\Public\Desktop\WebCam Companion 2.lnk
C:\Windows\Temp\*.* 
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\CurrentUserName\Appdata\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
StartBatch:
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.dl*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.ex*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.zi*"
del /f /q "%userprofile%\AppData\Roaming\Microsoft\*.sy*"
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
del /f /q "%userprofile%\AppData\Local\*-gui"
del /f /q "%userprofile%\AppData\Roaming\*-gui"
rd /s /q "%userprofile%\AppData\Roaming\discord\Cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\code cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache"
del /s /q C:\Windows\prefetch\*.*
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Opera Software\*"
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera Stable\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera GX Stable\History"
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset 
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
dism.exe /online /cleanup-image /restorehealth
sfc /scannow
Endbatch:
EmptyTemp:
EmptyEventLogs:
cmd: Net start wuauserv
Reboot:
end::