CreateRestorePoint:
cmd: Net stop wuauserv
CloseProcesses:
EmptyTemp:
Hosts:
RemoveProxy:
StartRegEdit:
Windows Registry Editor Version 5.00
[HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{72007130-5C71-4BD8-8356-4CE7DA9A1E07}:]
"NameServer"=""
[HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AE2E8184-0721-4326-8836-D49B900584C9}:]
"NameServer"=""
[HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{D8B54409-0E4E-48D1-9997-E0178B88A2ED}:]
"NameServer"=""
[HKLM\Software\Wo6432Node\Microsoft\Internet Explorer\SearchScopes\{F585EB2C-1A88-44B9-B090-78DB7985A941} -]
"URL"=""
EndRegEdit:
DeleteKey: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox
DeleteKey: HKLM\SOFTWARE\1D0EC6DE-4A80-4CC3-A335-E6E41C951198
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\CLVDShellExt
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\CLVDShellExt
C:\Users\Marie-thÃÂ©rese\AppData\Local\Google\Chrome\User Data\Default\File System\000
C:\Users\Marie-thÃÂ©rese\AppData\Local\Google\Chrome\User Data\Default\File System\001
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\AppData\Local\Programs\Opera\Launcher.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\AppData\Local\Programs\Opera\Launcher.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\OperaSetup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\OperaSetup.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\soffice.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\soffice.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\swriter.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\swriter.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\sdraw.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\sdraw.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\simpress.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\simpress.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\scalc.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\scalc.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\Windows10Upgrade24074.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\Windows10Upgrade24074.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPSuite.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPSuite.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\AppData\Local\Programs\Opera\Launcher.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\AppData\Local\Programs\Opera\Launcher.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\OperaSetup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\OperaSetup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\soffice.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\soffice.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\swriter.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\swriter.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\sdraw.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\sdraw.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\simpress.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\simpress.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\scalc.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\LibreOffice\program\scalc.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\Windows10Upgrade24074.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\Windows10Upgrade24074.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPSuite.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\Marie-thÃÂ©rese\Downloads\ZHPSuite.exe.ApplicationCompany
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deluge
C:\Program Files (x86)\Deluge
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
C:\Users\Marie-thÃÂ©rese\AppData\Roaming\deluge
DeleteKey: HKLM\SOFTWARE\Software
DeleteKey: HKLM\SOFTWARE\McAfee
DeleteKey: HKLM\SOFTWARE\WOW6432Node\McAfee
DeleteKey: HKU\.DEFAULT\SOFTWARE\McAfee
C:\ProgramData\McAfee
C:\Program Files (x86)\Common Files\mcafee
DeleteKey: HKLM\SOFTWARE\Norton
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Symantec
DeleteKey: HKCU\SOFTWARE\Norton
DeleteKey: HKCU\SOFTWARE\AppDataLow\Software\Norton
DeleteKey: HKU\.DEFAULT\SOFTWARE\Norton
DeleteKey: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\SOFTWARE\Norton
C:\Program Files (x86)\Norton Internet Security
C:\ProgramData\Norton
C:\ProgramData\NortonInstaller
DeleteKey: HKLM\SOFTWARE\WOW6432Node\WildTangent
C:\Program Files (x86)\WindowsApps\WildTangentGames.-GamesApp-_1.0.3.28_x86__qt5r5pa5dyg8m - (.WildTangent.) 
C:\ProgramData\WildTangent
C:\Users\Marie-thÃÂ©rese\AppData\Roaming\WildTangent
C:\Windows\System32\Config\systemprofile\AppData\Roaming\WildTangent
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {6ABD88AC-CFE5-4504-9D03-C963D14B5081} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  (Pas de fichier)
Task: {E420B155-5FD7-4872-BA69-ECBC67A35A0E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  /DeviceScanR6 (Pas de fichier)
Task: {D3CD811C-3811-4F82-9EEC-8DDEDFDFC984} - System32\Tasks\Kamo\KamoStart => C:\Program Files (x86)\Kamo\Kamo.exe  -minimizedBoot (Pas de fichier)
Task: {46A9F714-E9A6-4E9C-9A58-5BCFFFCE0003} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe  /analyze (Pas de fichier)
Task: {6643511D-08EC-4E37-BD79-850425EF5CBE} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\SymErr.exe  /submit (Pas de fichier)
Task: {BEC12B86-FE2F-4D87-A316-94F45B7786FA} - System32\Tasks\Opera scheduled Autoupdate 1646983174 => C:\Users\Marie-thÃÂ©rese\AppData\Local\Programs\Opera\launcher.exe  --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {BC8BC67B-CD55-416A-BDED-0FDEC7DF8702} - System32\Tasks\Remediation\AntimalwareMigrationTask => "C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe"  /upgrade /user_logon (Pas de fichier)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier]
S2 KamoSvc; "C:\Program Files (x86)\Kamo\KamoSvc.exe" [X]
U3 McAPExe; pas de ImagePath
U3 McMPFSvc; pas de ImagePath
U3 McNaiAnn; pas de ImagePath
U3 mcpltsvc; pas de ImagePath
U3 McProxy; pas de ImagePath
U3 mfecore; pas de ImagePath
U3 MSK80Service; pas de ImagePath
HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44529568 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.168\Installer\chrmstp.exe [2023-10-11] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Task: {293BD608-F0FD-4FC0-BCAE-95901192F0B0} - System32\Tasks\{A66C37EC-ECDB-44B7-B379-AC4B8E71762F} => c:\program files (x86)\google\chrome\application\chrome.exe [3151136 2023-10-02] (Google LLC -> Google LLC) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.18.0.106&LastError=12002
Task: {BC437156-9E86-45F3-8CE5-29C8E94975A2} - System32\Tasks\{F1F66240-E24B-4A2E-BF73-1B9DE5783473} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a E:\Setup.EXE -d E:\
Task: {EF0CD7AE-E582-49E5-8D4F-9E0B3581AD05} - System32\Tasks\{FCF80929-CD22-46CE-91E9-09FF91D5D460} => C:\Windows\system32\pcalua.exe [13312 2018-01-02] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files\Lexmark Pro200-S500 Series\Install\x64\instgui.exe" -c /u
Task: {5B92BC13-947C-4C69-9685-DC57739EE386} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {4C013249-B762-4003-8C3A-7B9E216D4ED3} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "647b8038-0eff-4fc2-8e8f-ff1bf1d4058d" --version "6.18.10838" --silent
Task: {23ED960D-33F4-4B4E-B71C-2ADF1879441F} - System32\Tasks\CCleanerSkipUAC - Lionel => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C5DBEB5F-3D4B-47E7-97E7-98084B0192D1} - System32\Tasks\CCleanerSkipUAC - Marie-thÃÂ©rese => C:\Program Files\CCleaner\CCleaner.exe [37546912 2023-11-21] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9CEDDF20-9D80-4861-9991-4B2A4A48935C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {12AD43E8-834C-4D72-A56C-A9C84D388FEA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-09-04] (Google Inc -> Google Inc.)
Task: {D72B9541-1D4D-48EF-9F88-849F457E457A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-11-22] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {9E6A4803-CDAC-4B0E-AEE5-F6641BA4B90D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {C35BBB2B-2300-4D60-AFF8-13185E0CC189} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-03-07] (CyberLink Corp. -> CyberLink Corp.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} =>  -> Pas de fichier
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> Pas de fichier
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
SearchScopes: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001 -> {F585EB2C-1A88-44B9-B090-78DB7985A941} URL = 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
Toolbar: HKU\S-1-5-21-2790450368-3373794169-1768395478-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  Pas de fichier
FirewallRules: [TCP Query User{2DBF7F8A-212A-4A29-A6DB-2972D80CFAE1}C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe] => (Block) C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{0F388282-67F9-4230-8A25-61B6DC467978}C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe] => (Block) C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe => Pas de fichier
FirewallRules: [TCP Query User{46147130-A5ED-47CF-8FAA-5318F3A638C0}C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe => Pas de fichier
FirewallRules: [UDP Query User{2139E529-0D86-48A8-9A1D-30F258754FB3}C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe] => (Allow) C:\users\marie-thÃÂ©rese\appdata\local\programs\opera\opera.exe => Pas de fichier
FirewallRules: [{3A9715B6-F10D-42B6-8E77-667C8F0CFA04}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => Pas de fichier
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/3
HKU\S-1-5-21-2790450368-3373794169-1768395478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/?gws_rd=ssl#cns=0&gws_rd=ssl&spf=1526657000627
SearchScopes: HKLM -> {F585EB2C-1A88-44B9-B090-78DB7985A941} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {F585EB2C-1A88-44B9-B090-78DB7985A941} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Piriform\Kamo.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Dragons Of Atlantis.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{e923cba5-ed90-4670-bf07-064d14a1cd55}\PlayTasks\0\web.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{b0e43195-dbe0-4647-8e23-84fc3b08cee9}\PlayTasks\0\web.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{2D080D0F-37EF-433E-90F1-CE36EB0205F6}\PlayTasks\0\web.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{227680FF-28CE-48EE-AADF-8D009B2813A9}\PlayTasks\0\web.lnk
C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk
C:\Users\Marie-thÃÂ©rese\Desktop\My Passport (F) - Raccourci.lnk
C:\Users\Marie-thÃÂ©rese\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
C:\Users\Marie-thÃÂ©rese\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Calendar.lnk
C:\Users\Marie-thÃÂ©rese\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.Mail.lnk
C:\Users\Marie-thÃÂ©rese\AppData\Local\Microsoft\Windows\Application Shortcuts\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\Microsoft.WindowsLive.People.lnk
C:\Windows\Temp\*.* 
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\Marie-thÃ©rese\Appdata\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
C:\Windows\prefetch\*.*
StartBatch:
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
rd /s /q "%userprofile%\AppData\Roaming\discord\Cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\code cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Opera Software\*"
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera Stable\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera GX Stable\History"
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset 
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
dism.exe /online /cleanup-image /restorehealth
sfc /scannow
Endbatch:
EmptyEventLogs:
cmd: Net stop Sysmain
cmd: sc stop "SysMain" & sc config "SysMain" start=disabled
cmd: Net start wuauserv
Reboot: