start::
Hosts:
Removeproxy:
CreateRestorePoint:
CloseProcesses:
IE trusted site: HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\localhost -> localhost
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "AvastBrowserAutoLaunch_C7AA158FB1A21DCF776CF297BF5C22DA"
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "EPSDNMON"
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "Adobe Acrobat Synchronizer"
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000002"
HKU\S-1-5-21-120247713-1091908708-4268848405-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.200\Installer\chrmstp.exe [2024-01-09] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2D0A0D52-0076-4FC0-8E46-38DACA0956D2} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\jean-\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-12-22] (ESET, spol. s r.o. -> ESET)
Task: {7266C531-F86E-49C2-A155-00981730BDD8} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\jean-\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-12-22] (ESET, spol. s r.o. -> ESET)
Edge Extension: (Avast Online Security & Privacy) - C:\Users\jean-\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-12-04]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
R2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16039344 2023-12-05] (ADLICE -> )
U1 aswbdisk; pas de ImagePath
U1 bdvedisk; pas de ImagePath
S2 BlueStacksDrv_nxt; \??\C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [X]
S2 SSGDIO; \??\C:\WINDOWS\SysWOW64\DRIVERS\ssgdio64.sys [X]
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
2024-01-09 11:53 - 2024-01-09 11:53 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-01-09 11:53 - 2024-01-09 11:53 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2024-01-09 11:51 - 2024-01-09 11:51 - 014071400 _____ (AVAST Software) C:\Users\jean-\Downloads\avastclear.exe
2024-01-09 11:48 - 2024-01-09 11:48 - 000084736 _____ C:\ProgramData\agent.uninstall.1704797315.bdinstall.v2.bin
2024-01-08 19:23 - 2024-01-08 19:24 - 000000000 ____D C:\Users\jean-\AppData\Roaming\Bitwarden
2024-01-08 19:23 - 2024-01-08 19:23 - 000001970 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk
2024-01-08 19:23 - 2024-01-08 19:23 - 000000000 ____D C:\Users\jean-\AppData\Local\bitwarden-updater
2024-01-08 19:23 - 2024-01-08 19:23 - 000000000 ____D C:\Program Files\Bitwarden
2024-01-08 19:20 - 2024-01-08 19:20 - 000731824 _____ (Bitwarden Inc.) C:\Users\jean-\Downloads\Bitwarden-Installer-2023.12.1.exe
2024-01-08 12:09 - 2024-01-08 12:13 - 000000000 ____D C:\ProgramData\RogueKiller
2024-01-08 12:09 - 2024-01-08 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2024-01-08 12:09 - 2024-01-08 12:09 - 000000000 ____D C:\Program Files\RogueKiller
2024-01-08 12:08 - 2024-01-08 12:08 - 047837272 _____ (Adlice Software ) C:\Users\jean-\Downloads\RogueKiller_setup.exe
2024-01-09 11:54 - 2022-04-04 15:05 - 000000000 ____D C:\ProgramData\Avast Software
StartBatch:
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\*.*"
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\cookies.sqlite" Del /s /q "%%d\cookies.sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
Endbatch:
cmd: ipconfig /flushdns
cmd: netsh advfirewall reset
cmd: netsh winsock reset
cmd: sfc /scannow
EmptyEventLogs:
EmptyTemp:
end::