Posté le 9 décembre
Télécharger | Reposter | Largeur fixe

start::
CreateRestorePoint:
cmd: Net stop wuauserv
cmd: Rd /s /q %windir%\SoftwareDistribution\.
CloseProcesses:
EmptyTemp:
EmptyEventLogs:
Hosts:
RemoveProxy:
C:\Windows\Temp\*.*
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\CurrentUserName\Appdata\Local\Temp\*.*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
StartBatch:
rd /s /q "%userprofile%\AppData\Roaming\discord\Cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\code cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache"
Endbatch:
HKU\S-1-5-21-2288617496-1674908155-242909765-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe (Pas de fichier)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {1FC10422-AD57-4FF1-AC72-0EEA0F6EF1E0} - System32\Tasks\ASUS\P508PowerAgent_sdk => C:\Program Files (x86)\ASUS\ArmouryDevice\dll\ShareFromArmouryIII\Mouse\ROG STRIX CARRY\P508PowerAgent.exe (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
R2 bcef68c6-c429-4f1c-b0ee-04c3e976b82c; C:\Windows\System32\nssm\nssm.exe [331264 2014-08-31] () [Fichier non signé] <==== ATTENTION
S2 DigitalWave.Update.Service; "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" [X]
S3 cpuz157; C:\Windows\temp\cpuz157\cpuz157_x64.sys [43568 2024-10-25] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
S3 cpuz154; \??\C:\Windows\temp\cpuz154\cpuz154_x64.sys [X] <==== ATTENTION
S3 cpuz158; \??\C:\Windows\temp\cpuz158\cpuz158_x64.sys [X] <==== ATTENTION
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S4 NvModuleTracker; \SystemRoot\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_ea6cec41fc5b2a8b\NvModuleTracker.sys [X]
HKU\S-1-5-21-2288617496-1674908155-242909765-1001\...\MountPoints2: {29ec6496-8d26-11ee-9724-806e6f6e6963} - "E:\Launcher.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\131.1.73.97\Installer\chrmstp.exe [2024-12-04] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{C6CB981E-DB30-4876-8639-109F8933582C}] -> C:\Program Files\BraveSoftware\Brave-Browser-Nightly\Application\132.1.75.76\Installer\chrmstp.exe [2024-12-05] (Brave Software, Inc. -> Brave Software, Inc.)
Task: {D85876E6-D479-476A-8C23-B7FC7621C5A2} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{87A2AE36-A46B-4790-914D-0692D83EFEAB} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-11-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {14B6E98C-D718-498D-BC2C-1EB8BA11EA52} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{0D76B7ED-F364-4441-B727-2C6EB18CCDA4} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [175424 2023-11-30] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {7F53EE29-B47F-4683-88D4-626574F501B0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{9F145D9B-D331-4808-A9BF-EB2EBA07BB36} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: C:\Windows\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
CHR Notifications: Default -> hxxps://epargnant.amundi-ee.com; hxxps://www.zone-telechargement.al
CustomCLSID: HKU\S-1-5-21-2288617496-1674908155-242909765-1001_Classes\CLSID\{2ef44377-6b87-da1d-4667-d19e0c702a4a}\localserver32 -> "\\Ds1821\sources_w\U\Text Grab_Reconnaissance de caractères\Text-Grab_20240903\Text-Grab_20240903.exe" -ToastActivated => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2288617496-1674908155-242909765-1001_Classes\CLSID\{cb0e036c-ec97-e075-0f71-577f2d15844b}\localserver32 -> "\\Ds1821\sources_w\U\Fan Control\Dézippé\FanControl.exe" -ToastActivated => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2288617496-1674908155-242909765-1001_Classes\CLSID\{d345354f-7883-4fee-9631-2b8c5be222b1}\InprocServer32 -> C:\Program Files\Mozilla Thunderbird\notificationserver.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2288617496-1674908155-242909765-1001_Classes\CLSID\{db6691bf-6364-b5aa-5d1f-b56d879fc1c7}\localserver32 -> "\\192.168.1.38\sources_w\U\Text Grab_Reconnaissance de caractères\Text-Grab_20240427\Text-Grab.exe" -ToastActivated => Pas de fichier
CustomCLSID: HKU\S-1-5-21-2288617496-1674908155-242909765-1001_Classes\CLSID\{f342559f-1401-1717-f43c-eb07e5d1e631}\localserver32 -> "\\Ds1821\sources_w\U\Text Grab_Reconnaissance de caractères\Text-Grab_20240427\Text-Grab.exe" -ToastActivated => Pas de fichier
HKLM\...\.reg: Regedit.Document => c:\Winnt\Regedit.exe %1 <==== ATTENTION
HKLM\...\.scr: => <==== ATTENTION
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk
C:\Users\ordic\Desktop\7-Zip.lnk
C:\Users\ordic\Desktop\QuickPanel.lnk
C:\Users\ordic\Desktop\U_WEB\TELECHARGEURS VIDEOS\YouTube Telecharger.lnk
C:\Users\ordic\Desktop\U_VIDEO\QuickTime Player.lnk
C:\Users\ordic\Desktop\U_SYSTEME\CPUID CPU-Z.lnk
C:\Users\ordic\Desktop\U_SYSTEME\Backups et ISO\Rufus-Créer un media bootable.lnk
C:\Users\ordic\Desktop\U_ELECTRONIQUE\QuickPanel équivalent FrontDesign.lnk
C:\Users\ordic\Desktop\U_ELECTRONIQUE\UTILITAIRES\Front Design - Faces avant.lnk
C:\Users\ordic\Desktop\U_BUREAUTIQUE\Scanner Menu complet.lnk
C:\Users\ordic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SyncBackFree.lnk
C:\Users\ordic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPanel\QuickPanel.lnk
C:\Users\ordic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QuickPanel\Uninstall.lnk
C:\Users\ordic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory\FormatFactory.lnk
DeleteValue: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|vidnotifier.exe
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\\Software\Microsoft\Windows\CurrentVersion\Run|vidnotifier.exe]
DeleteKey: HKCU\SOFTWARE\8ac9d89fab2fed8bba3ab2cdde0488dd
DeleteKey: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\SOFTWARE\8ac9d89fab2fed8bba3ab2cdde0488dd
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\FormatFactory\FormatFactory.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\FormatFactory\FormatFactory.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\ordic\AppData\Local\Temp\~nsuA.tmp\Un_A.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\QuickPanel\QuickPanel.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\SOURCES_W\7-Zip_Portable\7-ZipPortable_23.01.paf.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\SOURCES_W\7-Zip_Portable\7-ZipPortable_23.01.paf.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\7-Zip\7zFM.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\7-Zip\7zFM.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\7-ZipPortable\7-ZipPortable.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\7-ZipPortable\7-ZipPortable.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\FormatFactory\FormatFactory.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\FormatFactory\FormatFactory.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\ordic\AppData\Local\Temp\~nsuA.tmp\Un_A.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\QuickPanel\QuickPanel.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\SOURCES_W\7-Zip_Portable\7-ZipPortable_23.01.paf.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\SOURCES_W\7-Zip_Portable\7-ZipPortable_23.01.paf.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\7-Zip\7zFM.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files (x86)\7-Zip\7zFM.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\7-ZipPortable\7-ZipPortable.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2288617496-1674908155-242909765-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\7-ZipPortable\7-ZipPortable.exe.ApplicationCompany
C:\Users\ordic\AppData\Roaming\tixati
C:\Users\ordic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati
DeleteKey: HKLM\SOFTWARE\Setup
C:\ProgramData\Glarysoft
C:\Users\ordic\AppData\Roaming\GlarySoft
StartBatch:
del /s /q C:\Windows\prefetch\*.*
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\."
del /s /q "%userprofile%\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Cache\*.*"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera GX Stable\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera Stable\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Roaming\Opera Software\*"
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Google\Chrome\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
del /s /q "%userprofile%\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera Stable\History"
del /s /q "%userprofile%\AppData\Roaming\Opera Software\Opera GX Stable\History"
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
bitsadmin /reset /allusers
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start winmgmt
net start msiserver
net start bfe
net start trustedinstaller
net start windefend
net start mpssvc
net start mpsdrv
Winmgmt /salvagerepository
Winmgmt /resetrepository
Winmgmt /resyncperf
Endbatch:
cmd: Net start wuauserv
Reboot:
end::

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.