start::
CreateRestorePoint:
cmd: Net stop wuauserv
cmd: Rd /s /q %windir%\SoftwareDistribution\.
CloseProcesses:
EmptyTemp:
EmptyEventLogs:
Hosts:
RemoveProxy:
C:\Windows\Temp\*.*
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\CurrentUserName\Appdata\Local\Temp\*.*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
StartBatch:
rd /s /q "%userprofile%\AppData\Roaming\discord\Cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\code cache"
rd /s /q "%userprofile%\AppData\Roaming\discord\gpucache"
Endbatch:
C:\Users\sweet\AppData\Local\Temp\mat-debug-13804.log
C:\Users\sweet\AppData\Local\Temp\mat-debug-15656.log
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\kprm_2.19.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\kprm_2.19.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2895119632-3911074901-1427064611-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2895119632-3911074901-1427064611-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2895119632-3911074901-1427064611-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\kprm_2.19.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2895119632-3911074901-1427064611-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\sweet\Desktop\kprm_2.19.exe.ApplicationCompany
DeleteKey: HKLM\SOFTWARE\Setup
Task: {ED71DA93-B8D2-4429-8300-960D9FA158E3} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoBoostAddin.Prompt => C:\Program Files (x86)\Lenovo\VantageService\4.0.52.0\ScheduleEventAction.exe LenovoBoostAddin.Prompt (Pas de fichier)
Task: {B9C53149-6BCE-4537-B0DE-537ED221A7CF} - System32\Tasks\Lenovo\Vantage\StartupFixPlan => C:\Program Files (x86)\Lenovo\VantageService\4.2.24.0\\uninstall.exe /repair (Pas de fichier)
Task: {FF6ED7B1-816C-4B33-95DE-978ADBA2E87F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107976 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {456F73EF-A3CC-4CD3-8241-EB7147A2FC07} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [29107976 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4A461323-DE3C-4D06-8500-1800F8A87C46} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2895119632-3911074901-1427064611-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [695360 2025-05-01] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {4D323965-63B5-4970-9544-B86956E2E5F0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-05-01] (Mozilla Corporation -> Mozilla Foundation)
FirewallRules: [UDP Query User{4728F8A0-ED6D-47B8-81A7-DFAD22178E0D}C:\program files\windowsapps\appleinc.itunes_12131.3.2010.0_x64__nzyj5cx40ttqa\itunes.exe] => (Block) C:\program files\windowsapps\appleinc.itunes_12131.3.2010.0_x64__nzyj5cx40ttqa\itunes.exe => Pas de fichier
FirewallRules: [TCP Query User{BA594940-76C6-4A6A-B834-69CBF132DBE3}C:\program files\windowsapps\appleinc.itunes_12131.3.2010.0_x64__nzyj5cx40ttqa\itunes.exe] => (Block) C:\program files\windowsapps\appleinc.itunes_12131.3.2010.0_x64__nzyj5cx40ttqa\itunes.exe => Pas de fichier
StartBatch:
del /s /q C:\Windows\prefetch\*.*
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\."
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\cookies.sqlite" Del /s /q "%%d\cookies.sqlite")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
bitsadmin /reset /allusers
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start winmgmt
net start msiserver
net start bfe
net start trustedinstaller
net start windefend
net start mpssvc
net start mpsdrv
Winmgmt /salvagerepository
Winmgmt /resetrepository
Winmgmt /resyncperf
Endbatch:
cmd: Net start wuauserv
Reboot:
end::