start::
CreateRestorePoint:
cmd: Net stop wuauserv
cmd: Rd /s /q %windir%\SoftwareDistribution\.
CloseProcesses:
EmptyTemp:
EmptyEventLogs:
Hosts:
RemoveProxy:
C:\Windows\Temp\*.* 
C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\*
C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\*
C:\Users\CurrentUserName\Appdata\Local\Temp\*.*
C:\ProgramData\Microsoft\Windows Defender\Scans\mpenginedb.db
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Service\*.*
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Pas de fichier)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe  (Pas de fichier)
Task: {4CB23E09-3AAD-48AE-9634-7548A1A4C4D1} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe  /RunOnAC RebootDialog (Pas de fichier)
Task: {021420A0-D1A3-478C-8A65-545DE3B66E3E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe  /RunOnBattery RebootDialog (Pas de fichier)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Pas de fichier)
Task: {E99A31A4-7373-4795-8320-698268BE634B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (Pas de fichier)
Task: {7AF7C837-0117-416B-8B11-4BC2B45FCC27} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2715982157-3697937772-1319394629-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  (Pas de fichier)
U3 aswBcc; pas de ImagePath
U3 Avast Business Console Client Antivirus Service; pas de ImagePath
S3 HWiNFO_204; \??\C:\Users\lstco\AppData\Local\Temp\HWiNFO_x64_204.sys [X] <==== ATTENTION
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [455976 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Run: [MicrosoftEdgeAutoLaunch_42DF5A43A4390047F10FA270BD5D1218] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4291112 2025-03-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> 
Task: {2F8373AD-2C7A-4B9E-AC59-B84B9138B5F0} - System32\Tasks\Avast Software\Avast Antivirus Patcher => C:\Program Files\Common Files\Avast Software\Icarus\avast-av\icarus.exe [8543016 2025-02-26] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {E36C95C6-D2C4-4E9B-8768-F10394AB8490} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5286696 2025-03-04] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {193F7326-516E-4FF9-A5A8-62E960F3A244} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-19] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {790BC3FB-861E-423C-BEB0-144EC5384A69} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {90754FA6-0317-4708-B0CB-F02F58B89808} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-2715982157-3697937772-1319394629-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-02-27] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {E7E0026C-9033-4B70-AA9C-524E41F65690} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-02-27] (Mozilla Corporation -> Mozilla Foundation)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> D:\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Pas de fichier
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} =>  -> Pas de fichier
FirewallRules: [{085B65E1-6DD3-4F9B-AE4F-BAFAE351E978}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{B32E9980-052C-4061-A780-2F34F0AD2AF5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{2D1257C1-A7AB-44F0-B7AD-6EFA14AC18E1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{BD27D4FD-0AF3-4641-AE33-93161CAD2DB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{B185F2FD-7EBC-4FB6-BF24-40B24C4458E7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{853AB357-F9DF-47FA-B347-BBC0F07613DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{0B9B7564-C230-4DB5-802B-BBAA1FC954AD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{AB4CC19B-5344-461B-A2E9-CC43E676A8DD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{3EDFDB36-4B8B-4645-9AD4-12CE672822F2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{FEF08BB9-E19F-45E4-8E1B-640B23E3B28C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.250.335.0_x64__zpdnekdrzrea0\Spotify.exe => Pas de fichier
FirewallRules: [{AEC9A84A-F222-437D-AB43-2BE5F220287D}] => (Allow) LPort=57209
FirewallRules: [{539B1D3C-6628-40EE-9DCA-682616EAFA65}] => (Allow) LPort=57210
FirewallRules: [{166BE29F-D858-45BC-B64C-0BFD5573B60D}] => (Allow) LPort=57211
FirewallRules: [{083D1491-B8EF-4A93-949B-952E1B8B3474}] => (Allow) LPort=57212
FirewallRules: [{45D102FF-AC4F-49A1-B928-807213A9DD8C}] => (Allow) LPort=57213
FirewallRules: [{BDE6EE85-3649-4479-97A7-08EC16F0B288}] => (Allow) LPort=57214
FirewallRules: [{AEF37172-9402-43AD-BC5C-E7B0D23703B0}] => (Allow) LPort=57215
FirewallRules: [{FEC4196E-8111-414B-8734-2FEA0AB013CD}] => (Allow) LPort=57216
FirewallRules: [{3EC90D98-7561-4A55-8E85-A7D71267EC5A}] => (Allow) LPort=57217
FirewallRules: [{ABCAAFC5-D4C3-498F-8356-787A8D93371A}] => (Allow) LPort=57218
FirewallRules: [{AEBA3F93-3657-4DE2-8E3C-33E16C4882A2}] => (Allow) LPort=57209
FirewallRules: [{C42DB134-8289-4186-B0F2-ED035C4E3EDB}] => (Allow) LPort=57210
FirewallRules: [{44BD6274-26A6-48DF-8F0A-C9060C80B876}] => (Allow) LPort=57211
FirewallRules: [{E0EB0F61-8098-4DDD-B88B-6B45ECCD18A5}] => (Allow) LPort=57212
FirewallRules: [{F032DA45-C669-4A93-A4CA-2F9D4F582BAE}] => (Allow) LPort=57213
FirewallRules: [{71E851BF-97AC-4C53-9991-472DCE8DD7B4}] => (Allow) LPort=57214
FirewallRules: [{18C70F5C-9F0F-4476-B7E8-FBF18BD1BD3B}] => (Allow) LPort=57215
FirewallRules: [{07AA02B4-B4A4-4B67-98CB-4BC12F73E301}] => (Allow) LPort=57216
FirewallRules: [{462A1C7B-CB4E-412E-BF4A-AD0BAF86B46B}] => (Allow) LPort=57217
FirewallRules: [{634DC02F-3A11-426B-9EB5-A2B7D1A23E9F}] => (Allow) LPort=57218
FirewallRules: [{C1167F87-1EBF-4F76-9759-5C82B414C673}] => (Allow) LPort=23007
FirewallRules: [{46279260-0B51-43EE-AC56-21A3DB416F64}] => (Allow) LPort=23008
FirewallRules: [{E833613D-703E-4C70-A57A-C7B1705006DD}] => (Allow) LPort=33009
FirewallRules: [{F8737BDF-7150-4CAB-B891-360769AF61AF}] => (Allow) LPort=33010
FirewallRules: [{527CEA04-7502-440B-A800-E2937CBB9EF5}] => (Allow) LPort=33011
FirewallRules: [{CAFE653B-2D9B-43DC-843C-82AE8BE9439F}] => (Allow) LPort=43012
FirewallRules: [{DEB6CC3B-2D4B-4271-A4CB-ABF760AFDD23}] => (Allow) LPort=43013
FirewallRules: [{773D6A41-D56B-4B2C-A8A9-46A5B356D392}] => (Allow) LPort=53014
FirewallRules: [{7D8E79C5-F89E-4090-B8D6-81F73942CDA4}] => (Allow) LPort=53015
FirewallRules: [{BC140308-E067-47DC-B290-D288F15C7B43}] => (Allow) LPort=53016
FirewallRules: [{98EAF6C0-503B-4282-A02E-351ADBC25F1E}] => (Allow) LPort=23007
FirewallRules: [{A9FE97F5-05DB-46F2-BA5D-DD57A5324AF6}] => (Allow) LPort=23008
FirewallRules: [{9E893601-00F9-404A-8F1D-2D2F108EED34}] => (Allow) LPort=33009
FirewallRules: [{FE7F34CF-0DE9-40FA-AE06-297316C3FFA6}] => (Allow) LPort=33010
FirewallRules: [{77498CDF-8DF5-451B-A59D-3F2F9EE4D789}] => (Allow) LPort=33011
FirewallRules: [{82D9A25C-1617-4411-A892-CEB66D147FF2}] => (Allow) LPort=43012
FirewallRules: [{DA5E99CF-3CEC-4DDC-8B95-7759B6A268F3}] => (Allow) LPort=43013
FirewallRules: [{3193D3FB-F735-4C0F-BE21-35A356B817D0}] => (Allow) LPort=53014
FirewallRules: [{EE570059-0CF3-475F-B367-E76FA5848472}] => (Allow) LPort=53015
FirewallRules: [{8F35C2EA-9807-4561-BDE5-AF70A41F4AAC}] => (Allow) LPort=53016
FirewallRules: [{DDEF0012-99AE-490E-917A-39B7228D4A97}] => (Allow) LPort=50053
FirewallRules: [{F56E84B0-5A49-445F-B577-C244D8A88C0B}] => (Allow) LPort=50053
C:\Users\lstco\Desktop\Logiciel utiles\paint.net.lnk
C:\Users\lstco\Desktop\Logiciel utiles\PDFCreator.lnk 
C:\Users\lstco\Desktop\Jeux de Sergio\Microsoft Flight Simulator.lnk
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{085B65E1-6DD3-4F9B-AE4F-BAFAE351E978}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B32E9980-052C-4061-A780-2F34F0AD2AF5}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2D1257C1-A7AB-44F0-B7AD-6EFA14AC18E1}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BD27D4FD-0AF3-4641-AE33-93161CAD2DB7}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B185F2FD-7EBC-4FB6-BF24-40B24C4458E7}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{853AB357-F9DF-47FA-B347-BBC0F07613DB}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0B9B7564-C230-4DB5-802B-BBAA1FC954AD}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AB4CC19B-5344-461B-A2E9-CC43E676A8DD}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3EDFDB36-4B8B-4645-9AD4-12CE672822F2}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{FEF08BB9-E19F-45E4-8E1B-640B23E3B28C}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{F317EDC4-5264-44AD-BF76-34AE2287C2FB}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{DF0EE50B-98C1-48A2-B55D-4A49F5682695}"
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFCreator.ShellContextMenu
DeleteKey: HKLM\SOFTWARE\POLICIES\Mozilla\Firefox
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\RogueKiller\RogueKiller64.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\RogueKiller\RogueKiller64.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\UCheck\UCheck64.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\UCheck\UCheck64.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Program Files\CPUID\CPU-Z\cpuz.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Program Files\CPUID\CPU-Z\cpuz.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Downloads\double-driver\Double Driver\dd.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Downloads\double-driver\Double Driver\dd.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\MCConfigNsis\mcsetup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\MCConfigNsis\mcsetup.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\UCheck_setup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\UCheck_setup.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\ProgramData\Malwarebytes\MBAMService\ctlrupdate\MBUpdateDlg.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\ProgramData\Malwarebytes\MBAMService\ctlrupdate\MBUpdateDlg.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner(1).exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner(1).exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\FRST.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\FRST.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\~nsuA.tmp\Un_A.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\RogueKiller\RogueKiller64.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\RogueKiller\RogueKiller64.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\UCheck\UCheck64.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Program Files\UCheck\UCheck64.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Program Files\CPUID\CPU-Z\cpuz.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|D:\Program Files\CPUID\CPU-Z\cpuz.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Downloads\double-driver\Double Driver\dd.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Downloads\double-driver\Double Driver\dd.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\MCConfigNsis\mcsetup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\MCConfigNsis\mcsetup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\UCheck_setup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\UCheck_setup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\ProgramData\Malwarebytes\MBAMService\ctlrupdate\MBUpdateDlg.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\ProgramData\Malwarebytes\MBAMService\ctlrupdate\MBUpdateDlg.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner(1).exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\Logiciel utiles\adwcleaner(1).exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\FRST.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\Desktop\FRST.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\lstco\AppData\Local\Temp\~nsuA.tmp\Un_A.exe.FriendlyAppName
DeleteKey: HKLM\SOFTWARE\Setup
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Avast Software
DeleteKey: HKLM\SOFTWARE\WOW6432Node\Wondershare
DeleteKey: HKCU\SOFTWARE\Wondershare
DeleteKey: HKU\S-1-5-21-2715982157-3697937772-1319394629-1001\SOFTWARE\Wondershare
DeleteKey: HKLM\SOFTWARE\PDF Architect 9
DeleteKey: HKU\.DEFAULT\SOFTWARE\PDF Architect 9
C:\Users\lstco\AppData\Local\Google\Chrome\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
C:\Users\lstco\AppData\Local\Google\Chrome\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
C:\Users\lstco\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjgpapimgnmibnacmeilgjefnoofefp
C:\Users\lstco\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
DeleteKey: HKLM\SOFTWARE\WOW6432Node\ComodoGroup
C:\Program Files\COMODO
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
C:\ProgramData\Comodo
C:\ProgramData\Comodo Downloader
C:\ProgramData\Shared Space
C:\Users\lstco\AppData\Roaming\Comodo
C:\Users\lstco\AppData\Local\Comodo
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}
StartBatch:
del /s /q C:\Windows\prefetch\*.*
del /s /q "%userprofile%\AppData\Local\Temp\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\*.*"
del /s /q "%userprofile%\AppData\LocalLow\Microsoft\CryptnetUrlCache\Metada\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\History\*.*"
del /s /q "%userprofile%\AppData\Local\Microsoft\Windows\Temporary Internet Files\*.*"
del /s /q "%userprofile%\AppData\Roaming\Microsoft\Windows\Recent\*.lnk"
For /D %%d In ("%userprofile%\AppData\Local\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\Js\."
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\Cache\Cache_Data\."
For /D %%d In ("%userprofile%\AppData\Local\Thunderbird\Profiles\*") Do (If Exist "%%d\Cache2" Del /s /q "%%d\Cache2\*.*")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\cookies.sqlite" Del /s /q "%%d\cookies.sqlite")
For /D %%d In ("%userprofile%\AppData\Roaming\Mozilla\Firefox\Profiles\*") Do (If Exist "%%d\Places.Sqlite" Del /s /q "%%d\Places.Sqlite")
del /s /q "%userprofile%\AppData\Local\Microsoft\Edge\User Data\Default\History"
ipconfig /release
ipconfig /renew
ipconfig /flushdns
ipconfig /registerdns
netsh winsock reset
netsh advfirewall reset 
netsh advfirewall set allprofiles state on
netsh winhttp reset proxy
bitsadmin /reset /allusers
net start sdrsvc
net start vss
net start rpcss
net start eventsystem
net start winmgmt
net start msiserver
net start bfe
net start trustedinstaller
net start windefend
net start mpssvc
net start mpsdrv
Winmgmt /salvagerepository
Winmgmt /resetrepository
Winmgmt /resyncperf
Endbatch:
cmd: Net start wuauserv
Reboot:
end::