start::
CreateRestorePoint:
CloseProcesses:
Hosts:
HKU\S-1-5-21-1953335291-2865520626-3686461472-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1953335291-2865520626-3686461472-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
2020-06-13 11:57 - 2020-06-13 11:57 - 000458353 _____ C:\Users\danie\Desktop\ZHPDiag.html
2020-06-13 11:57 - 2020-06-13 11:57 - 000379559 _____ C:\Users\danie\Desktop\ZHPDiag.txt
2020-06-13 11:45 - 2020-06-13 11:45 - 003441024 _____ (Nicolas Coolman) C:\Users\danie\Desktop\ZHPSuite.exe
2020-06-13 11:45 - 2020-06-13 11:45 - 000000869 _____ C:\Users\danie\Desktop\ZHPSuite.lnk
2020-06-13 11:57 - 2019-05-02 19:38 - 000000000 ____D C:\Users\danie\AppData\Roaming\ZHP
2020-06-13 11:45 - 2020-01-11 20:22 - 000000000 ____D C:\Users\danie\Desktop\salomon
2020-06-13 11:45 - 2019-05-02 19:38 - 000000000 ____D C:\Users\danie\AppData\Local\ZHP
cmd: md C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
cmd: DISM /Online /Cleanup-image /Restorehealth
C:\Windows\Temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
cmd: ipconfig /flushdns
end::