start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
CHR StartupUrls: Default -> "hxxps://isearch.avg.com/?cid={03DEAFBF-A150-4F4D-826C-45D5E8B9F923}&mid=8d6a24650f3c47d09f7ca9aaf373a2f5-ec30d2bea7df9f14b854ee0a3922a1fd5f5f33c8&lang=fr&ds=pd011&pr=
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-2223360658-2783666713-851788665-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKU\S-1-5-21-2223360658-2783666713-851788665-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKU\S-1-5-21-2223360658-2783666713-851788665-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-09-07]
2021-02-03 10:03 - 2021-02-03 10:03 - 000000000 ____D C:\Users\H R\Downloads\00596142623e962e9b924
2021-01-27 11:41 - 2021-01-27 11:41 - 000000000 ____D C:\Users\H R\AppData\Local\EaseUS
2021-01-27 11:41 - 2021-01-27 11:41 - 000000000 ____D C:\ProgramData\EaseUS
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=
SearchScopes: HKU\S-1-5-21-2223360658-2783666713-851788665-1001 -> DefaultScope {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q=
SearchScopes: HKU\S-1-5-21-2223360658-2783666713-851788665-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://www.bing.com/search?q=
EmptyTemp:
cmd: ipconfig /flushdns
cmd: netsh winsock reset 
cmd: sfc /scannow
end::