start::
closeprocesses:
createrestorepoint:
folder: C:\Users\diego\AppData\Local\chrome
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" 
SearchScopes: HKU\S-1-5-21-4071132763-520328940-1017125451-1001 -> DefaultScope {A61A08B4-0BEC-4684-85A0-6953EA23F707} URL =
SearchScopes: HKU\S-1-5-21-4071132763-520328940-1017125451-1001 -> {A61A08B4-0BEC-4684-85A0-6953EA23F707} URL = 
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-12-08] (Intel Corporation -> Intel) 
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-4071132763-520328940-1017125451-1001\...\webcompanion.com -> hxxp://webcompanion.com 
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION 
Task: {1961F61E-6503-406D-AE4F-B15EEEB0D0C6} - System32\Tasks\Opera scheduled assistant Autoupdate 1615395446 => C:\Users\diego\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\diego\AppData\Local\Programs\Opera\assistant" $(Arg0) 
Task: {5CF2503A-F572-4A28-A474-0E8D78F84513} - System32\Tasks\Opera scheduled assistant Autoupdate 1624214711 => C:\Users\diego\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\diego\AppData\Local\Programs\Opera\assistant" $(Arg0) 
Task: {07bd338c-fcc9-4383-9b45-d8420d759967} - pas de chemin du fichier
Task: {0fb2fea0-80da-4ec5-b8e4-dfc15299e669} - pas de chemin du fichier
Task: {118601bd-c504-4f9b-ad82-691c0bed4ffc} - pas de chemin du fichier
Task: {12e47ca8-be50-45e8-ae82-48d5c63a30b9} - pas de chemin du fichier
Task: {17b98ce4-a670-4b01-8e7e-ba44417bcc0b} - pas de chemin du fichier
Task: {50AE8475-04F0-4758-A513-BD54EAD52CFC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {5169f566-e8e8-4411-a8bd-51af26680ce4} - pas de chemin du fichier
Task: {65C1CDAD-4EF2-4CC8-8E4C-1FF73FB0547B} - System32\Tasks\Opera scheduled Autoupdate 1615395438 => C:\Users\diego\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {a3a59338-3e48-4a7a-aace-3c9ce91aad9e} - pas de chemin du fichier
Task: {c3c1d063-d1f5-4bb9-a9cb-e1351e4099e6} - pas de chemin du fichier
Task: {C52EE00B-BA32-4F5D-A682-5AEB0FF7FAE6} - System32\Tasks\Opera scheduled Autoupdate 1624214709 => C:\Users\diego\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
Task: {cc98fea1-a829-4a09-ae79-193b623e6dee} - pas de chemin du fichier
Task: {E6143FAD-9C29-4382-82F4-85ECB1AD4538} - \ChromeLoader -> Pas de fichier <==== ATTENTION 
CHR StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87cmkfohuuvnm4dfhjlnp6yh994319鄉1=y6bdVFVIsvuYsgEClQfz8BIv3asiQwDWuWCjTxRjKlIFex1bIuCkBoiZBzpMpGcvRyEBPqyFMzATNni3lEdjHDT7SQOUsIC%2B9c8lf2UFjH8St0Ewk3w9xGyIKk45XX1OuMf4EdA%2FloKtdYDGJx9RMGkZhQbAZdMJmW0%2BJXRc3NZUiLCmgt3zIP4YmnjFa9euu6AhXIZbVlMYdqRMs6pJWvNBIMOcqJtJnMDgVUuGiNlZtE9IExYIGZIdInNSfysXGGf9YiMYnOgD%2FNnbNDOlx3u%2FGPPEOSCgczj56gNctIi9R67CP4Ltz3mQo1Y4Ik6bWJpTCLGLX5NU9I6EpuVgwJeNsZ7QEF5L7QAQHG0HEHl0%2FZLD0QXU1dcGEhKfcpokeNbzCdIIY%2Fg5sDrl12%2FNrMYbWcJz25oEoKRHMUQdn3o%3D"
2022-01-05 19:29 - 2022-01-05 19:29 - 000000000 ____D C:\Users\diego\AppData\Local\chrome
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [mfhcmdonhekjhfbjmeacdjbhlfgpjabp] 
C:\WINDOWS\system32\default_error_stack*.txt
cmd: netsh advfirewall reset
emptytemp:
end::