CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
URLSearchHook: [S-1-5-21-2083032084-1661666697-1190324921-1000] ATTENTION => URLSearchHook par défaut est absent
SearchScopes: HKU\S-1-5-21-2083032084-1661666697-1190324921-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
S3 eapihdrv; \??\C:\Users\Yoann\AppData\Local\Temp\ehdrv.sys [X] <==== ATTENTION
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Pas de fichier
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Pas de fichier
Shortcut: C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\SendTo\Bluetooth....lnk -> C:\Program Files\ASUS\Bluetooth Software\btsendto_explorer.exe (Pas de fichier)
Shortcut: C:\Users\Yoann\AppData\Roaming\IObit\Uninstall Programs.lnk -> C:\Program Files\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe (Pas de fichier)
C:\Program Files\IObit

StartRegedit:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
"USERINIT"="C:\\Windows\\System32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"
"Userinit"="C:\\Windows\\system32\\userinit.exe,"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
""=""%1" %*"
 EndRegedit:

CMD: cscript %windir%\System32\slmgr.vbs /dli
CMD: sc config MpsSvc start= auto
CMD: net start MpsSvc
CMD: sc config bfe start= auto
CMD: net start bfe
CMD: netsh winsock reset
RemoveProxy:
CMD: ipconfig /flushdns
CMD: bitsadmin /reset 
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V Enable /T REG_SZ /D n /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction" /V OptimizeComplete /T REG_SZ /D no /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon" /V PowerdownAfterShutdown /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management" /V ClearPageFileAtShutdown /T REG_DWORD /D 0 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V MenuShowDelay /T REG_SZ /D 400 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V WaitToKillAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V HungAppTimeout /T REG_SZ /D 1200 /f
Reg: REG ADD "HKEY_CURRENT_USER\Control Panel\Desktop" /V AutoEndTasks /T REG_SZ /D 1 /f
Reg: REG ADD "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control" /V WaitToKillServiceTimeout /T REG_SZ /D 1200 /f
c:\windows\temp\*.*
C:\Users\CurrentUserName\AppData\Local\Temp\*.*
C:\Windows\SoftwareDistribution\Download\ *
EmptyTemp: