start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
SearchScopes: HKLM -> DefaultScope la valeur est absente
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1169501035-4027963013-1913949792-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
R2 TeamViewer; c:\users\foot\appdata\local\temp\teamviewer\TeamViewer_Service.exe [8539376 2017-08-29] (TeamViewer GmbH) <==== ATTENTION
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1000824 2018-05-14] 
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2018-05-14] 
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2018-05-14] 
2018-08-07 16:40 - 2018-08-07 16:40 - 000000000 __SHD C:\found.004
2014-03-19 16:19 - 2015-12-03 18:45 - 000010240 _____ () C:\Users\nicole\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-31 16:25 - 2013-01-31 16:25 - 034233908 _____ () C:\Users\nicole\AppData\Local\SelfExtractible.zip
2016-06-02 16:21 - 2016-06-02 16:21 - 000000000 _____ () C:\Users\nicole\AppData\Local\{D4CB06D6-DB70-4D48-9C49-D3AC20708061}
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Pas de fichier
Task: {0318699F-F873-4AD7-B500-1A22F10E30A3} - System32\Tasks\{FD24449D-356E-4044-8A1E-F922F04C54EC} => C:\Windows\system32\pcalua.exe -a C:\Users\nicole\Downloads\TWEE_French_language_pack.exe 
Task: {12F55FB3-28EE-41F5-82B1-2AE437EA2FA7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {12F55FB3-28EE-41F5-82B1-2AE437EA2FA7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe
Task: {13A82AA7-7FB7-4E43-B2EA-2DA33A852684} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe
AlternateDataStreams: C:\ProgramData\Temp:1B8EAE46 [764]
AlternateDataStreams: C:\ProgramData\Temp:20BC9A76 [798]
AlternateDataStreams: C:\ProgramData\Temp:32ED0002 [742]
AlternateDataStreams: C:\ProgramData\Temp:4220A65C [810]
AlternateDataStreams: C:\ProgramData\Temp:57D798E9 [802]
AlternateDataStreams: C:\ProgramData\Temp:6094C43B [806]
AlternateDataStreams: C:\ProgramData\Temp:62104CAC [776]
AlternateDataStreams: C:\ProgramData\Temp:94C8B75E [794]
AlternateDataStreams: C:\ProgramData\Temp:9D67E54C [776]
AlternateDataStreams: C:\ProgramData\Temp:CBBDB394 [754]
AlternateDataStreams: C:\ProgramData\Temp:DF695222 [816]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
cmd: ipconfig /flushdns
end::