start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-2923509551-1414757150-1392920946-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7379744 2018-10-10] (Lavasoft) 
AppInit_DLLs-x32: c:\progra~2\browse~1\sprote~1.dll => Pas de fichier 
BootExecute: autocheck autochk * sdnclean64.exe 
ProxyServer: [S-1-5-21-2923509551-1414757150-1392920946-1000] => :0 
2017-10-06 13:42 - 2017-10-06 13:42 - 004096000 _____ () C:\Program Files (x86)\GUT7928.tmp 
Task: {09C0D927-611C-4AC4-8190-AA187F418E7A} - System32\Tasks\{9CF6DDC9-B595-4EF1-A5B7-C5635D59E7FF} => D:\AutoRun.exe 
Task: {2127E6E3-0C49-4F5A-BD45-90E3FCDE8ED5} - System32\Tasks\{1F7ADE5B-128A-4F53-9D83-EA5882EA8CD2} => D:\Setup.exe 
Task: {2E59BA96-F18C-4F93-AABF-9B33B5EBEB3B} - System32\Tasks\{CD5FEE81-21EF-4F7A-8D5D-97A50C3173B0} => D:\AutoRun.exe 
Task: {52A2F744-FEF0-470B-B86E-142810D06043} - System32\Tasks\{27D07BBB-FE32-4233-AF75-2D64D816B70F} => D:\Setup.exe 
Task: {6480172B-2281-4593-BB5A-3935F4F884EB} - System32\Tasks\{3CDAA51B-86A7-44D4-93BB-AC0CD13A532C} => D:\AutoRun.exe 
Task: {7DA0F8DB-37B2-4A9E-879F-5F709115828B} - System32\Tasks\{3EDA1AE5-A740-4A64-9792-C4E2CFBB041D} => D:\AutoRun.exe 
Task: {7E3F890F-E1F8-45F6-AF34-3DB1EC4387AB} - System32\Tasks\{6BB97F17-53AE-4C64-9BDB-BEA07F86BC69} => D:\AutoRun.exe 
Task: {86ABA890-A852-4DA6-BEE4-85A191CA04F2} - System32\Tasks\{2000729D-20D6-4E34-8BA7-03088E1C52CC} => D:\AutoRun.exe 
Task: {9407EEBB-2F31-4E39-8DB0-E20C6A88D5A9} - System32\Tasks\{0099E37A-3B00-4F51-B49A-4B49E7952AC0} => D:\AutoRun.exe 
Task: {9F6C9EE3-F61C-49F4-A4CA-7F593161268F} - System32\Tasks\{BAA0D137-C5E9-4548-844B-0DC9998262F4} => D:\AutoRun.exe 
Task: {A5BC5F04-B3B8-4CFF-BC06-C31F72231B7D} - System32\Tasks\{6A9CBDA4-CBC1-4647-9472-5CE196AC7A9B} => D:\AutoRun.exe 
Task: {CA08F974-FF07-4B14-9E38-75468719A79F} - System32\Tasks\{E9B119FC-DE71-4671-92E2-33D475088D32} => D:\AutoRun.exe 
Task: {FD6296E3-44BF-4B97-A0FD-C71819632557} - System32\Tasks\{0AA974AA-57CE-4126-A4FE-854DD459C3F3} => D:\AutoRun.exe 
Task: {FFE9FCAD-7796-41CC-89F3-D3DD00C89777} - System32\Tasks\{30960512-DA69-490E-A20F-E97AE93783B7} => D:\AutoRun.exe 
C:\Program Files (x86)\Lavasoft\Web Companion
AlternateDataStreams: C:\ProgramData\TEMP:D5C946C5 [366] 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost 
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com 
IE trusted site: HKU\S-1-5-21-2923509551-1414757150-1392920946-1000\...\localhost -> localhost 
IE trusted site: HKU\S-1-5-21-2923509551-1414757150-1392920946-1000\...\webcompanion.com -> hxxp://webcompanion.com 
Removeproxy:
emptytemp:
end::