start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
EmptyTemp:
HKU\S-1-5-21-4060953406-1969563975-352936128-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [7511384 2019-05-09]
GroupPolicy: Restriction ? <==== ATTENTION
Task: {1A384F28-931D-4C00-B6F0-7A3F0E6FFE8C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier 
Task: {1DC4A23A-D055-4307-B614-67691C805091} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier 
Task: {35998AB4-997B-4514-B79B-28239ED9081D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier 
Task: {3D041B75-BFFB-45F0-BFC9-0C399DC210B4} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier
Task: {4A02F3D5-E245-467C-916A-01D21ADE132F} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier
Task: {65578A14-C2C6-4D22-9074-8343C09EFE8F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier
Task: {716ACF99-4C95-44C7-86A6-A75D3F93645D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier
Task: {826ABDA9-345A-460A-BFE2-89C19A22356D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier 
Task: {830B3387-9553-44E2-BD38-D19518F759CE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier
Task: {860A2E06-A39A-4E14-B5D9-A691F2AA81D6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier
Task: {9497E2AB-6CF3-4050-A6B5-13DBA759CC2F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier
Task: {B2452371-77E9-45C8-8EF0-15E1904E5343} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier
Task: {E4B0E3DC-FDF8-42BB-81D7-E1480EC28A16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier
2019-05-09 13:25 - 2019-05-20 17:02 - 000000000 ____D C:\Users\Panda Man\AppData\Local\BitTorrentHelper
2019-05-09 13:25 - 2019-05-09 13:25 - 000000000 ____D C:\Users\Panda Man\AppData\Roaming\Lavasoft
2019-05-09 13:25 - 2019-05-09 13:25 - 000000000 ____D C:\Users\Panda Man\AppData\Local\Lavasoft
2019-05-09 13:25 - 2019-05-09 13:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2019-05-09 13:25 - 2019-05-09 13:25 - 000000000 ____D C:\ProgramData\Lavasoft
2019-05-09 13:25 - 2019-05-09 13:25 - 000000000 ____D C:\Program Files (x86)\Lavasoft
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{8A589AFF-8DA8-49C5-B89B-20C9DF31F2B7}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.30.5\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-4060953406-1969563975-352936128-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Panda Man\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => Pas de fichier
IE trusted site: HKU\S-1-5-21-4060953406-1969563975-352936128-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-4060953406-1969563975-352936128-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4060953406-1969563975-352936128-1001\...\StartupApproved\Run: => "Web Companion"
cmd: ipconfig /flushdns
end::