start::
CreateRestorePoint:
CloseProcesses:
Hosts:
RemoveProxy:
SearchScopes: HKU\S-1-5-21-1731943604-1668113736-1730321217-1001 -> DefaultScope {7E6DB2BD-8338-40AB-8BEE-03A78576F980} URL = hxxps://ca.search.yahoo.com/search?fr=
SearchScopes: HKU\S-1-5-21-1731943604-1668113736-1730321217-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1731943604-1668113736-1730321217-1001 -> {7E6DB2BD-8338-40AB-8BEE-03A78576F980} URL = hxxps://ca.search.yahoo.com/search?fr=
Task: {0A8D6A81-C70B-45AA-9949-DB6F7B3644C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier
Task: {157363F6-3FE2-461A-92BE-66BC9445DF5A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier
Task: {230F40C5-C856-4FEA-B172-57B9B66E9737} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier
Task: {65C61F42-4239-4123-9431-EA2B4BF46034} - System32\Tasks\{16B52246-FFB7-4F59-83D1-0747EE2449F0} => C:\Windows\system32\pcalua.exe -a C:\Users\Ducrot\AppData\Local\Temp\Temp1_VirtualDubMod_1_5_10_2_All_inclusive.zip\AuxSetup.exe 
Task: {6E6D8538-53F4-4638-9FC1-5580972CD05D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier
Task: {75093336-F673-4656-8FB5-DDBFB004C2A7} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier 
Task: {9DEDE3F9-6AC0-4C96-8635-47DC38F4E286} - \McAfee\McAfee Idle Detection Task -> Pas de fichier 
Task: {A24DCE74-A624-4015-91BB-EA8338551319} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier
Task: {AEF09354-307A-4B1F-9D89-3638E7EA371F} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier
Task: {B6C31A76-A70E-46B6-936D-CD1AF6BF9464} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier
Task: {C92CEB57-880A-4C67-9704-BCC3A071D595} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier
Task: {D29E80BC-890E-4384-AA95-D236AA105A1B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier
Task: {E9B83C7E-C889-4FD3-B940-96EF0639FB67} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier
Task: {F376A7B8-7FB2-4A01-A3F5-D9E1B2D52120} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier 
Task: {F6D15D08-B099-4CC1-BEF2-9FA53AC8C16F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier
Task: {FF658343-7DAE-44F3-83AF-C2BBA411ADAF} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier
CHR StartupUrls: Default -> "hxxp://mysearch.sweetpacks.com/?barid={43936DA7-1273-11E3-9F4D-5CF9DD6C9DF3}&src=10&crg=
CHR DefaultSearchKeyword: Default -> mcafee
2019-06-22 17:28 - 2019-06-22 17:32 - 000000000 ____D C:\ProgramData\OneSafe PC Cleaner
2019-06-22 11:20 - 2019-06-22 11:20 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{5CEFD1F3-3C38-48D0-9AE8-D934AEA02125}
2019-06-21 19:44 - 2019-06-21 19:44 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{882AAB13-D508-467A-BE5A-CC66CE3CDBBC}
2019-06-20 22:15 - 2019-06-20 22:15 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{E12D84B3-4177-480C-BAA9-75423D3E1F2D}
2019-06-19 22:12 - 2019-06-19 22:12 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{BDEFE069-F136-4675-8E51-B696F408A46E}
2019-06-16 22:21 - 2019-06-16 22:21 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{CB68A535-BDED-4CBF-80F8-68ED261D733C}
2019-06-16 08:16 - 2019-06-16 08:16 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{6C1BB5DE-C8D2-4FB6-8C89-FA2F978AAF4F}
2019-06-14 15:37 - 2019-06-14 15:37 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{F18ECF1A-F180-42CA-BEDE-834DC4C363A7}
2019-06-11 14:43 - 2019-06-11 14:43 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{16533832-18F1-435E-8D86-F8114C43AC40}
2019-06-09 22:10 - 2019-06-09 22:10 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{1AF7CE2B-6932-4B40-A39D-080B9D4A6CDF}
2019-06-07 22:56 - 2019-06-07 22:56 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{C5EA3A9F-7311-429B-9047-B4916637B701}
2019-06-06 22:18 - 2019-06-06 22:18 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{F50F480C-5B32-4601-9921-CCF8AA46D085}
2019-06-05 22:20 - 2019-06-05 22:20 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{359BF855-034F-40C4-BD8F-B030EE228D18}
2019-06-04 22:11 - 2019-06-04 22:11 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{A357CF3C-4771-44A0-9C99-31B4FC055EB2}
2019-06-03 22:30 - 2019-06-03 22:30 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{74CA50B2-A005-4013-B22F-EBF07F0BAF72}
2019-06-03 08:40 - 2019-06-03 08:40 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{F9C83F16-4059-4EE9-8135-2B445FE12EA1}
2019-06-01 22:51 - 2019-06-01 22:51 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{A3B9DBD0-93C1-45E4-8C59-021EB4B0052C}
2019-05-30 11:35 - 2019-05-30 11:35 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{A42002C3-A3F7-4B09-AC26-D73C41CCFE2B}
2019-05-28 22:23 - 2019-05-28 22:23 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{4A2CB63E-9F3F-4108-9BE0-731A5C29FB37}
2019-05-26 22:19 - 2019-05-26 22:19 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{C827B615-AC4A-40CA-9B50-F7D142A95B91}
2019-05-25 17:24 - 2019-05-25 17:24 - 000000000 ____D C:\Users\Ducrot\AppData\Local\{67F72817-7C62-4740-BCD8-9C7E0F3BD6F4}
EmptyTemp:
cmd: ipconfig /flushdns
end::