start::
closeprocesses:
createrestorepoint:
CustomCLSID: HKU\S-1-5-21-667513086-155113827-4152257402-1001_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> D:\SYSTEM\Logiciel installation\Autodesk\3ds Max 2020\Inventor Server\Bin\TestServer.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-667513086-155113827-4152257402-1001_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> D:\SYSTEM\Logiciel installation\Autodesk\3ds Max 2020\Inventor Server\Bin\TestServer.dll => Pas de fichier
CustomCLSID: HKU\S-1-5-21-667513086-155113827-4152257402-1001_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> D:\SYSTEM\Logiciel installation\Autodesk\3ds Max 2020\Inventor Server\Bin\TestServer.dll => Pas de fichier
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`29hfm [0]
IE trusted site: HKU\S-1-5-21-667513086-155113827-4152257402-1001\...\webcompanion.com -> hxxp://webcompanion.com
HKU\S-1-5-21-667513086-155113827-4152257402-1001\...\StartupApproved\Run: => "Web Companion"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
FirewallRules: [{0C98CBE1-E6E8-408D-A794-3C93F155429F}] => (Allow) C:\WINDOWS\system32\winrmsrv.exe => Pas de fichier
FirewallRules: [UDP Query User{D5284ECC-D2F4-4D5E-B3BB-C5E993C09D82}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{EECDDCE1-4CA3-40B8-8E02-9BCFA4CA3780}C:\program files (x86)\arduino\java\bin\javaw.exe] => (Allow) C:\program files (x86)\arduino\java\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{72DA73E8-2BAB-427A-963E-2540A98928C8}C:\users\cleme\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\cleme\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe => Pas de fichier
FirewallRules: [TCP Query User{BE1A73D8-22EF-4E80-A4FA-76E8BA4A0D40}C:\users\cleme\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe] => (Allow) C:\users\cleme\appdata\roaming\arduinocreateagent-1.1\arduino_create_bridge.exe => Pas de fichier
FirewallRules: [{387FFEA6-EC27-4215-997A-7573BFBBAFE2}] => (Allow) D:\SYSTEM\Jeux installation\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Pas de fichier
FirewallRules: [{E02EE8DC-F1E7-4A73-9FAC-D9C93ADC1F89}] => (Allow) D:\SYSTEM\Jeux installation\steamapps\common\rocketleague\Binaries\RocketLeague.exe => Pas de fichier
FirewallRules: [{24730AED-697D-4072-948A-9E953793FB51}] => (Block) D:\SYSTEM\Logiciel installation\Autodesk\Revit 2017 ()
FirewallRules: [{F63C0FD6-353D-449E-BB6B-5BF571828EAE}] => (Block) D:\SYSTEM\Logiciel installation\Autodesk\Revit 2017\Revit.exe => Pas de fichier
FirewallRules: [{62C71715-D5E6-4979-98A6-11C9E2472A0C}] => (Allow) D:\SYSTEM\Jeux installation\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{372CD403-7BD0-4C58-8F43-E444BEAEFB6E}] => (Allow) D:\SYSTEM\Jeux installation\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
Task: {0123AAD0-A978-4E37-905D-C7B514E1039C} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\winrmsrv => winrmsrv.exe <==== ATTENTION
Task: {17969473-D075-4E4B-9976-CD7FCA631D56} - System32\Tasks\Microsoft\Windows\WDI\SrvHost => rundll32.exe winscomrssrv.dll,SrvMainHost <==== ATTENTION
Task: {254FCFDE-32D1-4117-B41F-D51FF65F0668} - System32\Tasks\Microsoft\Windows\Application Experience\StartupCheckLibrary => rundll32.exe StartupCheckLibrary.dll,DllMainRunLibrary <==== ATTENTION
Task: {9D4076A5-06CA-49DD-9523-DB2E62766F57} - System32\Tasks\Microsoft\Windows\Wininet\Winlogui => winlogui.exe <==== ATTENTION
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-01-30] (Disc Soft Ltd -> Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-01-30] (Disc Soft Ltd -> Disc Soft Ltd)
C:\WINDOWS\system32\winscomrssrv.dll
C:\WINDOWS\system32\winrmsrv.exe
emptytemp:
end::