start::
closeprocesses:
createrestorepoint:
ContextMenuHandlers4_S-1-5-21-1498443699-3671330023-4075071907-1001: [Fb2kShellExt] -> {511D48AF-9E45-4CB8-8F02-9C1BE4BC3CF8} => -> Pas de fichier 
AlternateDataStreams: C:\ProgramData\TEMP:15B79D44 [201]
AlternateDataStreams: C:\ProgramData\TEMP:ADAB671B [150]
AlternateDataStreams: C:\ProgramData\TEMP:D735933A [148]
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\Software\Classes\.cmd: => <==== ATTENTION
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" 
FirewallRules: [{00CE9BC3-D889-40D0-A64F-5CF9A1845D93}] => (Allow) Y:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier
FirewallRules: [{CFA83B6E-E739-4F72-AEF0-BCC01A14A130}] => (Allow) Y:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier
FirewallRules: [{8B6E6EEF-D76D-4CF5-A27E-DFBBDFDD00FB}] => (Allow) Y:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier
FirewallRules: [{F6D37ACB-A717-43CD-B400-BAA58AE0C344}] => (Allow) Y:\Network\EpsonNetSetup\ENEasyApp.exe => Pas de fichier 
FirewallRules: [{228DF4A3-9DA4-4046-8D4F-24DF07AE4AA0}] => (Allow) LPort=1900
FirewallRules: [{A6C8013D-6A7E-4C93-AAF7-A33BCC2B51A1}] => (Allow) LPort=7900
FirewallRules: [{96EEB210-9D2D-4CBC-8BBF-6ADE26AFC084}] => (Allow) LPort=24234
FirewallRules: [{87F61C7F-551D-4275-B8A8-8E46855DDF26}] => (Allow) LPort=7679
FirewallRules: [{C4D50675-43A3-4572-B6AD-5C36384F4F8B}] => (Allow) LPort=7676
FirewallRules: [{809C5A8A-CE56-4E35-BB01-AC9ED2632633}] => (Allow) LPort=8643
FirewallRules: [{0D292A59-3DDC-418D-9794-28ED4D53925C}] => (Allow) LPort=8743 
FirewallRules: [{9ABA5854-0CAD-4711-9BAE-04872E257AB4}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe => Pas de fichier
FirewallRules: [{1F2B691A-4E1F-4450-8B3D-AF19FAEF106A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier
FirewallRules: [{9169DFE0-49A3-487F-A180-446E2657AE4D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe => Pas de fichier
FirewallRules: [{74B45061-809E-4D75-A4D5-25A5A700A167}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe => Pas de fichier
FirewallRules: [{1A308125-DD4D-4FE5-BA70-A9910DBA565A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe => Pas de fichier 
FirewallRules: [{846EF0BF-28BB-40A0-BD7E-D34AB561700A}] => (Allow) LPort=2869
FirewallRules: [{E865CFA3-13AF-4B9E-85FE-B209650F364B}] => (Allow) LPort=1900 
FirewallRules: [{CBA63788-CF8A-4914-B04E-C5ADDBD2CF80}] => (Allow) C:\Program Files (x86)\Edrawsoft\EdrawMax (Français)\EdrawMax.exe enable=yes => Pas de fichier
FirewallRules: [{7B82E029-0059-41FC-8D21-DAFBC8F2E66E}] => (Allow) C:\Program Files (x86)\Edrawsoft\EdrawMax (Français)\EdrawMax.exe enable=yes => Pas de fichier
FirewallRules: [{C1E5B63E-10F7-479D-BAEF-FE86A55018EA}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe => Pas de fichier 
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0 
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\Run: [ScreenRec] => K:\ScreenRec_app\screenrec.exe (Pas de fichier) 
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1498443699-3671330023-4075071907-1001\...\MountPoints2: {17bb36dc-7267-11e6-b167-408d5c535350} - "P:\LaunchU3.exe" -a 
IFEO\CompatTelRunner.exe: [Debugger] %windir%\System32\taskkill.exe
IFEO\DeviceCensus.exe: [Debugger] %windir%\System32\taskkill.exe 
HKU\S-1-5-21-1498443699-3671330023-4075071907-1000\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\51.0.16.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nouveautés.lnk [2016-11-29]
ShortcutTarget: Nouveautés.lnk -> G:\- NOUVEAUTES () <==== ATTENTION [zéro octet Fichier/Dossier]
Startup: C:\Users\melom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Elements (N).lnk [2021-05-06]
ShortcutTarget: Elements (N).lnk -> N:\ () <==== ATTENTION [zéro octet Fichier/Dossier] 
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION 
Task: {06A9848F-B3ED-42BB-823D-948DBC2CDE74} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION 
Task: {478AEDE8-A06F-46C0-A94B-971FC634DCCC} - System32\Tasks\Office2010_KMS => C:\Windows\Act_Office14_KMS.exe -task (Pas de fichier) 
C:\Windows\Act_Office14_KMS.exe
Task: {9D2A8997-1E87-4516-AD43-3A3E63E8039D} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe (Pas de fichier) 
C:\WINDOWS\AutoKMS
Task: {A8EC68F1-854D-4AC9-B66C-7AC545485B4C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) 
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] 
FF Extension: (Pas de nom) - C:\Users\melom\AppData\Roaming\Mozilla\Firefox\Profiles\77dh8ae1.default-1471959329639\extensions\translator@zoli.bod.xpi [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Users\melom\AppData\Roaming\Mozilla\Firefox\Profiles\77dh8ae1.default-1471959329639\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [non trouvé(e)]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) 
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) 
U4 DcpSvc; pas de ImagePath
U4 HomeGroupListener; pas de ImagePath
U4 HomeGroupProvider; pas de ImagePath
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
U4 xbgm; pas de ImagePath 
emptytemp:
end::