start::
CreateRestorePoint:
CloseProcesses:
C:\Users\asus\AppData\Local\AdvinstAnalytics
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{223F4524-243C-4F34-AC94-84C3C9B332CC}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6DB35479-7B8A-4B07-BDC1-3E9900B1D805}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{99A2C996-3328-4289-BEA1-E8956B941BE6}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8D4AC1F3-3F6B-4DBB-8F4C-22B51B9EAC58}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{D2307CBF-A0B3-42B7-8BDA-324CAD70120B}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{3C21927B-1FA6-4348-9B8B-1B2CEAE31850}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BFA923E2-1A11-49C1-BEAD-BA1ABA05DC46}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{40CAFC49-514B-46F8-B9B8-599F1BAFC516}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E8016A3B-4297-4F4A-B199-A21EAE3AEF49}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BDECCDD7-6CFC-44F5-A8DC-E35208EBADFE}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{614BD604-F43F-4458-A1A1-C0EF1B566D94}"
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{018B9729-1899-4C4A-B60E-FD4B6770B297}"
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\FRST64.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\FRST64.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\adwcleaner_8.3.1.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\adwcleaner_8.3.1.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\MBSetup.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\MBSetup.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\SumatraPDF-3.3.3-64-install.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\SumatraPDF-3.3.3-64-install.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\notepad_8-3_fr_9567_32.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\notepad_8-3_fr_9567_32.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\db-installer.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\db-installer.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\DJP4100_DJ4100_2208H_2208I_2208J.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart_14_4_7.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs152b\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs152b\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart-13.6.5-DJP4100_51_4_4868_1_Webpack.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\DJP4100_DJ4100_2208H_2208I_2208J pilote.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs4177\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs4177\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs3b95\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs3b95\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs2563\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs2563\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs03fc\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs03fc\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs0574\enterprisedu.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs0574\enterprisedu.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPPSdr.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\AppData\Local\Temp\7zS78BD\HP.EasyStart.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\AppData\Local\Temp\7zS78BD\HP.EasyStart.exe.ApplicationCompany
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart_14_5_6.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\gimp-2.10.32-setup-1.exe.FriendlyAppName
DeleteValue: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\gimp-2.10.32-setup-1.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\FRST64.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\FRST64.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\ZHPCleaner.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\ZHPCleaner.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\adwcleaner_8.3.1.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\adwcleaner_8.3.1.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\MBSetup.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\MBSetup.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\SumatraPDF-3.3.3-64-install.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\SumatraPDF-3.3.3-64-install.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\notepad_8-3_fr_9567_32.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\notepad_8-3_fr_9567_32.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\db-installer.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\db-installer.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\DJP4100_DJ4100_2208H_2208I_2208J.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart_14_4_7.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs152b\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs152b\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart-13.6.5-DJP4100_51_4_4868_1_Webpack.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\DJP4100_DJ4100_2208H_2208I_2208J pilote.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs4177\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs4177\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs3b95\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs3b95\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs2563\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs2563\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs03fc\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs03fc\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs0574\enterprisedu.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\users\asus\appdata\local\temp\7zs0574\enterprisedu.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPPSdr.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\AppData\Local\Temp\7zS78BD\HP.EasyStart.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\AppData\Local\Temp\7zS78BD\HP.EasyStart.exe.ApplicationCompany
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\HPEasyStart_14_5_6.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\gimp-2.10.32-setup-1.exe.FriendlyAppName
DeleteValue: HKU\S-1-5-21-2095388371-1862013256-977239080-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache|C:\Users\asus\Desktop\gimp-2.10.32-setup-1.exe.ApplicationCompany
S3 MpKslb76b00db; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{488123C7-A82B-498E-88A5-800B43E54B9E}\MpKslDrv.sys [X]
FirewallRules: [{BC6A7C3C-B5B2-4901-B482-4E9C2F5A018D}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS69E2\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{C77B441D-CF73-4459-A577-CFE4D2922A3A}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS69E2\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{3CBC854C-0591-4172-BD3E-87954FB0F91E}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS291E\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{884116F9-18A1-4040-9D2A-6FA5B90237D1}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS291E\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{D358AD28-F0BE-47C3-99CB-592F524CB1A5}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS3049\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{F0CF10A3-D378-4DEF-9109-2ABFE2296365}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS3049\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{03BBEC30-C079-4D05-A62C-84E7C94A360E}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS71E6\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{7BE6B517-ADEE-40AC-AF29-ECFE7E6820E8}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS71E6\HPDiagnosticCoreUI.exe => Pas de fichier
FirewallRules: [{C9D7DD40-22B2-45BB-9DA1-A764B613C645}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS078B\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{468A690F-ACBD-4B05-ABAD-54D14F6B7687}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS78BD\HP.EasyStart.exe => Pas de fichier
FirewallRules: [{912B9892-6F33-49A5-9CF9-D7E8813DA3A3}] => (Allow) C:\Users\asus\AppData\Local\Temp\7zS7E91\HP.EasyStart.exe (HP Inc. -> HP)
EmptyTemp:
end::