start::
CreateRestorePoint:
CloseProcesses:
KLM Group Policy restriction on software: %systemroot%\system32\mrt.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{49FA0784-A872-44A9-9E3A-1459B7FF5139
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{49FA0784-A872-44A9-9E3A-1459B7FF5139
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{49FA0784-A872-44A9-9E3A-1459B7FF5139
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Maintenance\{49FA0784-A872-44A9-9E3A-1459B7FF5139
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{49FA0784-A872-44A9-9E3A-1459B7FF5139
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{49FA0784-A872-44A9-9E3A-1459B7FF5139
C:\Windows\System32\Tasks\App Explorer
C:\Users\Lambert\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
DeleteKey: HKCU\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
DeleteKey: HKCU\SOFTWARE\App Host Service
DeleteKey: HKU\S-1-5-21-3524029753-504368414-277914898-1001\SOFTWARE\App Host Service
C:\WINDOWS\Installer\12b9f5.msp
C:\WINDOWS\Installer\188a8a31.msp
C:\WINDOWS\Installer\1e8231ce.msp
C:\WINDOWS\Installer\2132b118.msp
C:\WINDOWS\Installer\29676ca7.msp
C:\WINDOWS\Installer\2bec2406.msp
C:\WINDOWS\Installer\365a6e16.msp
C:\WINDOWS\Installer\3842789a.msp
C:\WINDOWS\Installer\3e558170.msp
C:\WINDOWS\Installer\5ee2c335.msp
C:\WINDOWS\Installer\6254622.msp
C:\WINDOWS\Installer\7303a345.msp
C:\WINDOWS\Installer\933e524f.msp
C:\WINDOWS\Installer\a63b4b47.msp
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
DeleteKey: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
2019-01-10 21:37 - 2016-09-09 10:02 - 001681624 _____ (Acer Incorporated) C:\Users\Lambert\AppData\Local\Temp\AcerPortalSetup.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> Pas de fichier
Task: {18264FE3-9362-4783-B6C5-DA3F17A4D9B6} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier
EmptyTemp:
end::