start::
SystemRestore: On
closeprocesses:
createrestorepoint:
virustotal: C:\Users\Jack\AppData\Roaming\run.exe 
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft) 
C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION 
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION 
FF Plugin-x32: @qq.com/QQlive -> C:\Program Files (x86)\Tencent\QQLive\npQQLive.dll [Pas de fichier] 
S2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [X] 
C:\Program Files (x86)\Lavasoft
S3 Rockstar Service; "C:\Program Files (x86)\Steam\steamapps\common\RockstarService.exe" [X] 
S3 hsstap; \SystemRoot\System32\drivers\hsstap.sys [X] 
2023-03-10 11:14 - 2022-12-01 12:50 - 000000000 ____D C:\Users\Jack\AppData\Roaming\Lavasoft
2023-03-10 11:14 - 2022-12-01 12:50 - 000000000 ____D C:\Users\Jack\AppData\Local\Lavasoft
2023-03-10 11:14 - 2022-12-01 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2023-03-10 11:14 - 2022-12-01 12:50 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-03-10 11:14 - 2022-12-01 12:49 - 000000000 ____D C:\ProgramData\Lavasoft 
HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe" 
HKLM\...\StartupApproved\Run32: => "Aimersoft Helper Compact.exe" 
cmd: netsh advfirewall reset
emptytemp:
end::