cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RSD\popwndexe.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\ravmond.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\rstray.exe
(Beijing Rising Information Technology Co., Ltd.) C:\Program Files (x86)\Rising\RAV\rstray64.exe
HKLM-x32\...\Run: [RavTRAY] => C:\Program Files (x86)\Rising\RAV\rstray.exe
FF Plugin-x32: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll
FF Plugin-x32: @sohu.com/npifox -> C:\Program Files (x86)\????\npifox.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2668632074-2093879084-647879344-1000: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll
DisableService: RsMgrSvc
DisableService: RsRavMon
DisableService: HyperVM
DisableService: rsutils
DisableService: sysmon
R2 RsMgrSvc; C:\Program Files (x86)\Rising\RSD\RsMgrSvc.exe
R2 RsRavMon; C:\Program Files (x86)\Rising\RAV\ravmond.exe
R1 HyperVM; C:\Windows\system32\drivers\hvm.sys
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys
C:\Windows\SysWOW64\vpatch.dll
C:\Windows\system32\ravext64.dll
C:\Windows\SysWOW64\ravext.dll
C:\Windows\system32\Drivers\hvm.sys
C:\Windows\SysWOW64\bsmain.exe
C:\Windows\system32\Drivers\sysmon.sys
C:\Windows\system32\Drivers\rsutils.sys
C:\Windows\system32\Drivers\rsndisp.sys
C:\rising.ini
C:\Windows\SysWOW64\BsMain.ini
RemoveDirectory: C:\Program Files (x86)\Rising
RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rising Software Deployment System
RemoveDirectory: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rising Antivirus
RemoveDirectory: C:\ProgramData\Rising
Replace: C:\Windows\winsxs\amd64_microsoft-windows-dns-client_31bf3856ad364e35_6.1.7601.17514_none_4008824c98f8edac\dnsapi.dll C:\Windows\System32\dnsapi.dll
Task: {04BD6B91-9EC4-4B8C-975D-E7BCFF9A697A} - \SidebarExecute -> Pas de fichier
Task: {1260F5AA-7CA9-4695-A24F-724FC658D866} - \CreateChoiceProcessTask -> Pas de fichier
Task: {2094ADD2-D35C-402C-AE1B-260BF01C35EB} - \{66A82291-9A5A-4FA6-A1AD-1016C9727AF9} -> Pas de fichier
Task: {2FC45936-FDC8-4EAB-B8ED-B44994820098} - \EPSON XP-412 413 415 Series Update {8CF4C242-58E5-47C2-8390-E8CF89DCA0C4} -> Pas de fichier
Task: {3614FBB1-9C2F-4E58-9B61-23CA7367A82D} - \{A2D5F6D2-AA50-4B17-8465-74CD93D41C10} -> Pas de fichier
Task: {44ED3D49-C646-4020-9DD6-4F025AE62988} - \EPSON XP-412 413 415 Series Invitation {8CF4C242-58E5-47C2-8390-E8CF89DCA0C4} -> Pas de fichier
Task: {4E656C55-BBE8-4CF7-B650-1238D39631F2} - System32\Tasks\RsDelayLauncher_{8A34248E-7D35-4832-8378-7659E0B0A380} => C:\Program Files (x86)\Rising\RAV\rsdelaylauncher.exe [2015-08-26] (Beijing Rising Information Technology Co., Ltd.)
Task: {6EE417CC-FCA6-495E-A5B2-E58CBA835972} - \Razer_Game_Booster_AutoUpdate -> Pas de fichier
Task: {7B1ACFDB-893B-495E-BD8A-EAEB54C1589B} - \{7F90B225-679A-4BE3-973D-F21911BF7AC3} -> Pas de fichier
Task: {906DE7A1-C159-48EC-A814-D59A7EA3841E} - \{253A1A69-160D-48DB-9D5C-CC545F27B9C5} -> Pas de fichier
Task: {AACDE860-6B11-4296-8626-562F9E6F6664} - \{97D2467F-9534-44FC-B221-CCDA0C957C97} -> Pas de fichier
Task: {B1215D2A-8A9E-425B-A4BD-61A3DF2336BB} - \CCleanerSkipUAC -> Pas de fichier
Task: {DE425459-0A1D-402A-86F2-B8B9325D8000} - \{62EB6DD0-E971-4BBA-8737-84AC802FB52B} -> Pas de fichier
Task: {F2FE24A3-FD56-4042-A602-465A335B1810} - \User_Feed_Synchronization-{84F51487-4AB2-4991-82E3-EE0257658D96} -> Pas de fichier
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:42DC4246
AlternateDataStreams: C:\ProgramData\Temp:AD022376
end

Publicité


Signaler le contenu de ce document

Publicité