cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

start
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [RSDTRAY] => "C:\Program Files (x86)\Rising\RSD\popwndexe.exe"
HKLM-x32\...\Run: [RavTRAY] => "C:\Program Files (x86)\Rising\RAV\RSTRAY.EXE" -system
ShellIconOverlayIdentifiers: [.QMDeskTopGCIcon] -> {B7667919-3765-4815-A66D-98A09BE662D6} => Pas de fichier
GroupPolicy: Restriction - Chrome
CHR HKLM\SOFTWARE\Policies\Google: Restriction
FF Plugin HKU\S-1-5-21-1954667527-477498737-3148977769-1000: @rising.com.cn/nprising -> C:\Program Files (x86)\Rising\RAV\nprising.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
DisableService: HyperVM
DisableService: rsutils
DisableService: sysmon
S3 catchme; \??\C:\Users\MATISS~1\AppData\Local\Temp\catchme.sys [X]
R1 HyperVM; C:\Windows\system32\drivers\hvm.sys [41784 2015-08-18] (Beijing Rising Information Technology Co., Ltd.)
R1 rsutils; C:\Windows\System32\DRIVERS\rsutils.sys [71760 2015-08-18] (Beijing Rising Information Technology Co., Ltd.)
R0 sysmon; C:\Windows\System32\DRIVERS\sysmon.sys [119256 2015-08-18] (Beijing Rising Information Technology Co., Ltd.)
C:\Windows\system32\drivers\hvm.sys
C:\Windows\System32\DRIVERS\rsutils.sys
C:\Windows\System32\DRIVERS\sysmon.sys
2015-10-12 12:33 - 2015-10-29 18:46 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-10-30 23:38 - 2015-10-30 23:38 - 00003388 _____ C:\Windows\System32\Tasks\wcrq5fzw
2015-10-30 23:38 - 2015-10-30 23:38 - 00003388 _____ C:\Windows\System32\Tasks\4t54wimn
RemoveDirectory: C:\Program Files (x86)\Rising
RemoveDirectory: C:\ProgramData\Rising
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Task: {33244CED-B034-4C03-BE49-D7CBDC72EC51} - System32\Tasks\wcrq5fzw => C:\Program Files\Common Files\l4hbreyf\173aespkonuig.exe
Task: {8035BF2A-9CB6-4D02-9A12-C6ED57C449C5} - System32\Tasks\4t54wimn => C:\Program Files\Common Files\ln45wl4b\2fc68p2vlt0dj.exe
EmptyTemp:
end

Publicité


Signaler le contenu de ce document

Publicité