Anda di halaman 1dari 6

Reanimator (reanimator.

exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal:

jsp->sPath: Settings.Enabled
jsp->sVal: false

jsp->sPath: RegistrationInfo.Description
jsp->sVal: This task keeps your Adobe Reader and Acrobat applications up to date
with the latest enhancements and security fixes

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program Files (x86)\Baidu Security\Baidu
Antivirus\5.4.3.148966.0\BavUpdater.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: -tasksch

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Glary Utilities 5\Initialize.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal:

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Glary Utilities 5 Initialization

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Glary Utilities 5\OneClickMaintenance.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /schedulestart

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Execute 1-Click Maintenance at a scheduled time.

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /c

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Keeps your Google software up to date. If this task is disabled or
stopped, your Google software will not be kept up to date, meaning security
vulnerabilities that may arise cannot be fixed and features may not work. This task
uninstalls itself when there is no Google software using it.

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /ua /installsource scheduler

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Keeps your Google software up to date. If this task is disabled or
stopped, your Google software will not be kept up to date, meaning security
vulnerabilities that may arise cannot be fixed and features may not work. This task
uninstalls itself when there is no Google software using it.

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Glary Utilities 5\Integrator.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: $(Arg0)

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files\Intel\Telemetry 2.0\lrio.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal:

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Uploader for the Intel(R) Product Improvement Program.

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: %windir%\system32\sc.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: START ImControllerService
jsp->sPath: Settings.Enabled
jsp->sVal:

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: %windir%\System32\reg.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t
reg_dword /d 1 /f /reg:32

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program
Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /timebasedeventtrigger 5797e161-ceee-48ec-afe4-0f782333c680

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: <?xml version="1.0" encoding="utf-16"?> <SubscribedEvent
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" monitor="TimeBasedMonitor"
runas="User" plugin="LenovoCompanionAppPlugin" trigger="TimeBaseChange">
<Parameter><![CDATA[<?xml version="1.0" encoding="utf-16"?>
<TimeBasedEventSubscription> <FriendlyName>RunDailyEvent</FriendlyName>
<OOBEProximity>false</OOBEProximity> <RepeatIntervalUnit>Daily</RepeatIntervalUnit>
<RepeatInterval>1</RepeatInterval> <StartDateTime>2016-01-
31T12:00:10</StartDateTime> </TimeBasedEventSubscription>]]></Parameter>
</SubscribedEvent><!-- 1.0.0.2>

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program
Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /timebasedeventtrigger 680e1e94-8c14-4422-bdf2-d4379e014b38

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: <?xml version="1.0" encoding="utf-16"?> <SubscribedEvent
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" monitor="TimeBasedMonitor"
runas="user" plugin="GenericMessagingPlugin" trigger="TimeBaseChange">
<Parameter><![CDATA[<?xml version="1.0" encoding="utf-16"?>
<TimeBasedEventSubscription> <FriendlyName>RunDailyEvent</FriendlyName>
<OOBEProximity>false</OOBEProximity> <RandomDelay>PT2H</RandomDelay>
<RepeatIntervalUnit>Daily</RepeatIntervalUnit> <RepeatInterval>1</RepeatInterval>
<StartDateTime>2016-01-31T14:00:15</StartDateTime>
</TimeBasedEventSubscription>]]></Parameter> </SubscribedEvent><!-- 1.0.0.2>

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program
Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /timebasedeventtrigger 6c413404-6ab8-4ca3-8309-02b2390616d0

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: <?xml version="1.0" encoding="utf-16"?> <SubscribedEvent
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" monitor="TimeBasedMonitor"
runas="System" plugin="GenericTelemetryPlugin" trigger="TimeBaseChange">
<Parameter><![CDATA[<?xml version="1.0" encoding="utf-16"?>
<TimeBasedEventSubscription> <FriendlyName>RunDailyEvent</FriendlyName>
<OOBEProximity>false</OOBEProximity> <RandomDelay>PT3H</RandomDelay>
<RequireNetworkConnection>true</RequireNetworkConnection>
<RepeatIntervalUnit>Daily</RepeatIntervalUnit> <RepeatInterval>3</RepeatInterval>
<StartDateTime>2016-01-31T09:00:10</StartDateTime>
</TimeBasedEventSubscription>]]></Parameter> </SubscribedEvent><!-- 1.0.0.2>

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: {}

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\Smadav\SM?RTP.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: rtp

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Smadav

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: /CM -search C -action INSTALL -includerebootpackages 1,3,4 -noicon
-noreboot -nolicense -defaultupdate -schtask

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: PendingTask

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Program Files (x86)\UnHackMe\hackmon.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: $(Arg0)

jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Part of RegRun Suite/UnHackMe software. http://www.greatis.com

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: "C:\Windows\System32\Wscript.exe"

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\task.vbs"

jsp->sPath: Settings.Enabled
jsp->sVal:

jsp->sPath: RegistrationInfo.Description
jsp->sVal:

Reanimator (reanimator.exe): before new SimJSON


jsp->sPath: Actions.Exec.Command
jsp->sVal: C:\Windows\system32\msfeedssync.exe

jsp->sPath: Actions.Exec.Arguments
jsp->sVal: sync
jsp->sPath: Settings.Enabled
jsp->sVal: true

jsp->sPath: RegistrationInfo.Description
jsp->sVal: Updates out-of-date system feeds.