cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/20/2015 10:31:16 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\winevrst\poolcnst.exe (PID: 3656) [WD-HEUR]
* C:\Windows\winevrst\hotsks.exe (PID: 3160) [WD-HEUR]
* C:\Windows\winevrst\hotsks.exe (PID: 620) [WD-HEUR]
* C:\Windows\winevrst\hotsks.exe (PID: 4912) [WD-HEUR]
* C:\Windows\winevrst\hotsks.exe (PID: 4128) [WD-HEUR]

5 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* BDESVC [Missing Service]
* wercplsupport [Missing Service]
* WerSvc [Missing Service]

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll : 249 856 : 02/02/2011 12:58 AM : 5ae8fd64fc69a242c572968e1d4e6eb2 [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_a5baf0f767e33083\uxtheme.dll : 249 856 : 07/14/2009 02:16 AM : 63bfdf555da2075a77d677829c3cccd0 [Pos Repl]

* C:\Windows\explorer.exe : 3 339 776 : 11/20/2010 10:29 PM : 51de1b8a83560c334c67ab989f002a19 [NoSig]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe : 2 616 320 : 11/20/2010 10:29 PM : 40d777b7a95e00593eb1568c68514493 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe : 3 339 776 : 11/20/2010 10:29 PM : 51de1b8a83560c334c67ab989f002a19 [Pos Repl]
+-> C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe : 2 616 320 : 07/17/2011 02:30 PM : 0fb9c74046656d1579a64660ad67b746 [Pos Repl]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 hlrcv.stage.adobe.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com

Program finished at: 03/20/2015 10:32:57 PM
Execution time: 0 hours(s), 1 minute(s), and 40 seconds(s)

Publicité


Signaler le contenu de ce document

Publicité