cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþRkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/31/2015 09:36:19 PM in x64 mode.
Windows Version: Windows Se7en Titan

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\Windows\SysWOW64\ASGT.exe (PID: 1376) [WD-HEUR]

1 proccess terminated!

Possibly Patched Files.

* C:\Windows\Explorer.EXE

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
* HKLM\Software\Classes\.exe\shell found and deleted!


Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Pare-feu Windows (MpsSvc) is not Running.
Startup Type set to: Disabled

* Pilote d autorisation du Pare-feu Windows (mpsdrv) is not Running.
Startup Type set to: Manual

Searching for Missing Digital Signatures:

* C:\Windows\System32\UxTheme.dll : 332,288 : 04/14/2010 00:22 AM : 8bf20c54ffb37cfb960f708ffa813fa7 [NoSig]
+-> C:\Windows\SysWOW64\uxtheme.dll : 245,760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332,288 : 04/14/2010 00:22 AM : 8bf20c54ffb37cfb960f708ffa813fa7 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245,760 : 07/14/2009 02:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]

* C:\Windows\explorer.exe : 2,868,224 : 07/14/2009 02:39 AM : b6e7fee1cae4895cc6c644f0244f7591 [NoSig]
+-> C:\Windows\SysWOW64\explorer.exe : 2,614,272 : 10/31/2009 06:45 AM : 2626fc9755be22f805d3cfa0ce3ee727 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe : 2,868,224 : 07/14/2009 02:39 AM : b6e7fee1cae4895cc6c644f0244f7591 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe : 2,868,224 : 08/03/2009 07:17 AM : f170b4a061c9e026437b193b4d571799 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe : 2,868,224 : 07/14/2009 02:39 AM : b6e7fee1cae4895cc6c644f0244f7591 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe : 2,868,224 : 08/03/2009 07:19 AM : 700073016dac1c3d2e7e2ce4223334b6 [Pos Repl]
+-> C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe : 2,870,272 : 10/31/2009 07:38 AM : b8ec4bd49ce8f6fc457721bfc210b67f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe : 2,613,248 : 07/14/2009 02:14 AM : 15bc38a7492befe831966adb477cf76f [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe : 2,613,248 : 08/03/2009 06:35 AM : b95eeb0f4e5efbf1038a35b3351cf047 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe : 2,614,272 : 10/31/2009 06:45 AM : 2626fc9755be22f805d3cfa0ce3ee727 [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe : 2,613,248 : 08/03/2009 06:49 AM : 9ff6c4c91a3711c0a3b18f87b08b518d [Pos Repl]
+-> C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe : 2,614,272 : 10/31/2009 07:00 AM : c76153c7eca00fa852bb0c193378f917 [Pos Repl]

Checking HOSTS File:

* No issues found.

Program finished at: 07/31/2015 09:39:14 PM
Execution time: 0 hours(s), 2 minute(s), and 54 seconds(s)

Publicité


Signaler le contenu de ce document

Publicité