cjoint

Publicité


Publicité

Commentaire : Format du document : text/plain script ZHPFix FirewallRaz EmptyPrefetch EmptyTemp EmptyFlash [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-1-6] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-1-6.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-1-7] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-1-7.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-4] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-4.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-5] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-5.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-5_user] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-5.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-6] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-6.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [3a540345-be26-4600-9c18-f903676ed2d9-7] (...) -- C:\Program Files (x86)\SensePlus\3a540345-be26-4600-9c18-f903676ed2d9-7.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-1-6] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-1-6.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-1-7] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-1-7.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-4] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-4.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-5] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-5.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-5_user] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-5.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-6] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-6.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-7] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\iWebar\bde0fa2f-8bd3-4933-b3e3-4b147c7634ff-7.exe (.not file.) [0] =>Adware.CrossRider [MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineCore] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (.not file.) [0] =>PUP.GlobalUpdate [MD5.00000000000000000000000000000000] [APT] [globalUpdateUpdateTaskMachineUA] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe (.not file.) [0] =>PUP.GlobalUpdate O43 - CFD: 2015/07/04 18:46:43 - [0] D -- C:\Program Files (x86)\1c16601e-30d4-42c2-ac21-97d87eb52e96 =>Adware.CrossRider O43 - CFD: 2015/07/04 18:46:43 - [0] D -- C:\Program Files (x86)\e4292541-ba7b-4acc-a37c-71a795556ab5 =>Adware.CrossRider O43 - CFD: 2015/07/03 04:27:33 - [] D -- C:\Users\nabil\AppData\Local\CrashRpt =>SUP.CrashReports O69 - SBI: prefs.js [nabil - fmzadsza.default] user_pref("browser.search.searchengine.desc", "this is my first firefox searchEngine"); =>PUP.SearchEngine O69 - SBI: prefs.js [nabil - fmzadsza.default] user_pref("browser.search.searchengine.ptid", "smt"); =>PUP.SearchEngine O69 - SBI: prefs.js [nabil - fmzadsza.default] user_pref("browser.search.searchengine.uid", "WDCXWD7500AARS-00Y5B1_WD-WCAV5T28975189751"); =>PUP.SearchEngine C:\Program Files (x86)\1c16601e-30d4-42c2-ac21-97d87eb52e96 =>Adware.CrossRider C:\Program Files (x86)\e4292541-ba7b-4acc-a37c-71a795556ab5 =>Adware.CrossRider C:\Users\nabil\AppData\Local\CrashRpt =>SUP.CrashReports Read more at http://www.cjoint.com/c/EGesg3YYLNW#Rv5mE2Yeuk0h1kd1.99

Format du document : text/plain

Prévisualisation

ÿþRkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/06/2015 12:42:39 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Possibly Patched Files.

* C:\WINDOWS\system32\spoolsv.exe

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Reparse Point/Junctions Found (Most likely legitimate)!

* C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
* C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

* Centre de sécurité (wscsvc) is not Running.
Startup Type set to: Disabled

* mnmsrvc [Missing ImagePath]

Searching for Missing Digital Signatures:

* C:\WINDOWS\System32\es.dll : 243 200 : 03/09/2006 08:24 AM : d9cdb9380e0efc9e97cc589b5f484b94 [NoSig]

* C:\WINDOWS\System32\linkinfo.dll : 19 968 : 03/09/2006 08:24 AM : 8d9a075c065dfe1228688d10155d6624 [NoSig]

* C:\WINDOWS\System32\mshtml.dll : 3 077 120 : 04/21/2006 04:40 PM : 6df21ba445b9491943853290b0aac74f [NoSig]

* C:\WINDOWS\System32\netman.dll : 197 632 : 03/09/2006 08:25 AM : 0d55724d88488bbfc53bc2ea219240f3 [NoSig]

* C:\WINDOWS\System32\ntkrnlpa.exe : 2 058 880 : 05/09/2006 08:11 AM : 73fa9c95d235844a36968c7852c7dbdd [NoSig]

* C:\WINDOWS\System32\ntoskrnl.exe : 2 181 376 : 03/09/2006 08:25 AM : 63729dd0f2aae36cc52b89c05505146c [NoSig]

* C:\WINDOWS\System32\ole32.dll : 1 284 608 : 03/09/2006 08:25 AM : 1c43c758c54c768250107f4c5d7ca054 [NoSig]

* C:\WINDOWS\System32\rpcss.dll : 397 824 : 03/09/2006 08:25 AM : cb7d37602638369a516757e994cbb31d [NoSig]

* C:\WINDOWS\System32\sfcfiles.dll : 1 548 288 : 03/09/2006 09:40 AM : e51172e3c82d76fcc02001d0ff41a1a1 [NoSig]

* C:\WINDOWS\System32\spoolsv.exe : 57 856 : 03/09/2006 08:25 AM : da81ec57acd4cdc3d4c51cf3d409af9f [NoSig]

* C:\WINDOWS\System32\tapisrv.dll : 249 344 : 03/09/2006 08:25 AM : 720da0c9db8996ad9b7f5164b2242daa [NoSig]

* C:\WINDOWS\System32\user32.dll : 578 048 : 03/09/2006 08:25 AM : 0df75fb73f705b011630159a43d7c354 [NoSig]

* C:\WINDOWS\System32\UxTheme.dll : 219 648 : 04/03/2006 04:26 PM : 2c258acab6bdafe4a22001ffc526add0 [NoSig]

* C:\WINDOWS\System32\wdigest.dll : 49 152 : 04/19/2006 11:42 AM : 2feebb2265c593f00f61ce03f61ca864 [NoSig]

* C:\WINDOWS\System32\wininet.dll : 667 648 : 04/12/2006 06:13 PM : 241dbc4c2714b2f39afded49459ed420 [NoSig]

* C:\WINDOWS\System32\drivers\aec.sys : 142 464 : 05/27/2005 08:14 PM : 1ee7b434ba961ef845de136224c30fec [NoSig]

* C:\WINDOWS\System32\drivers\http.sys : 262 400 : 03/09/2006 08:24 AM : bfb7b73c942e816c4fb4a5a7bae87136 [NoSig]

* C:\WINDOWS\System32\drivers\ipnat.sys : 134 912 : 03/09/2006 08:24 AM : e2168cbc7098ffe963c6f23f472a3593 [NoSig]

* C:\WINDOWS\System32\drivers\mrxsmb.sys : 451 712 : 03/09/2006 08:24 AM : 1b9329a08b56963db7f36b1a364d63ac [NoSig]

* C:\WINDOWS\System32\drivers\mup.sys : 104 704 : 03/09/2006 08:25 AM : f66b6b1cddee6ca87cefc016eb7a0d8e [NoSig]

* C:\WINDOWS\System32\drivers\ndisuio.sys : 14 592 : 04/19/2005 08:54 PM : 8d3ce6b579cde8d37acc690b67dc2106 [NoSig]

* C:\WINDOWS\System32\drivers\rdbss.sys : 174 592 : 03/09/2006 08:25 AM : 809ca45caa9072b3176ad44579d7f688 [NoSig]

* C:\WINDOWS\System32\drivers\rdpwd.sys : 139 528 : 03/09/2006 08:25 AM : b54cd38a9ebfbf2b3561426e3fe26f62 [NoSig]

* C:\WINDOWS\System32\drivers\srv.sys : 332 544 : 03/09/2006 08:25 AM : 553007ecce7f6565bbe645beb66d3b69 [NoSig]

* C:\WINDOWS\System32\Drivers\tcpip.sys : 359 808 : 02/14/2006 07:56 PM : 667192a11db19f36624119c0dd4de4f2 [NoSig]

* C:\WINDOWS\System32\drivers\update.sys : 209 280 : 03/09/2006 08:25 AM : a4815a4884898f355a3513e60843a4fd [NoSig]

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 07/06/2015 12:44:58 PM
Execution time: 0 hours(s), 2 minute(s), and 19 seconds(s)

Publicité


Signaler le contenu de ce document

Publicité