daily pastebin goal
68%
SHARE
TWEET

Untitled

a guest Nov 3rd, 2013 12 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Rkill 2.6.2 by Lawrence Abrams (Grinler)
  2. http://www.bleepingcomputer.com/
  3. Copyright 2008-2013 BleepingComputer.com
  4. More Information about Rkill can be found at this link:
  5.  http://www.bleepingcomputer.com/forums/topic308364.html
  6.  
  7. Program started at: 11/03/2013 10:07:18 PM in x64 mode.
  8. Windows Version: Windows 7 Home Premium Service Pack 1
  9.  
  10. Checking for Windows services to stop:
  11.  
  12.  * No malware services found to stop.
  13.  
  14. Checking for processes to terminate:
  15.  
  16.  * No malware processes found to kill.
  17.  
  18. Possibly Patched Files.
  19.  
  20.  * C:\Windows\system32\Dwm.exe
  21.  
  22. Checking Registry for malware related settings:
  23.  
  24.  * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]
  25.  
  26. Backup Registry file created at:
  27.  C:\Users\Andy\Desktop\rkill\rkill-11-03-2013-10-07-23.reg
  28.  
  29. Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  30.  
  31. Performing miscellaneous checks:
  32.  
  33.  * Windows Defender Disabled
  34.  
  35.    [HKLM\SOFTWARE\Microsoft\Windows Defender]
  36.    "DisableAntiSpyware" = dword:00000001
  37.  
  38.  * Reparse Point/Junctions Found (These may be legitimate)!
  39.  
  40.      * C:\Windows\winsxs\amd64_security-malware-windows-defender-events_31bf3856ad364e35_6.1.7600.16385_none_118cf1dcd54a3dea\MpEvMsg.dll => <Unknown Target> [File]
  41.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpAsDesc.dll => <Unknown Target> [File]
  42.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpCmdRun.exe => <Unknown Target> [File]
  43.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpOAV.dll => <Unknown Target> [File]
  44.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MpRTP.dll => <Unknown Target> [File]
  45.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MSASCui.exe => <Unknown Target> [File]
  46.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpCom.dll => <Unknown Target> [File]
  47.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpLics.dll => <Unknown Target> [File]
  48.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.17514_none_b5e2b6396ecea306\MsMpRes.dll => <Unknown Target> [File]
  49.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpAsDesc.dll => <Unknown Target> [File]
  50.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpClient.dll => <Unknown Target> [File]
  51.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpCmdRun.exe => <Unknown Target> [File]
  52.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpCommu.dll => <Unknown Target> [File]
  53.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpOAV.dll => <Unknown Target> [File]
  54.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpRTP.dll => <Unknown Target> [File]
  55.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MpSvc.dll => <Unknown Target> [File]
  56.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MSASCui.exe => <Unknown Target> [File]
  57.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpCom.dll => <Unknown Target> [File]
  58.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpLics.dll => <Unknown Target> [File]
  59.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.18170_none_b59db7296f030a55\MsMpRes.dll => <Unknown Target> [File]
  60.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpAsDesc.dll => <Unknown Target> [File]
  61.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpCmdRun.exe => <Unknown Target> [File]
  62.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpOAV.dll => <Unknown Target> [File]
  63.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MpRTP.dll => <Unknown Target> [File]
  64.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MSASCui.exe => <Unknown Target> [File]
  65.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpCom.dll => <Unknown Target> [File]
  66.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpLics.dll => <Unknown Target> [File]
  67.      * C:\Windows\winsxs\amd64_security-malware-windows-defender_31bf3856ad364e35_6.1.7601.22341_none_b648c5e888076cca\MsMpRes.dll => <Unknown Target> [File]
  68.  
  69. Checking Windows Service Integrity:
  70.  
  71.  * Windows Firewall Authorization Driver (mpsdrv) is not Running.
  72.    Startup Type set to: Manual
  73.  
  74.  * BFE [Missing Service]
  75.  * iphlpsvc [Missing Service]
  76.  * MpsSvc [Missing Service]
  77.  * PcaSvc [Missing Service]
  78.  * PolicyAgent [Missing Service]
  79.  * RemoteAccess [Missing Service]
  80.  * WinDefend [Missing Service]
  81.  * wscsvc [Missing Service]
  82.  
  83.  * SharedAccess [Missing ImagePath]
  84.  
  85. Searching for Missing Digital Signatures:
  86.  
  87.  * C:\Windows\System32\dwm.exe : 123,392 : 05/08/2009 09:55 AM : d31c99073fcdfb2b7b22365c262d0d9d [NoSig]
  88.  +-> C:\Windows\winsxs\amd64_microsoft-windows-d..pwindowmanager-core_31bf3856ad364e35_6.1.7601.17514_none_ebc99983d3d18578\dwm.exe : 120,320 : 07/14/2009 12:39 AM : f162d5f5e845b9dc352dd1bad8cef1bc [Pos Repl]
  89.  
  90.  * C:\Windows\System32\UxTheme.dll : 332,288 : 12/29/2012 04:59 PM : 8bf20c54ffb37cfb960f708ffa813fa7 [NoSig]
  91.  +-> C:\Windows\SysWOW64\uxtheme.dll : 245,760 : 07/14/2009 12:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
  92.  +-> C:\Windows\winsxs\amd64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_01d98c7b2040a1b9\uxtheme.dll : 332,288 : 07/14/2009 12:41 AM : d29e998e8277666982b4f0303bf4e7af [Pos Repl]
  93.  +-> C:\Windows\winsxs\wow64_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_0c2e36cd54a163b4\uxtheme.dll : 245,760 : 07/14/2009 12:11 AM : 43964fa89ccf97ba6be34d69455ac65f [Pos Repl]
  94.  
  95. Checking HOSTS File:
  96.  
  97.  * No issues found.
  98.  
  99. Program finished at: 11/03/2013 10:07:39 PM
  100. Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top