Scribd
Upload
139 views4 pages

Rkill

Windows Version: Microsoft Windows XP Service Pack 2 Checking for services to stop: No malware services found to stop. Checking for processes to terminate: No malware processes found to kill. Possibly Patched Files.

Uploaded by

dondanieldequeretaro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
139 views4 pages

Rkill

Windows Version: Microsoft Windows XP Service Pack 2 Checking for services to stop: No malware services found to stop. Checking for processes to terminate: No malware processes found to kill. Possibly Patched Files.

Uploaded by

dondanieldequeretaro
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 4

Rkill 2.6.

8 by Lawrence Abrams (Grinler)


http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 09/26/2014 05:14:22 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Possibly Patched Files.
* C:\WINDOWS\system32\spoolsv.exe
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* System Restore Disabled
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig" = dword:00000001
* System Restore Disabled
[HKLM\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = dword:00000001
* System Restore Disabled
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = dword:00000001
* Windows Firewall Disabled
[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolic
y\StandardProfile]
"EnableFirewall" = dword:00000000
Checking Windows Service Integrity:
* Servicio de restauracin de sistema (srservice) is not Running.
Startup Type set to: Automatic
* Controlador de filtro de Restaurar sistema (sr) is not Running.
Startup Type set to: Disabled
* ERSvc [Missing Service]
* Messenger [Missing Service]

* wscsvc [Missing Service]


* Alerter [Missing ImagePath]
Searching for Missing Digital Signatures:
* C:\WINDOWS\System32\comctl32.dll : 617,472 : 07/29/2007 07:45 AM : 3e555c1abb
1f5df1649b83b1878ac123 [NoSig]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.
0.0.0_x-ww_1382d70a\comctl32.dll : 921,088 : 07/29/2007 06:30 PM : aef3d788dbf40
c7c4d204ea45eb0c505 [Pos Repl]
+-> C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.
0.2600.2982_x-ww_ac3f9c03\comctl32.dll : 1,054,208 : 07/29/2007 06:30 PM : 27cdc
d592cccbc1a5a62a0de169b5bbb [Pos Repl]
* C:\WINDOWS\System32\es.dll : 243,200 : 07/29/2007 07:45 AM : 0d0f85237e32538f
58278d673032676a [NoSig]
* C:\WINDOWS\System32\ipsecsvc.dll : 184,832 : 07/29/2007 07:45 AM : efda8e54be
fb3e5fb8c4ee797ec3f5d6 [NoSig]
* C:\WINDOWS\System32\kernel32.dll : 1,039,360 : 07/29/2007 07:45 AM : e5bebae6
1a1ebfe320300f0a327543dc [NoSig]
* C:\WINDOWS\System32\linkinfo.dll : 19,968 : 07/29/2007 07:45 AM : c4e7cefd380
2415865e631be3ab6ac3b [NoSig]
* C:\WINDOWS\System32\mfc40u.dll : 927,504 : 07/29/2007 07:45 AM : 2b7a4915332b
5dd133536e1e7e436654 [NoSig]
* C:\WINDOWS\System32\netman.dll : 197,632 : 07/29/2007 07:46 AM : 157b6fcb5827
0e3df3ed67d316dcece0 [NoSig]
* C:\WINDOWS\System32\ntkrnlpa.exe : 2,061,824 : 07/29/2007 07:46 AM : fda9504c
4993043ef75ad2f59cd6daba [NoSig]
* C:\WINDOWS\System32\ntoskrnl.exe : 2,184,576 : 07/29/2007 07:46 AM : 61bdb266
7827d484604c9a09248d6223 [NoSig]
* C:\WINDOWS\System32\ole32.dll : 1,285,632 : 07/29/2007 07:46 AM : 1ccd86af896
8519ae6bf9729fc566f1a [NoSig]
* C:\WINDOWS\System32\rasadhlp.dll : 7,680 : 07/29/2007 07:46 AM : 93d6aea2b292
424863412eebcc0834cf [NoSig]
* C:\WINDOWS\System32\rpcss.dll : 398,336 : 07/29/2007 07:46 AM : 78793aae30e77
a07d6c5a378d163b909 [NoSig]
* C:\WINDOWS\System32\schannel.dll : 144,896 : 07/29/2007 07:46 AM : a51ac87223
bd90336029fae59a7c2b62 [NoSig]
* C:\WINDOWS\System32\shsvcs.dll : 135,168 : 07/29/2007 07:46 AM : 00c566d725f8
0e77daacb82d1fed4493 [NoSig]
* C:\WINDOWS\System32\spoolsv.exe : 57,856 : 07/29/2007 07:46 AM : ad3d9d191aea
7b5445fe1d82ffbb4788 [NoSig]
* C:\WINDOWS\System32\tapisrv.dll : 249,344 : 07/29/2007 07:46 AM : 861e25215ba
370d4ca9337c2bc0e647f [NoSig]

* C:\WINDOWS\System32\upnphost.dll : 185,344 : 07/29/2007 07:46 AM : fcb8d49e28


b6ab1bc09ac240b07badfc [NoSig]
* C:\WINDOWS\System32\user32.dll : 579,072 : 07/29/2007 07:46 AM : 237fb93c6b43
30d8ee7d2448cf71c5ed [NoSig]
* C:\WINDOWS\System32\UxTheme.dll : 220,160 : 07/29/2007 06:08 PM : 47526566c78
f4a67aa9b0fdeef5a1088 [NoSig]
* C:\WINDOWS\System32\wdigest.dll : 49,152 : 07/29/2007 07:46 AM : d0f567429778
40b0291bad3a675a4e5c [NoSig]
* C:\WINDOWS\System32\wiaservc.dll : 334,336 : 07/29/2007 07:46 AM : fbbc9adc4e
3fb61f7346517f04239123 [NoSig]
* C:\WINDOWS\explorer.exe : 1,035,776 : 07/29/2007 07:45 AM : dbb6b75cc6cb2cf8e
c0bafca08aed6be [NoSig]
* C:\WINDOWS\System32\drivers\aec.sys : 142,464 : 07/29/2007 08:46 AM : 1ee7b43
4ba961ef845de136224c30fec [NoSig]
* C:\WINDOWS\System32\drivers\fltMgr.sys : 128,768 : 07/29/2007 07:45 AM : 5a85
cd3d07273e3f6fe72ee9c6431632 [NoSig]
* C:\WINDOWS\System32\drivers\http.sys : 262,656 : 07/29/2007 07:45 AM : 909d11
0c9634b0f1487eaaea837317d9 [NoSig]
* C:\WINDOWS\System32\drivers\ipnat.sys : 134,912 : 07/29/2007 07:45 AM : d58ec
d3b3969a670e68588f1640920b6 [NoSig]
* C:\WINDOWS\System32\drivers\kmixer.sys : 172,416 : 07/29/2007 08:46 AM : 8531
438246ce9474e41ee1599904c0c7 [NoSig]
* C:\WINDOWS\System32\drivers\mrxsmb.sys : 454,656 : 07/29/2007 07:45 AM : 3ecc
5f53a627b28a23aa7cc8c9376db4 [NoSig]
* C:\WINDOWS\System32\drivers\ntfs.sys : 574,976 : 02/09/2007 06:23 AM : 05ab81
909514bfd69cbb1f2c147cf6b9 [NoSig]
* C:\WINDOWS\System32\drivers\nwrdr.sys : 163,456 : 07/29/2007 07:46 AM : bbbc2
e555bb5e4adbaeb1447f11c68c9 [NoSig]
* C:\WINDOWS\System32\drivers\rdbss.sys : 174,592 : 07/29/2007 07:46 AM : ed375
ce745c42a14f10753f7022ecd6a [NoSig]
* C:\WINDOWS\System32\drivers\rdpwd.sys : 139,528 : 07/29/2007 07:46 AM : 047be
a21274c8a4a233674a76c958c2c [NoSig]
* C:\WINDOWS\System32\drivers\rmcast.sys : 202,496 : 07/29/2007 07:46 AM : bcea
2b2bf1b6dddd11e65b7478f2d19a [NoSig]
* C:\WINDOWS\System32\drivers\splitter.sys : 6,272 : 07/29/2007 08:47 AM : 9bb1
dd670cb7505a90fc4e61d4aa8227 [NoSig]
* C:\WINDOWS\System32\drivers\srv.sys : 332,928 : 07/29/2007 07:46 AM : 5230953
c21c811b5fc1ff31ae2b48097 [NoSig]
* C:\WINDOWS\System32\drivers\tcpip6.sys : 225,664 : 07/29/2007 07:46 AM : a026
ea381b026d05a4a3d2388d80c3b8 [NoSig]

* C:\WINDOWS\System32\Drivers\tcpip.sys : 360,576 : 07/29/2007 06:08 PM : c79df


4477c0d82bb045cbc50e2b677e9 [NoSig]
* C:\WINDOWS\System32\drivers\update.sys : 364,160 : 07/29/2007 07:46 AM : 7b21
70ee3d858ce8fbe503904cc9b663 [NoSig]
* C:\WINDOWS\System32\drivers\usbehci.sys : 30,080 : 07/29/2007 08:47 AM : b0d7
020386c7187ef9c5a9643f289cd3 [NoSig]
* C:\WINDOWS\System32\drivers\usbport.sys : 143,360 : 07/29/2007 08:47 AM : 6a6
e905b6761edf5bc5245a335950b3d [NoSig]
* C:\WINDOWS\System32\drivers\usbuhci.sys : 20,608 : 07/29/2007 08:47 AM : ff6e
4fdeb82dc228efa490336409c6bd [NoSig]
* C:\WINDOWS\System32\drivers\wdmaud.sys : 82,944 : 07/29/2007 08:47 AM : 0bfa8
203b8148fb4e54bc212c41ce497 [NoSig]
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1
127.0.0.1

localhost
mpa.one.microsoft.com

Program finished at: 09/26/2014 05:15:11 PM


Execution time: 0 hours(s), 0 minute(s), and 48 seconds(s)

You might also like