ÿþRkill 2.9.1 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2018 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/22/2018 09:33:27 PM in x64 mode. Windows Version: Windows 10 Home Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Searching for Missing Digital Signatures: * C:\WINDOWS\System32\mfc40u.dll : 954,288 : 12/16/2015 11:52 AM : ab9eb3745b03ae67ab241a82338dea7b [NoSig] +-> C:\WINDOWS\erdnt\cache86\mfc40u.dll : 954,288 : 11/21/2010 03:24 AM : ab9eb3745b03ae67ab241a82338dea7b [Pos Repl] +-> C:\WINDOWS\SysWOW64\mfc40u.dll : 924,944 : 03/18/2017 08:58 PM : 042e7a7ae4e3dde7950d16285ff63c8d [Pos Repl] +-> C:\WINDOWS\WinSxS\x86_microsoft-windows-mfc40u_31bf3856ad364e35_10.0.15063.0_none_a8084fbad60181bb\mfc40u.dll : 924,944 : 03/18/2017 08:58 PM : 042e7a7ae4e3dde7950d16285ff63c8d [Pos Repl] Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 localhost 0.0.0.0 windowssearch.com 0.0.0.0 settings.data.microsoft.com 0.0.0.0 bat.r.msn.com 0.0.0.0 client-s.gateway.messenger.live.com 0.0.0.0 arc.msn.com 0.0.0.0 rpt.msn.com 0.0.0.0 bn1303.settings.live.net 0.0.0.0 client.wns.windows.com 0.0.0.0 ieonlinews.microsoft.com 0.0.0.0 inprod.support.services.microsoft.com 0.0.0.0 geover-prod.do.dsp.mp.microsoft.com 0.0.0.0 geo-prod.do.dsp.mp.microsoft.com 0.0.0.0 kv201-prod.do.dsp.mp.microsoft.com 0.0.0.0 cp201-prod.do.dsp.mp.microsoft.com 0.0.0.0 disc201-prod.do.dsp.mp.microsoft.com 0.0.0.0 array201-prod.do.dsp.mp.microsoft.com 0.0.0.0 array202-prod.do.dsp.mp.microsoft.com 0.0.0.0 array203-prod.do.dsp.mp.microsoft.com 0.0.0.0 array204-prod.do.dsp.mp.microsoft.com 20 out of 186 HOSTS entries shown. Please review HOSTS file for further entries. Program finished at: 01/22/2018 09:37:57 PM Execution time: 0 hours(s), 4 minute(s), and 29 seconds(s)