Jump to content

Recommended Posts

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/10/2017 06:16:45 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\AutoKMS.exe (PID: 1380) [WD-HEUR]
 * C:\ProgramData\Rpcnet\Bin\rpcld.exe (PID: 2632) [AU-HEUR]
 * C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe (PID: 2984) [AU-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity: 

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * TBS [Missing Service]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 06/10/2017 06:18:16 AM
Execution time: 0 hours(s), 1 minute(s), and 31 seconds(s)
 

Everytime i start my pc i have to start Rkill to stop this trojan and 

Quote

Checking for processes to terminate:

 * C:\Windows\AutoKMS.exe (PID: 1380) [WD-HEUR]
 * C:\ProgramData\Rpcnet\Bin\rpcld.exe (PID: 2632) [AU-HEUR]
 * C:\ProgramData\AutoKMS\Resources\MSGBox\Messagebox.exe (PID: 2984) [AU-HEUR]

i do not know how to find and get rid of it completely as it becomes undetectable by my anti-virus. How do i get rid of it completely from my registry?

Link to post
Share on other sites

  • 2 months later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.