Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Taskmanager debugger


  • Please log in to reply
7 replies to this topic

#1 diaz209

diaz209

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jamaica
  • Local time:01:00 AM

Posted 22 October 2013 - 01:35 AM

Hi, I ran rkill and got the following results:

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 10/21/2013 01:09:16 PM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * taskmgr.exe debugger. [IFEO Debugger Deleted]
 
Backup Registry file created at:
 C:\Users\PatricK\Desktop\rkill\rkill-10-21-2013-01-09-22.reg
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
Checking Windows Service Integrity: 
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 10/21/2013 01:10:47 PM
Execution time: 0 hours(s), 1 minute(s), and 31 seconds(s)
 
since you guys made rkill could the: 
Checking Registry for malware related settings:
 
 * taskmgr.exe debugger. [IFEO Debugger Deleted]
 
be related to me using comodo killswitch in the place of taskmanager?
or is this related to something malicious?

Edited by hamluis, 22 October 2013 - 12:38 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:00 PM

Posted 22 October 2013 - 06:34 AM

Please read This Full Topic on "RKill - What it does and What it Doesn't"

This is written by Grinler and is an open topic still.
 

Thank You -



#3 hamluis

hamluis

    Moderator


  • Moderator
  • 55,541 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:12:00 AM

Posted 22 October 2013 - 12:39 PM

Why...did you run RKill?

 

What did you think that doing such would accomplish?

 

Louis



#4 diaz209

diaz209
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jamaica
  • Local time:01:00 AM

Posted 23 October 2013 - 12:00 AM

Why...did you run RKill?

 

What did you think that doing such would accomplish?

 

Louis

Hi

Anytime i suspect something suspicious i run rkill, adwcleaner to be sure (as antimalware and virus usually come back clean) but those 2 will find any hidden threat)



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:03:00 PM

Posted 23 October 2013 - 03:22 AM

Hi -

Apart from that bit of writing in the report, do you have any problems ??

 

Is there any reason to think that you have an infection ??

 

Thank You -



#6 diaz209

diaz209
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jamaica
  • Local time:01:00 AM

Posted 23 October 2013 - 07:02 PM

Hi -

Apart from that bit of writing in the report, do you have any problems ??

 

Is there any reason to think that you have an infection ??

 

Thank You -

Not anymore, everything is fine, was suspicious when I saw random iP , some private and other from comcast connecting to svchost.exe 



#7 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,536 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:01:00 AM

Posted 24 October 2013 - 06:31 PM

Yup, its killswitch. Nothing I can do unfortunately. Just select to replace task manager again after using Rkill.

#8 diaz209

diaz209
  • Topic Starter

  • Members
  • 28 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Jamaica
  • Local time:01:00 AM

Posted 24 October 2013 - 08:17 PM

Yup, its killswitch. Nothing I can do unfortunately. Just select to replace task manager again after using Rkill.

Thanks for the confirmation 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users