Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Rkill Results - This is what is said

  • Please log in to reply
1 reply to this topic

#1 Golden-Boy


  • Members
  • 33 posts
  • Local time:09:11 PM

Posted 27 October 2015 - 11:09 PM

So I just downloaded and used the Rkill program.


It was really fun and easy to use.  Thank you to whomever created it.  the Notepad log at the end said this:


Rkill 2.8.2 by Lawrence Abrams (Grinler)
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
Program started at: 10/28/2015 12:06:38 AM in x86 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
Checking for Windows services to stop:
 * No malware services found to stop.
Checking for processes to terminate:
 * C:\Users\Alex\AppData\Local\Temp\ocr8CE4.tmp\bin\rubyw.exe (PID: 2368) [UP-HEUR]
 * C:\Users\Alex\AppData\Local\Temp\ocr8CE4.tmp\bin\rubyw.exe (PID: 2368) [T-HEUR]
 * C:\Users\Alex\AppData\Local\Temp\ocrF627.tmp\bin\rubyw.exe (PID: 2020) [UP-HEUR]
 * C:\Users\Alex\AppData\Local\Temp\ocrF627.tmp\bin\rubyw.exe (PID: 2020) [T-HEUR]
4 proccesses terminated!
Checking Registry for malware related settings:
 * No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKLM\Software\Classes\.exe\shell found and deleted!
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!
Performing miscellaneous checks:
 * Reparse Point/Junctions Found (Most likely legitimate)!
     * C:\Windows\$NtUninstallKB23455$ => <Unknown Target> [Dir]
Checking Windows Service Integrity: 
 * No issues found.
Searching for Missing Digital Signatures: 
 * No issues found.
Checking HOSTS File: 
 * HOSTS file entries found: localhost
  ::1 localhost
Program finished at: 10/28/2015 12:07:31 AM
Execution time: 0 hours(s), 0 minute(s), and 53 seconds(s)



Do I need to be concerned?


BC AdBot (Login to Remove)


#2 buddy215


  • Moderator
  • 13,414 posts
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:11 PM

Posted 29 October 2015 - 05:41 AM

Are you experiencing any problems with the computer that may be adware or malware?

If so, what other scans have you performed?


rubyw.exe .......If you use Private Internet Access, it is a process used by that application.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users