Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need opinion


  • Please log in to reply
5 replies to this topic

#1 rp-57

rp-57

  • Members
  • 469 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:oklahoma
  • Local time:03:27 AM

Posted 18 September 2017 - 09:47 PM

Hello,

 

I ran Rkill and I get this results.

 

Not sure if this is something to be concerned about.

 

 

Just need some feed back.

 

if this is malware listed below.

Thank you for your feedback.

 

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/18/2017 08:08:31 PM in x64 mode.
Windows Version: Windows 10 Home

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
  0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  0.0.0.0 media.opencandy.com
  0.0.0.0 cdn.opencandy.com
  0.0.0.0 tracking.opencandy.com
  0.0.0.0 api.opencandy.com
  0.0.0.0 api.recommendedsw.com
  0.0.0.0 rp.yefeneri2.com
  0.0.0.0 os.yefeneri2.com
  0.0.0.0 os2.yefeneri2.com
  0.0.0.0 installer.betterinstaller.com
  0.0.0.0 installer.filebulldog.com
  0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  0.0.0.0 inno.bisrv.com
  0.0.0.0 nsis.bisrv.com
  0.0.0.0 cdn.file2desktop.com
  0.0.0.0 cdn.goateastcach.us
  0.0.0.0 cdn.guttastatdk.us
  0.0.0.0 cdn.inskinmedia.com
  0.0.0.0 cdn.insta.oibundles2.com

  20 out of 38 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 09/18/2017 08:09:52 PM
Execution time: 0 hours(s), 1 minute(s), and 20 seconds(s)
 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 AM

Posted 19 September 2017 - 04:37 AM

What info in the scan log concerns you? Is it Windows Defender being disabled or the host file contents?

Some security programs Disable WD when they are installed and active.

The Host File entries could be from a program named Unchecky that blocks adware from calling home.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 rp-57

rp-57
  • Topic Starter

  • Members
  • 469 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:oklahoma
  • Local time:03:27 AM

Posted 19 September 2017 - 08:58 AM

No I'am not concernd with windows defender being disabled, I know that is normal when RKILL runs.

 

I was interested in the host files that was found by RKILL.

 

If you do not know that then that is ok maybe some one else knows.



#4 rp-57

rp-57
  • Topic Starter

  • Members
  • 469 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:oklahoma
  • Local time:03:27 AM

Posted 19 September 2017 - 08:59 AM

What info in the scan log concerns you? Is it Windows Defender being disabled or the host file contents?

Some security programs Disable WD when they are installed and active.

The Host File entries could be from a program named Unchecky that blocks adware from calling home.

And I do have unchecky program on my computer.  Just as added protection.



#5 buddy215

buddy215

  • Moderator
  • 13,501 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:02:27 AM

Posted 19 September 2017 - 09:12 AM

Okay....if that's it...your curiosity is satisfied....its Unchecky's list in the Host File.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 rp-57

rp-57
  • Topic Starter

  • Members
  • 469 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:oklahoma
  • Local time:03:27 AM

Posted 19 September 2017 - 12:28 PM

Okay....if that's it...your curiosity is satisfied....its Unchecky's list in the Host File.

Okay.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users