Rkill 2.7.0 by Lawrence Abrams (Grinler)http://www.bleepingcomputer.com/Copyright 2008-2015 BleepingComputer.comMore Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.htmlProgram started at: 07/19/2015 02:05:17 AM in x64 mode.Windows Version: Windows 7 Ultimate Service Pack 1Checking for Windows services to stop: * No malware services found to stop.Checking for processes to terminate: * No malware processes found to kill.Possibly Patched Files. * C:\Windows\system32\dllhost.exe * C:\Windows\system32\DllHost.exe * C:\Windows\system32\DllHost.exeChecking Registry for malware related settings: * No issues found in the Registry.Resetting .EXE, .COM, & .BAT associations in the Windows Registry.Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001Checking Windows Service Integrity: * Security Center (wscsvc) is not Running. Startup Type set to: Disabled * Security Center (wscsvc) is not Running. Startup Type set to: DisabledSearching for Missing Digital Signatures: Searching for Missing Digital Signatures: * C:\Windows\System32\dllhost.exe : 9,728 : 06/18/2015 08:25 PM : 5153ffab8ce907731e2ec8fc11e4a1fc [NoSig] * C:\Windows\System32\dllhost.exe : 9,728 : 06/18/2015 08:25 PM : 5153ffab8ce907731e2ec8fc11e4a1fc [NoSig] +-> C:\Windows\SysWOW64\dllhost.exe : 7,168 : 06/20/2015 09:36 AM : d56e095167f461f350e1a1cb57cad365 [Pos Repl] +-> C:\Windows\SysWOW64\dllhost.exe : 7,168 : 06/20/2015 09:36 AM : d56e095167f461f350e1a1cb57cad365 [Pos Repl] +-> C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe : +-> C:\Windows\winsxs\amd64_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_a018e05d0d33081d\dllhost.exe : 9,728 : 06/18/2015 08:25 PM : 5153ffab8ce907731e2ec8fc11e4a1fc [Pos Repl] 9,728 : 06/18/2015 08:25 PM : 5153ffab8ce907731e2ec8fc11e4a1fc [Pos Repl] +-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7 +-> C:\Windows\winsxs\x86_microsoft-windows-com-surrogate_31bf3856ad364e35_6.1.7600.16385_none_43fa44d954d596e7\dllhost.exe : 7,168 : 06/20/2015 09:36 AM : d56e095167f461f350e1a1cb57cad365 [Pos Repl],168 : 06/20/2015 09:36 AM : d56e095167f461f350e1a1cb57cad365 [Pos Repl]Checking HOSTS File: Checking HOSTS File: * HOSTS file entries found: * HOSTS file entries found: 127.0.0.1 localhost ::1 localhost 127.0.0.1 localhost ::1 localhostProgram finished at: 07/19/2015 02:07:09 AMExecution time: 0 hours(s), 2 minute(s), and 10 seconds(s)Program finished at: 07/19/2015 02:07:09 AMExecution time: 0 hours(s), 1 minute(s), and 51 seconds(s)