Rkill 2.9.1 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2019 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/29/2019 10:13:08 AM in x64 mode. Windows Version: Windows 7 Ultimate Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Users\User\Desktop\MegaDownloader.exe (PID: 3636) [UP-HEUR] 1 proccess terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Searching for Missing Digital Signatures: * C:\Windows\System32\user32.dll : 1,008,640 : 12/23/2014 05:13 PM : 2c353b6ce0c8d03225caa2af33b68d79 [NoSig] +-> C:\Windows\SoftwareDistribution\Download\7dac5810eb3c91e1b34c143349eab14c\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_2b915fa59d5abee0\user32.dll : 1,009,152 : 11/10/2016 10:32 AM : 34ba256fbf83457f9d5e51a56db54542 [Pos Repl] +-> C:\Windows\SoftwareDistribution\Download\7dac5810eb3c91e1b34c143349eab14c\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.23594_none_35e609f7d1bb80db\user32.dll : 833,024 : 11/10/2016 10:19 AM : 3cb074875ac88a7c1010a2a7f9881a8c [Pos Repl] +-> C:\Windows\SysWOW64\user32.dll : 833,024 : 12/23/2014 05:13 PM : 861c4346f9281dc0380de72c8d55d6be [Pos Repl] +-> C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll : 1,008,128 : 11/20/2010 09:24 PM : fe70103391a64039a921dbfff9c7ab1b [Pos Repl] +-> C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll : 833,024 : 11/20/2010 09:24 PM : 5e0db2d8b2750543cd2ebb9ea8e6cdd3 [Pos Repl] Checking HOSTS File: * No issues found. Program finished at: 01/29/2019 10:20:36 AM Execution time: 0 hours(s), 7 minute(s), and 28 seconds(s)