-
-
Save anonymous/b0d33a223791508fee0a to your computer and use it in GitHub Desktop.
evilMs.log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[i] Uninstall evil M$ updates.. | |
[11:05:00.30] Uninstall update KB3080149.. | |
[11:05:01.18] Update KB3080149 not installed | |
[11:05:01.18] Uninstall update KB3075249.. | |
[11:05:01.99] Update KB3075249 not installed | |
[11:05:01.99] Uninstall update KB2952664.. | |
[11:05:02.82] Update KB2952664 not installed | |
[11:05:02.82] Uninstall update KB3035583.. | |
[11:05:03.65] Update KB3035583 not installed | |
[11:05:03.65] Uninstall update KB3068708.. | |
[11:05:04.48] Update KB3068708 not installed | |
[11:05:04.48] Uninstall update KB3022345.. | |
[11:05:05.30] Update KB3022345 not installed | |
[11:05:05.30] Uninstall update KB3021917.. | |
[11:05:06.13] Update KB3021917 not installed | |
[11:05:06.13] Uninstall update KB2976978.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[11:05:08.49] Uninstall update KB3044374.. | |
[11:05:09.32] Update KB3044374 not installed | |
[11:05:09.32] Uninstall update KB2990214.. | |
[11:05:10.15] Update KB2990214 not installed | |
[11:05:10.15] Uninstall update KB971033.. | |
[11:05:10.98] Update KB971033 not installed | |
[11:05:10.98] Uninstall update KB3075851.. | |
[11:05:11.79] Update KB3075851 not installed | |
[11:05:11.81] Uninstall update KB3065988.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[11:05:13.51] Uninstall update KB3083325.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[11:05:15.26] Uninstall update KB3083324.. | |
[11:05:16.08] Update KB3083324 not installed | |
[11:05:16.08] Uninstall update KB3075853.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[11:05:17.86] Uninstall update KB3065987.. | |
[11:05:18.70] Update KB3065987 not installed | |
[11:05:18.70] Uninstall update KB3050265.. | |
[11:05:19.51] Update KB3050265 not installed | |
[11:05:19.51] Uninstall update KB3050267.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[11:05:21.26] Uninstall update KB3046480.. | |
[Error] Cannot disable updates: Update your PowerShell or install PowerShell module 'PSWindowsUpdate' | |
[i] Disable (hide) uninstalled updates.. | |
[Notice] It can take a lot of time - wait please, or use -d flag for disable this feature.. | |
[11:05:23.02] Disable updates: KB3080149,KB3075249,KB2952664,KB3035583,KB3068708,KB3022345,KB3021917,KB2976978,KB3044374,KB2990214,KB971033,KB3075851,KB3065988,KB3083325,KB3083324,KB3075853,KB3065987,KB3050265,KB3050267,KB3046480.. | |
[11:07:23.78] Updates successfully DISABLED | |
[i] Disable some windows tasks.. | |
[11:07:23.79] Disable task \Microsoft\Windows\Application Experience\AitAgent | |
[11:07:23.81] Disable task \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser | |
[11:07:23.83] Disable task \Microsoft\Windows\Application Experience\ProgramDataUpdater | |
[11:07:23.84] Disable task \Microsoft\Windows\Autochk\Proxy | |
[11:07:23.84] Disable task \Microsoft\Windows\Customer Experience Improvement Program\Consolidator | |
[11:07:23.86] Disable task \Microsoft\Windows\Customer Experience Improvement Program\KernelCeipTask | |
[11:07:23.87] Disable task \Microsoft\Windows\Customer Experience Improvement Program\UsbCeip | |
[11:07:23.89] Disable task \Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector | |
[11:07:23.90] Disable task \Microsoft\Windows\PI\Sqm-Tasks | |
[11:07:23.92] Disable task \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem | |
[11:07:23.94] Disable task \Microsoft\Windows\Windows Error Reporting\QueueReporting | |
[11:07:23.94] Disable task \Microsoft\Windows\Maintenance\WinSAT | |
[11:07:23.95] Disable task \Microsoft\Windows\Media Center\ActivateWindowsSearch | |
[11:07:23.97] Disable task \Microsoft\Windows\Media Center\ConfigureInternetTimeService | |
[11:07:23.98] Disable task \Microsoft\Windows\Media Center\DispatchRecoveryTasks | |
[11:07:24.00] Disable task \Microsoft\Windows\Media Center\ehDRMInit | |
[11:07:24.00] Disable task \Microsoft\Windows\Media Center\InstallPlayReady | |
[11:07:24.01] Disable task \Microsoft\Windows\Media Center\mcupdate | |
[11:07:24.03] Disable task \Microsoft\Windows\Media Center\MediaCenterRecoveryTask | |
[11:07:24.04] Disable task \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask | |
[11:07:24.06] Disable task \Microsoft\Windows\Media Center\OCURActivate | |
[11:07:24.06] Disable task \Microsoft\Windows\Media Center\OCURDiscovery | |
[11:07:24.08] Disable task \Microsoft\Windows\Media Center\PBDADiscovery | |
[11:07:24.09] Disable task \Microsoft\Windows\Media Center\PBDADiscoveryW1 | |
[11:07:24.11] Disable task \Microsoft\Windows\Media Center\PBDADiscoveryW2 | |
[11:07:24.12] Disable task \Microsoft\Windows\Media Center\PvrRecoveryTask | |
[11:07:24.12] Disable task \Microsoft\Windows\Media Center\PvrScheduleTask | |
[11:07:24.14] Disable task \Microsoft\Windows\Media Center\RegisterSearch | |
[11:07:24.15] Disable task \Microsoft\Windows\Media Center\ReindexSearchRoot | |
[11:07:24.17] Disable task \Microsoft\Windows\Media Center\SqlLiteRecoveryTask | |
[11:07:24.19] Disable task \Microsoft\Windows\Media Center\UpdateRecordPath | |
[i] Disable services.. | |
[11:07:24.20] Disable service 'Diagtrack' | |
[11:07:24.20] Service 'Diagtrack' not installed | |
[11:07:24.20] Disable service 'dmwappushservice' | |
[11:07:24.22] Service 'dmwappushservice' not installed | |
[11:07:24.22] Disable service 'WerSvc' | |
[11:07:24.23] Service 'WerSvc' disabled successful | |
[i] Block M$ servers IP addresses.. | |
[11:07:24.25] Block route to 111.221.29.177 | |
[11:07:24.26] Block route to 111.221.29.253 | |
[11:07:24.26] Block route to 131.253.40.37 | |
[11:07:24.28] Block route to 134.170.30.202 | |
[11:07:24.28] Block route to 134.170.115.60 | |
[11:07:24.29] Block route to 134.170.165.248 | |
[11:07:24.29] Block route to 134.170.165.253 | |
[11:07:24.31] Block route to 134.170.185.70 | |
[11:07:24.33] Block route to 137.116.81.24 | |
[11:07:24.33] Block route to 137.117.235.16 | |
[11:07:24.34] Block route to 157.55.129.21 | |
[11:07:24.34] Block route to 157.55.133.204 | |
[11:07:24.36] Block route to 157.56.121.89 | |
[11:07:24.36] Block route to 157.56.91.77 | |
[11:07:24.37] Block route to 168.63.108.233 | |
[11:07:24.39] Block route to 184.86.56.12 | |
[11:07:24.39] Block route to 185.13.160.61 | |
[11:07:24.40] Block route to 191.232.139.254 | |
[11:07:24.40] Block route to 191.232.80.58 | |
[11:07:24.42] Block route to 191.232.80.62 | |
[11:07:24.42] Block route to 191.237.208.126 | |
[11:07:24.44] Block route to 204.79.197.200 | |
[11:07:24.44] Block route to 207.46.101.29 | |
[11:07:24.45] Block route to 207.46.114.58 | |
[11:07:24.45] Block route to 207.46.223.94 | |
[11:07:24.47] Block route to 207.68.166.254 | |
[11:07:24.48] Block route to 212.30.134.204 | |
[11:07:24.48] Block route to 212.30.134.205 | |
[11:07:24.50] Block route to 23.102.21.4 | |
[11:07:24.50] Block route to 23.99.10.11 | |
[11:07:24.51] Block route to 23.218.212.69 | |
[11:07:24.51] Block route to 64.4.54.22 | |
[11:07:24.53] Block route to 64.4.54.32 | |
[11:07:24.53] Block route to 64.4.6.100 | |
[11:07:24.54] Block route to 65.39.117.230 | |
[11:07:24.54] Block route to 65.52.100.11 | |
[11:07:24.56] Block route to 65.52.100.7 | |
[11:07:24.58] Block route to 65.52.100.9 | |
[11:07:24.58] Block route to 65.52.100.91 | |
[11:07:24.59] Block route to 65.52.100.92 | |
[11:07:24.59] Block route to 65.52.100.93 | |
[11:07:24.61] Block route to 65.52.100.94 | |
[11:07:24.61] Block route to 65.52.108.29 | |
[11:07:24.62] Block route to 65.55.108.23 | |
[11:07:24.62] Block route to 65.55.138.114 | |
[11:07:24.64] Block route to 65.55.138.126 | |
[11:07:24.65] Block route to 65.55.138.186 | |
[11:07:24.65] Block route to 65.55.252.63 | |
[11:07:24.67] Block route to 65.55.252.71 | |
[11:07:24.67] Block route to 65.55.252.92 | |
[11:07:24.69] Block route to 65.55.252.93 | |
[11:07:24.69] Block route to 65.55.29.238 | |
[11:07:24.70] Block route to 65.55.39.10 | |
[i] Add blocked IP adressess to firewall rule.. | |
[11:07:24.83] IP adresses blocked with firewall rule 'Block MS Telemetry': '111.221.29.177,111.221.29.253,131.253.40.37,134.170.30.202,134.170.115.60,134.170.165.248,134.170.165.253,134.170.185.70,137.116.81.24,137.117.235.16,157.55.129.21,157.55.133.204,157.56.121.89,157.56.91.77,168.63.108.233,184.86.56.12,185.13.160.61,191.232.139.254,191.232.80.58,191.232.80.62,191.237.208.126,204.79.197.200,207.46.101.29,207.46.114.58,207.46.223.94,207.68.166.254,212.30.134.204,212.30.134.205,23.102.21.4,23.99.10.11,23.218.212.69,64.4.54.22,64.4.54.32,64.4.6.100,65.39.117.230,65.52.100.11,65.52.100.7,65.52.100.9,65.52.100.91,65.52.100.92,65.52.100.93,65.52.100.94,65.52.108.29,65.55.108.23,65.55.138.114,65.55.138.126,65.55.138.186,65.55.252.63,65.55.252.71,65.55.252.92,65.55.252.93,65.55.29.238,65.55.39.10' | |
[i] Find and add M$ domains to HOSTS file (block).. | |
[11:07:24.87] Domain msedge.net ADDED | |
[11:07:24.90] Domain a-msedge.net ADDED | |
[11:07:24.92] Domain a-0001.a-msedge.net ADDED | |
[11:07:24.94] Domain a-0002.a-msedge.net ADDED | |
[11:07:24.95] Domain a-0003.a-msedge.net ADDED | |
[11:07:24.97] Domain a-0004.a-msedge.net ADDED | |
[11:07:24.98] Domain a-0005.a-msedge.net ADDED | |
[11:07:24.98] Domain a-0006.a-msedge.net ADDED | |
[11:07:25.00] Domain a-0007.a-msedge.net ADDED | |
[11:07:25.01] Domain a-0008.a-msedge.net ADDED | |
[11:07:25.01] Domain a-0009.a-msedge.net ADDED | |
[11:07:25.03] Domain a1095.g2.akamai.net ADDED | |
[11:07:25.05] Domain ad.doubleclick.net ADDED | |
[11:07:25.06] Domain adnexus.net ADDED | |
[11:07:25.06] Domain adnxs.com ADDED | |
[11:07:25.08] Domain secure.adnxs.com ADDED | |
[11:07:25.09] Domain m.adnxs.com ADDED | |
[11:07:25.09] Domain ads1.msads.net ALREADY added | |
[11:07:25.11] Domain ads1.msn.com ADDED | |
[11:07:25.12] Domain ads2.msn.com ADDED | |
[11:07:25.12] Domain flex.msn.com ALREADY added | |
[11:07:25.14] Domain g.msn.com ADDED | |
[11:07:25.15] Domain h2.msn.com ADDED | |
[11:07:25.17] Domain h1.msn.com ADDED | |
[11:07:25.17] Domain a.ads1.msn.com ADDED | |
[11:07:25.19] Domain a.ads2.msn.com ADDED | |
[11:07:25.20] Domain a.ads2.msads.net ADDED | |
[11:07:25.20] Domain live.rads.msn.com ADDED | |
[11:07:25.22] Domain ads2.msn.com.c.footprint.net ADDED | |
[11:07:25.23] Domain apps.skype.com ALREADY added | |
[11:07:25.23] Domain ui.skype.com ADDED | |
[11:07:25.25] Domain aka-cdn-ns.adtech.de ADDED | |
[11:07:25.26] Domain az361816.vo.msecnd.net ADDED | |
[11:07:25.28] Domain az512334.vo.msecnd.net ADDED | |
[11:07:25.28] Domain bs.serving-sys.com ADDED | |
[11:07:25.30] Domain diagnostics.support.microsoft.akadns.net ADDED | |
[11:07:25.31] Domain diagnostics.support.microsoft.com ADDED | |
[11:07:25.31] Domain msntest.serving-sys.com ADDED | |
[11:07:25.33] Domain telemetry.microsoft.com ADDED | |
[11:07:25.34] Domain ca.telemetry.microsoft.com ADDED | |
[11:07:25.36] Domain c.msn.com ADDED | |
[11:07:25.36] Domain aidps.atdmt.com ADDED | |
[11:07:25.37] Domain view.atdmt.com ADDED | |
[11:07:25.39] Domain ec.atdmt.com ADDED | |
[11:07:25.39] Domain c.atdmt.com ALREADY added | |
[11:07:25.40] Domain db3aqu.atdmt.com ADDED | |
[11:07:25.42] Domain cdn.atdmt.com ADDED | |
[11:07:25.42] Domain msftncsi.com ADDED | |
[11:07:25.44] Domain www.msftncsi.com ADDED | |
[11:07:25.45] Domain choice.live.com ADDED | |
[11:07:25.47] Domain choice.microsoft.com ADDED | |
[11:07:25.47] Domain choice.microsoft.com.nsatc.net ADDED | |
[11:07:25.48] Domain compatexchange.cloudapp.net ADDED | |
[11:07:25.50] Domain corpext.msitadfs.glbdns2.microsoft.com ADDED | |
[11:07:25.50] Domain corp.sts.microsoft.com ADDED | |
[11:07:25.51] Domain cs1.wpc.v0cdn.net ADDED | |
[11:07:25.53] Domain df.telemetry.microsoft.com ADDED | |
[11:07:25.55] Domain e9946.g.akamaiedge.net ADDED | |
[11:07:25.55] Domain fe2.update.microsoft.com.akadns.net ADDED | |
[11:07:25.56] Domain fe3.delivery.dsp.mp.microsoft.com.nsatc.net ADDED | |
[11:07:25.58] Domain microsoft-hohm.com ADDED | |
[11:07:25.58] Domain feedback.microsoft-hohm.com ADDED | |
[11:07:25.59] Domain feedback.search.microsoft.com ADDED | |
[11:07:25.61] Domain feedback.windows.com ADDED | |
[11:07:25.62] Domain i1.services.social.microsoft.com ADDED | |
[11:07:25.62] Domain i1.services.social.microsoft.com.nsatc.net ADDED | |
[11:07:25.64] Domain i.s1.social.ms.akadns.net ADDED | |
[11:07:25.65] Domain lb1.www.ms.akadns.net ADDED | |
[11:07:25.67] Domain legacy-redirection-neurope-prod-hp.cloudapp.net ADDED | |
[11:07:25.67] Domain oca.telemetry.microsoft.com ADDED | |
[11:07:25.69] Domain oca.telemetry.microsoft.com.nsatc.net ADDED | |
[11:07:25.70] Domain onesettings-hk2.metron.live.com.nsatc.net ADDED | |
[11:07:25.70] Domain pre.footprintpredict.com ADDED | |
[11:07:25.72] Domain preview.msn.com ADDED | |
[11:07:25.73] Domain ads.msn.com ALREADY added | |
[11:07:25.73] Domain rad.msn.com ALREADY added | |
[11:07:25.75] Domain rad.live.com ADDED | |
[11:07:25.76] Domain b.rad.msn.com ADDED | |
[11:07:25.76] Domain b.ads2.msads.net ADDED | |
[11:07:25.78] Domain b.ads1.msn.com ADDED | |
[11:07:25.80] Domain ac3.msn.com ADDED | |
[11:07:25.81] Domain a.rad.msn.com ADDED | |
[11:07:25.81] Domain cds26.ams9.msecn.net ADDED | |
[11:07:25.83] Domain m.hotmail.com ADDED | |
[11:07:25.84] Domain secure.flashtalking.com ADDED | |
[11:07:25.86] Domain static.2mdn.net ADDED | |
[11:07:25.86] Domain s0.2mdn.net ADDED | |
[11:07:25.87] Domain redirection.prod.cms.msn.com ADDED | |
[11:07:25.89] Domain redirection.prod.cms.msn.com.akadns.net ADDED | |
[11:07:25.89] Domain redir.metaservices.microsoft.com ADDED | |
[11:07:25.90] Domain redir.metaservices.microsoft.com.akadns.net ADDED | |
[11:07:25.92] Domain redir.metaservices.microsoft.com.edgesuite.net ADDED | |
[11:07:25.94] Domain wes.df.telemetry.microsoft.com ADDED | |
[11:07:25.94] Domain reports.wes.df.telemetry.microsoft.com ADDED | |
[11:07:25.95] Domain services.wes.df.telemetry.microsoft.com ADDED | |
[11:07:25.97] Domain settings.data.glbdns2.microsoft.com ADDED | |
[11:07:25.97] Domain settings.data.microsoft.com ADDED | |
[11:07:25.98] Domain settings-sandbox.data.glbdns2.microsoft.com ADDED | |
[11:07:26.00] Domain settings-sandbox.data.microsoft.com ADDED | |
[11:07:26.01] Domain settings-win.data.microsoft.com ADDED | |
[11:07:26.01] Domain schemas.microsoft.akadns.net ADDED | |
[11:07:26.03] Domain siweb.microsoft.akadns.net ADDED | |
[11:07:26.05] Domain sls.update.microsoft.com.akadns.net ADDED | |
[11:07:26.05] Domain spynet2.microsoft.akadns.net ADDED | |
[11:07:26.06] Domain spynet2.microsoft.com ADDED | |
[11:07:26.08] Domain spynetalt.microsoft.akadns.net ADDED | |
[11:07:26.09] Domain spynetalt.microsoft.com ADDED | |
[11:07:26.09] Domain spyneteurope.microsoft.akadns.net ADDED | |
[11:07:26.11] Domain sqm.df.telemetry.microsoft.com ADDED | |
[11:07:26.12] Domain sqm.telemetry.microsoft.com ADDED | |
[11:07:26.12] Domain sqm.telemetry.microsoft.com.nsatc.net ADDED | |
[11:07:26.14] Domain ssw.live.com ADDED | |
[11:07:26.15] Domain ssw.live.com.nsatc.net ADDED | |
[11:07:26.17] Domain s.gateway.messenger.live.com ADDED | |
[11:07:26.17] Domain statsfe1.ws.microsoft.com ADDED | |
[11:07:26.19] Domain statsfe1.ws.microsoft.com.nsatc.net ADDED | |
[11:07:26.20] Domain statsfe2.update.microsoft.com.akadns.net ADDED | |
[11:07:26.20] Domain statsfe2.ws.microsoft.com ADDED | |
[11:07:26.22] Domain statsfe2.ws.microsoft.com.nsatc.net ADDED | |
[11:07:26.23] Domain support.msn.microsoft.akadns.net ADDED | |
[11:07:26.25] Domain watson.microsoft.com ADDED | |
[11:07:26.25] Domain survey.watson.microsoft.com ADDED | |
[11:07:26.26] Domain telecommand.telemetry.microsoft.com ADDED | |
[11:07:26.28] Domain telecommand.telemetry.microsoft.com.nsatc.net ADDED | |
[11:07:26.28] Domain telemetry.appex.bing.net ADDED | |
[11:07:26.30] Domain telemetry.appex.search.prod.ms.akadns.net ADDED | |
[11:07:26.31] Domain telemetry.urs.microsoft.com ADDED | |
[11:07:26.33] Domain t.urs.microsoft.com.nsatc.net ADDED | |
[11:07:26.33] Domain vortex.data.glbdns2.microsoft.com ADDED | |
[11:07:26.34] Domain vortex.data.metron.live.com.nsatc.net ADDED | |
[11:07:26.36] Domain vortex-bn2.metron.live.com.nsatc.net ADDED | |
[11:07:26.36] Domain vortex-cy2.metron.live.com.nsatc.net ADDED | |
[11:07:26.37] Domain vortex.data.microsoft.com ADDED | |
[11:07:26.39] Domain vortex-db5.metron.live.com.nsatc.net ADDED | |
[11:07:26.39] Domain vortex-sandbox.data.glbdns2.microsoft.com ADDED | |
[11:07:26.40] Domain vortex-sandbox.data.microsoft.com ADDED | |
[11:07:26.42] Domain vortex-win.data.metron.live.com.nsatc.net ADDED | |
[11:07:26.44] Domain vortex-win.data.microsoft.com ADDED | |
[11:07:26.44] Domain watson.live.com ADDED | |
[11:07:26.45] Domain watson.microsoft.com.nsatc.net ADDED | |
[11:07:26.47] Domain watson.ppe.telemetry.microsoft.com ADDED | |
[11:07:26.47] Domain watson.telemetry.microsoft.com ADDED | |
[11:07:26.48] Domain watson.telemetry.microsoft.com.nsatc.net ADDED | |
[i] Disable automatic windows update (make search, but you must manually select updates to install) | |
[i] Exit after 60 seconds, or press any key for exit now |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment