Rkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 01/05/2017 08:47:56 PM in x86 mode. Windows Version: Windows 10 Pro Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Windows\System32\NA_Service.exe (PID: 1572) [WD-HEUR] * C:\Windows\System32\UsbConnect.exe (PID: 1784) [WD-HEUR] * C:\Windows\System32\UsbConsole.exe (PID: 2504) [WD-HEUR] * C:\Windows\System32\ModbusDrvSys.exe (PID: 2508) [WD-HEUR] * C:\Windows\System32\ModbusDrv.exe (PID: 9132) [WD-HEUR] * C:\Users\bassi ali\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe (PID: 8620) [UP-HEUR] 6 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 Checking Windows Service Integrity: * b06bdrv [Missing Service] * ebdrv [Missing Service] * gagp30kx [Missing Service] * iaLPSSi_GPIO [Missing Service] * iaLPSSi_I2C [Missing Service] * ibbus [Missing Service] * IEEtwCollectorService [Missing Service] * IoQos [Missing Service] * ksthunk [Missing Service] * mlx4_bus [Missing Service] * ndfltr [Missing Service] * nv_agp [Missing Service] * PerfHost [Missing Service] * TimeBroker [Missing Service] * uagp35 [Missing Service] * uliagpkx [Missing Service] * vpci [Missing Service] * WcsPlugInService [Missing Service] * WinMad [Missing Service] * WinVerbs [Missing Service] * wpcfltr [Missing Service] * WSService [Missing Service] * agp440 [Missing ImagePath] * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath] * NetTcpPortSharing => %systemroot%\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [Incorrect ImagePath] * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath] * PrintNotify => C:\WINDOWS\system32\spool\drivers\W32X86\3\PrintConfig.dll [Incorrect ServiceDLL] * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 20 out of 36 HOSTS entries shown. Please review HOSTS file for further entries. Program finished at: 01/05/2017 08:50:18 PM Execution time: 0 hours(s), 2 minute(s), and 22 seconds(s)