Rkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 02/05/2017 04:32:10 PM in x64 mode. Windows Version: Windows 10 Pro Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Users\User\AppData\Local\scinfo\scinfo.exe (PID: 2376) [UP-HEUR] 1 proccess terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 * Reparse Point/Junctions Found (Most likely legitimate)! * C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir] Checking Windows Service Integrity: * gagp30kx [Missing Service] * IEEtwCollectorService [Missing Service] * IoQos [Missing Service] * nv_agp [Missing Service] * TimeBroker [Missing Service] * uagp35 [Missing Service] * uliagpkx [Missing Service] * WcsPlugInService [Missing Service] * wpcfltr [Missing Service] * WSService [Missing Service] * agp440 [Missing ImagePath] * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath] * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath] * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 02/05/2017 04:33:01 PM Execution time: 0 hours(s), 0 minute(s), and 50 seconds(s)