ÿþRkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 03/12/2017 01:10:57 AM in x86 mode. Windows Version: Windows Se7en Titan Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * Advanced Explorer Setting Removed: HideIcons [HKCU] Backup Registry file created at: C:\Users\H3DMi\Desktop\rkill\rkill-03-12-2017-01-11-01.reg Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 * Windows Firewall Disabled [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = dword:00000000 Checking Windows Service Integrity: * Windows Defender (WinDefend) is not Running. Startup Type set to: Manual * Windows Update (wuauserv) is not Running. Startup Type set to: Manual Searching for Missing Digital Signatures: * C:\Windows\System32\UxTheme.dll : 249,856 : 10/26/2009 11:24 PM : 5ae8fd64fc69a242c572968e1d4e6eb2 [NoSig] +-> C:\Windows\winsxs\x86_microsoft-windows-uxtheme_31bf3856ad364e35_6.1.7600.16385_none_a5baf0f767e33083\uxtheme.dll : 249,856 : 10/26/2009 11:24 PM : 5ae8fd64fc69a242c572968e1d4e6eb2 [Pos Repl] Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com Program finished at: 03/12/2017 01:22:47 AM Execution time: 0 hours(s), 11 minute(s), and 49 seconds(s)