Rkill 2.9.1 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2017 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 08/01/2017 06:23:01 PM in x64 mode. Windows Version: Windows 10 Pro Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * C:\Users\brahi\AppData\Roaming\gplyra\gplyra.exe (PID: 7724) [UP-HEUR] * C:\Users\brahi\Downloads\ZHPDiag3.exe (PID: 13288) [UP-HEUR] 2 proccesses terminated! Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Defender Disabled [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware" = dword:00000001 * Reparse Point/Junctions Found (Most likely legitimate)! * C:\WINDOWS\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 127.0.0.1 api.buildbox.com 127.0.0.1 https://api.buildbox.com/ 127.0.0.1 https://api.buildbox.com/app/v3/verify 127.0.0.1 l.heouts.com Program finished at: 08/01/2017 06:23:39 PM Execution time: 0 hours(s), 0 minute(s), and 38 seconds(s)