New
#11
RKILL found nothing then closed
Rkill 2.8.4 by Lawrence Abrams (Grinler)
BleepingComputer.com - News, Reviews, and Technical Support
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
RKill - What it does and What it Doesnt - A brief introduction to the program - Anti-Virus, Anti-Malware, and Privacy Software
Program started at: 08/13/2016 03:15:03 AM in x64 mode.
Windows Version: Windows 10 Home
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* gagp30kx [Missing Service]
* IEEtwCollectorService [Missing Service]
* IoQos [Missing Service]
* nv_agp [Missing Service]
* TimeBroker [Missing Service]
* uagp35 [Missing Service]
* uliagpkx [Missing Service]
* WcsPlugInService [Missing Service]
* wpcfltr [Missing Service]
* WSService [Missing Service]
* agp440 [Missing ImagePath]
* AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
* WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
* vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
* vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* HOSTS file entries found:
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 http://www.czzsyzgm.com
127.0.0.1 http://www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 platform.wondershare.com
Program finished at: 08/13/2016 03:16:49 AM
Execution time: 0 hours(s), 1 minute(s), and 46 seconds(s)
JRK -
File System: 1
Successfully deleted: C:\Users\Alex\Appdata\LocalLow\company (Folder)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_AD2529C7DB5B63D28C2336238 5276129 (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A8C3BAA-AA11-45DB-9228-8F22C27379D1} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{6A8C3BAA-AA11-45DB-9228-8F22C27379D1} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/08/2016 at 3:23:00.03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
rest coming......