Hello,
No problems running several of the rkill options except they each caused Avira to block access to the Hosts files. The log mentions a procedure to be used if this happens but I did not do it.
I have included the log even though you didn't ask for it and have marked off the mentioned procedure.
Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 11/02/2016 07:55:42 PM in x64 mode.
Windows Version: Windows 10 Home
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* gagp30kx [Missing Service]
* IEEtwCollectorService [Missing Service]
* IoQos [Missing Service]
* nv_agp [Missing Service]
* TimeBroker [Missing Service]
* tunnel [Missing Service]
* uagp35 [Missing Service]
* uliagpkx [Missing Service]
* WcsPlugInService [Missing Service]
* wpcfltr [Missing Service]
* WSService [Missing Service]
* agp440 [Missing ImagePath]
* AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
* WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
* vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
* vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
Searching for Missing Digital Signatures:
* No issues found.
__________________________________________________________________________________________________________
Checking HOSTS File:
* Cannot edit the HOSTS file.
* Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingcomputer.com/download/hosts-permbat/
* HOSTS file entries found:
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
20 out of 15494 HOSTS entries shown.
Please review HOSTS file for further entries.
________________________________________________________________________________________________________
Program finished at: 11/02/2016 07:55:48 PM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)
Malwarebytes Anti-Malware found nothing so I did not restart at this point
Log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Update, 11/2/2016 9:06 AM, SYSTEM, TOSHIBA, Manual, Domain Database, 2016.11.1.6, 2016.11.2.1,
Update, 11/2/2016 9:07 AM, SYSTEM, TOSHIBA, Manual, Malware Database, 2016.11.1.12, 2016.11.2.7,
Scan, 11/2/2016 10:35 AM, SYSTEM, TOSHIBA, Manual, Start:11/2/2016 9:07 AM, Duration:15 min 54 sec, Threat Scan, Completed, 2 Malware Detections, 0 Non-Malware Detections,
Update, 11/2/2016 11:08 AM, SYSTEM, TOSHIBA, Manual, Malware Database, 2016.11.2.7, 2016.11.2.8,
Scan, 11/2/2016 11:18 AM, SYSTEM, TOSHIBA, Manual, Start:11/2/2016 11:08 AM, Duration:9 min 36 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Update, 11/2/2016 7:57 PM, SYSTEM, TOSHIBA, Manual, IP Database, 2016.10.31.1, 2016.11.2.1,
Update, 11/2/2016 7:57 PM, SYSTEM, TOSHIBA, Manual, Domain Database, 2016.11.2.1, 2016.11.2.11,
Update, 11/2/2016 7:57 PM, SYSTEM, TOSHIBA, Manual, Malware Database, 2016.11.2.8, 2016.11.2.13,
Scan, 11/2/2016 8:07 PM, SYSTEM, TOSHIBA, Manual, Start:11/2/2016 7:57 PM, Duration:9 min 37 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
(end)
Farbar Service Scanner Version: 27-01-2016
Ran by John Sigler (administrator) on 02-11-2016 at 20:14:53
Running from "C:\Users\John\Desktop"
Microsoft Windows 10 Home (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Policy:
========================
Security Center:
============
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
The computer seems more responsive but it is hard to be sure. I'm running an Avira scan which took almost 5 hours before I contacted you and this is a computer that is only at about 13% of capacity. Avira normally scans my desktop in about 40 minutes.
If you would, let me know what actions I should take based on this and I will give you a better response on the current state of the computer tomorrow.
Thanks, John