* C:\ProgramData\Windows Security\winsecurity.exe (PID: 2220) [AU-HEUR] * C:\ProgramData\Microsoft\Network\Dsq\network\sysnetwk.exe (PID: 3600) [AU-HEU R] 2 proccesses terminated! Active Proxy Server Detected * Proxy Disabled. * ProxyOverride value deleted. * ProxyServer value deleted. * AutoConfigURL value deleted. * Proxy settings were backed up to Registry file. Checking Registry for malware related settings: * No issues found in the Registry. Backup Registry file created at: C:\Users\M'wa\Desktop\rkill\rkill-03-16-2017-09-45-36.reg Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * Windows Automatic Updates Disabled [HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] "NoAutoUpdate" = dword:00000001 * Windows Firewall Disabled [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolic y\StandardProfile] "EnableFirewall" = dword:00000000 * Reparse Point/Junctions Found (Most likely legitimate)! * C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows \INetCache\Content.IE5 => C:\Windows\ServiceProfiles\NetworkService\AppData\Loca l\Microsoft\Windows\INetCache\IE [Dir] Checking Windows Service Integrity: * Security Center (wscsvc) is not Running. Startup Type set to: Disabled * swenum => \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_2a 699e44676b7781\swenum.sys [Incorrect ImagePath] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 03/16/2017 09:46:33 AM Execution time: 0 hours(s), 1 minute(s), and 1 seconds(s)