Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/12/2016 08:34:46 PM in x64 mode.
Windows Version: Windows 10 Pro 

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Radek\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe (PID: 6912) [UP-HEUR]
 * C:\Users\Radek\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe (PID: 6712) [UP-HEUR]
 * C:\Users\Radek\AppData\Roaming\AzigcWig\Geeswu.exe (PID: 1912) [UP-HEUR]
 * C:\Users\Radek\AppData\Roaming\Hemkajdoa\Hemkajdoa.exe (PID: 5676) [UP-HEUR]
 * C:\Users\Radek\AppData\Roaming\Hemkajdoa\Sejheb.exe (PID: 3788) [UP-HEUR]
 * C:\Users\Radek\Origin\QtWebEngineProcess.exe (PID: 2260) [UP-HEUR]
 * C:\Users\Radek\Origin\QtWebEngineProcess.exe (PID: 2512) [UP-HEUR]
 * C:\Users\Radek\Origin\QtWebEngineProcess.exe (PID: 3168) [UP-HEUR]

8 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 => C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\INetCache\IE [Dir]

Checking Windows Service Integrity: 

 * Centrum zabezpieczeń (wscsvc) is not Running.
   Startup Type set to: Automatic (Delayed Start)

 * agp440 [Missing Service]
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]

 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]

 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * HOSTS file entries found: 

  127.0.0.1       down.baidu2016.com
  127.0.0.1       123.sogou.com
  127.0.0.1       www.czzsyzgm.com
  127.0.0.1       www.czzsyzxl.com
  127.0.0.1       union.baidu2019.com
  127.0.0.1       down.baidu2016.com
  127.0.0.1       123.sogou.com
  127.0.0.1       www.czzsyzgm.com
  127.0.0.1       www.czzsyzxl.com
  127.0.0.1       union.baidu2019.com

Program finished at: 10/12/2016 08:34:53 PM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)