[Virus Removal] Is Your Computer Infected with Virus, Spyware or Other Malware?

If your computer system running slow and giving you random problems, it might be infected with some virus, spyware, adware, trojan or other malware programs. Don't worry, this topic will help you in removing all malicious software from your PC.

Just follow these simple steps:

STEP 1: Post Your HijackThis Log File Content

Download HijackThis tool from the link given below and scan your computer with it. It'll generate a log file, copy the content of the log file and post in your comment.

Download HijackThis Tool

STEP 2: Fix Suggested Entries in Safe Mode

Note down the suggested entries and boot your Windows in Safe Mode by pressing "F8" key at system startup and select "Safe Mode" option. If you can't boot into Safe Mode, check following topics:

Once you boot into Safe Mode, run HijackThis again, select all suggested entries and click on "Fix checked" button.

HijackThis_Fixing.png

Restart your computer and it'll remove the suspicious items from your computer system.

Don't forget to install a good antivirus and anti-spyware in your computer and scan your computer system regularly with the antivirus and anti-spyware for better protection.

[Top 5] Best Free Antivirus and Anti-Spyware Software for Windows

You can also use online scanners to scan your system for free:

Ultimate Collection of Best Free Online Virus Scanners

STEP 3: Fix Other Remaining Issues and Make Windows Faster

If you still face other problems such as Task Manager, Registry Editor, etc disabled, check out following topic to fix it:

[Help & Support] Frequently Asked Problems (FAQ) with Solutions

PS: Comments in this topic are deleted on regular basis to reduce database overhead. So don't think too much if your comment gets deleted.





Share this article: Facebook | Twitter | Google+ | Reddit | Tell a friend

Posted in: Troubleshooting


Other similar articles that may interest you


Comments

  • VG

    Older comments removed from the topic!

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 11:37:28 PM, on 19/9/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.14393.0000)

    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\RocketDock\Rocketdock.exe
    C:\Users\Aspire E15\Downloads\Programs\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = acer13.msn.com/?pc=ACJB
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
    O2 - BHO: (no name) - {27DD0F8B-3E0E-4ADC-A78A-66047E71ADC5} - C:\Users\Aspire E15\Downloads\Compressed\OldNewExplorer\OldNewExplorer32.dll
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
    O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files (x86)\RocketDock\Rocketdock.exe"
    O4 - HKCU\..\Run: [nppApplication] "C:\Users\Aspire E15\AppData\Roaming\NotepadPlusPlusApp\nppApplication.exe"
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - (no file)
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - ESC Trusted Zone: *.connectify.me
    O15 - ESC Trusted Zone: *.fastspring.com
    O15 - ESC Trusted Zone: *.connectify.me (HKLM)
    O15 - ESC Trusted Zone: *.fastspring.com (HKLM)
    O17 - HKLM\System\CCS\Services\Tcpip\..\{20fd8c04-5a0d-46ae-bbee-28b460af580b}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CS1\Services\Tcpip\..\{20fd8c04-5a0d-46ae-bbee-28b460af580b}: NameServer = 8.8.8.8,8.8.4.4
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Connectify - Connectify - C:\Program Files (x86)\Connectify\ConnectifyService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel Bluetooth Service (iBtSiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
    O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 10882 bytes

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 11:41:27 PM, on 9/19/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.14393.0000)

    Boot mode: Normal

    Running processes:
    C:\Users\akour\AppData\Local\FluxSoftware\Flux\flux.exe
    C:\Program Files (x86)\Internet Download Manager\IDMan.exe
    C:\Program Files (x86)\Launchy\Launchy.exe
    C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
    C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe
    C:\Users\akour\Desktop\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
    O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\akour\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [f.lux] "C:\Users\akour\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
    O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
    O4 - Startup: Launchy.lnk = C:\Program Files (x86)\Launchy\Launchy.exe
    O4 - Global Startup: SOLIDWORKS 2016 Fast Start.lnk = ?
    O4 - Global Startup: SOLIDWORKS Background Downloader.lnk = ?
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\vsocklib.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: AdaptiveSleepService - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
    O23 - Service: @oem15.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: DTSInterops (CoordinatorServiceHost) - Dassault Systèmes SolidWorks Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
    O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
    O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\WINDOWS\system32\inetsrv\inetinfo.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: KMS-R@1n - Unknown owner - C:\Windows\KMS-R@1n.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: NitroPDFDriverCreatorReadSpool10 (NitroDriverReadSpool10) - Nitro PDF Software - C:\Program Files\Nitro\Pro 10\NitroPDFDriverService10x64.exe
    O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 10\Nitro_UpdateService.exe
    O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
    O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
    O23 - Service: Remote Solver for Flow Simulation 2016 (RemoteSolverDispatcher) - Mentor Graphics Corporation - C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
    O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: ShareItSvc - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SysWoW64\vmnetdhcp.exe
    O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SysWoW64\vmnat.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSVC) - Unknown owner - C:\WINDOWS\system32\inetsrv\wmsvc.exe (file missing)
    O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe

    --
    End of file - 13831 bytes

  • VG

    @miko
    You can fix following:

    O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    O4 - HKLM\..\Run: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe

    @hxd
    Its clean.

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 12:19:04 AM, on 9/23/2016
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v8.00 (8.00.7601.17514)

    FIREFOX: 23.0 (en-US)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    C:\Program Files (x86)\CyberLink\Shared files\brs.exe
    C:\Users\midan\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid=CT2475029
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    F2 - REG:system.ini: UserInit=userinit.exe
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
    O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
    O4 - HKCU\..\Run: [MyComGames] "C:\Users\midan\AppData\Local\MyComGames\MyComGames.exe" -autostart
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 7281 bytes

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 23:38:35, on 22/09/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10586.0589)

    Boot mode: Normal

    Running processes:
    C:\Program Files\Webroot\WRSA.exe
    C:\PROGRA~2\GbPlugin\GbpSv.exe
    C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
    C:\Users\Newdete\AppData\Roaming\Spotify\Spotify.exe
    C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
    C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe
    C:\Users\Newdete\AppData\Roaming\Spotify\SpotifyCrashService.exe
    C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
    C:\Users\Newdete\AppData\Roaming\Spotify\Spotify.exe
    C:\Users\Newdete\AppData\Roaming\Spotify\SpotifyWebHelper.exe
    C:\Users\Newdete\AppData\Roaming\Spotify\Spotify.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
    C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
    C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
    C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
    C:\Users\Newdete\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hao.360.cn/?installer
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hao.360.cn/?installer
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
    O2 - BHO: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
    O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
    O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\ssv.dll
    O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\Newdete\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll
    O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.4.155\AVG Web TuneUp.dll
    O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll
    O2 - BHO: Webroot Vault - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\pkg\LPBar.dll
    O2 - BHO: Webroot Filtering Extension - {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll
    O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_92\bin\jp2ssv.dll
    O3 - Toolbar: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
    O3 - Toolbar: Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll
    O4 - HKLM\..\Run: [RadioController] "C:\Program Files (x86)\RadioController\RfBtnHelper.exe" Start_Run
    O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
    O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
    O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
    O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
    O4 - HKLM\..\Run: [Discord] C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
    O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
    O4 - HKLM\..\Run: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
    O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
    O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
    O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Newdete\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
    O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE /EPT "EPLTarget\P0000000000000002" /M "L355 Series"
    O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe" -autorun
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
    O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Newdete\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
    O4 - HKCU\..\Run: [SharewareOnSale Notifier] C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe
    O4 - HKCU\..\Run: [Spotify] "C:\Users\Newdete\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
    O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
    O4 - HKCU\..\Run: [Discord] C:\Users\Newdete\AppData\Local\Discord\app-0.0.296\Discord.exe
    O4 - HKCU\..\Run: [MicroUpdate] C:\WINDOWS\system32\MSDCSC\msdcsc.exe
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
    O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Newdete\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'SERVIÇO DE REDE')
    O4 - HKUS\S-1-5-21-1714893910-1096543350-1009673302-501\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Convidado')
    O4 - HKUS\S-1-5-21-1714893910-1096543350-1009673302-501\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'Convidado')
    O4 - Startup: buzcoi.vbs
    O4 - Startup: Curse.lnk = Newdete\AppData\Roaming\Curse Client\Bin\Curse.exe
    O4 - Startup: CurseClientStartup.ccip
    O4 - Startup: ekduvke.vbs
    O4 - Startup: Enviar para o OneNote.lnk = C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
    O4 - Startup: gntofxt.vbs
    O4 - Startup: ixexegzk.vbs
    O4 - Startup: MEGAsync.lnk = Newdete\AppData\Local\MEGAsync\MEGAsync.exe
    O4 - Startup: mnlmzegl.vbs
    O4 - Startup: qhotxjccw.vbs
    O4 - Startup: rltrfyytxa.vbs
    O4 - Startup: ugezsylxdx.vbs
    O4 - Startup: ukgccvzbvr.vbs
    O4 - Startup: xavuhdmlbsd.vbs
    O4 - Startup: yudaedzcmmb.vbs
    O4 - Startup: zchvfgrnics.vbs
    O4 - Startup: zjumpgpjayf.vbs
    O4 - Global Startup: Install LastPass IE RunOnce.lnk = C:\Program Files (x86)\Common Files\wruninstall.exe
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O8 - Extra context menu item: Baixar com Mipony - file://C:\Program Files (x86)\MiPony\Browser\IEContext.htm
    O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
    O9 - Extra button: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Clique para Telefonar do Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
    O9 - Extra button: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll
    O9 - Extra 'Tools' menuitem: Webroot - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\ProgramData\WRData\pkg\LPBar.dll
    O9 - Extra button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: bancobrasil.com.br
    O15 - Trusted Zone: www14.bancobrasil.com.br
    O15 - Trusted Zone: www2.bancobrasil.com.br
    O15 - Trusted Zone: bb.com.br
    O15 - Trusted Zone: bb.com.br
    O15 - Trusted Zone: imagem.caixa.gov.br
    O15 - Trusted Zone: internetbanking.caixa.gov.br
    O15 - Trusted Zone: internetbankingpf.caixa.gov.br
    O15 - Trusted Zone: caixa.gov.br
    O15 - Trusted Zone: caixa.gov.br
    O15 - Trusted Zone: *.hola.org
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1bce52db-4f73-46f7-a18d-9fa43be59491}: NameServer = 8.8.8.8,8.8.4.4
    O17 - HKLM\System\CCS\Services\Tcpip\..\{917196b3-8f4e-4b25-ac62-1ec7dabbda2e}: NameServer = 8.8.8.8,8.8.4.4
    O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
    O20 - Winlogon Notify: GbPluginBb - C:\Program Files (x86)\GbPlugin\gbieh.dll
    O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
    O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
    O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
    O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
    O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
    O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
    O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
    O23 - Service: Epson Scanner Service (EpsonScanSvc) - Unknown owner - C:\WINDOWS\system32\EscSvc64.exe (file missing)
    O23 - Service: EPSON V3 Service4(05) (EPSON_PM_RPCV4_05) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
    O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Gbp Service (GbpSv) - GAS Tecnologia - C:\PROGRA~2\GbPlugin\GbpSv.exe
    O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
    O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - c:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: Service Installer TrueKey (InstallerService) - McAfee, Inc. - C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
    O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: LenovoPcManagerService - Lenovo Corporation - C:\Program Files (x86)\Lenovo\PCManager\LenovoPcManagerService.exe
    O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
    O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
    O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
    O23 - Service: Orolix Device Monitor (OrolixDeviceMonitor) - Orolix Desenvolvimento de Software LTDA. - C:\Program Files (x86)\TIM Communicator\module\devicemon.exe
    O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
    O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
    O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
    O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
    O23 - Service: RelevantKnowledge - Unknown owner - C:\Program Files (x86)\RelevantKnowledge\rlservice.exe (file missing)
    O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: SoEasySvc - Unknown owner - C:\Program Files (x86)\SoSoEasy\SoSoEasySvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: TunngleService - Tunngle.net GmbH - C:\Program Files (x86)\Tunngle\TnglCtrl.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
    O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\SysWOW64\vmnetdhcp.exe
    O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
    O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\SysWOW64\vmnat.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: WRSVC - Webroot - C:\Program Files\Webroot\WRSA.exe
    O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

    --
    End of file - 26156 bytes

  • VG

    @Vítor Braúna
    Fix following:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hao.360.cn/?installer
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hao.360.cn/?installer
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = %66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoG1GcnEQ_XpzuQqVl4n9Lz4WUPv1VAHirZxRfOTjEvJscDPC2GjacIL-nvooXHTO_mTf-slYeCbztnU_nyurrc3WOHSZaY7z4892egRRlV0fnRtR6m9UY80_fH26Cm-iaGBtZFpLPKJpFSScmzi8X2SC7z_lEQfE8V0BrFjZyg,,&q={searchTerms}
    O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\Newdete\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll
    O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
    O4 - HKCU\..\Run: [MicroUpdate] C:\WINDOWS\system32\MSDCSC\msdcsc.exe
    O4 - Startup: buzcoi.vbs
    O4 - Startup: ekduvke.vbs
    O4 - Startup: gntofxt.vbs
    O4 - Startup: ixexegzk.vbs
    O4 - Startup: MEGAsync.lnk = Newdete\AppData\Local\MEGAsync\MEGAsync.exe
    O4 - Startup: mnlmzegl.vbs
    O4 - Startup: qhotxjccw.vbs
    O4 - Startup: rltrfyytxa.vbs
    O4 - Startup: ugezsylxdx.vbs
    O4 - Startup: ukgccvzbvr.vbs
    O4 - Startup: xavuhdmlbsd.vbs
    O4 - Startup: yudaedzcmmb.vbs
    O4 - Startup: zchvfgrnics.vbs
    O4 - Startup: zjumpgpjayf.vbs
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

    @midan
    Fix following:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.conduit.com?SearchSource=10&ctid=CT2475029
    R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\tbMyAs.dll
    O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll
    O4 - HKCU\..\Run: [MyComGames] "C:\Users\midan\AppData\Local\MyComGames\MyComGames.exe" -autostart
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 2:36:45 AM, on 9/24/2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.14393.0000)

    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\LuckyBrowse\app\luckybrowse.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
    C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
    C:\Users\Dorgil-pc\Music\HijackThis.exe
    C:\Users\Dorgil-pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    C:\Users\Dorgil-pc\AppData\Roaming\uTorrent\uTorrent.exe
    C:\Program Files (x86)\NATCOM 3G\UIExec.exe
    C:\Users\Dorgil-pc\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe
    C:\Users\Dorgil-pc\AppData\Roaming\uTorrent\updates\3.4.8_42576\utorrentie.exe
    C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\NATCOM 3G\UIMain.exe
    C:\Program Files (x86)\NATCOM 3G\CMUpdater.exe
    C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    C:\WINDOWS\SysWOW64\RunDll32.exe
    C:\Program Files (x86)\Lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera_crashreporter.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe
    C:\Program Files (x86)\Opera\40.0.2308.62\opera.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = lenovo15.msn.com/?pc=LCTE
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/?LinkID=617910&ResetID=131186510109080872&GUID=67B25B9A-5629-4624-98EB-D6628116246C
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com/fwlink/p/?LinkId=255141
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = go.microsoft.com/fwlink/p/?LinkId=255141
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=
    O4 - HKLM\..\Run: [UIExec] "C:\Program Files (x86)\NATCOM 3G\UIExec.exe"
    O4 - HKLM\..\Run: [5KPlayer.exe] "C:\Program Files (x86)\DearMob\5KPlayer\5KPlayer.exe" -auto
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\Dorgil-pc\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [uTorrent] "C:\Users\Dorgil-pc\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
    O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
    O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\OLBPre\OLBPre.exe
    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{89C07A12-14AE-4366-80FA-FEEB9275A5BD}: NameServer = 186.1.192.1 8.8.8.8
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AutoRoamingService - Unknown owner - C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\AutoRoaming.exe
    O23 - Service: BitComet Disk Boost Service (BITCOMET_HELPER_SERVICE) - BitComet.com - C:\Program Files\BitComet\tools\BitCometService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Unknown owner - C:\WINDOWS\system32\IntelCpHDCPSvc.exe (file missing)
    O23 - Service: Dolby DAX2 API Service (DAX2API) - Unknown owner - C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: System Interface Foundation Service (ImControllerService) - Lenovo Group Limited - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: LSCWinService - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files (x86)\NATCOM 3G\AssistantServices.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: ymc - Lenovo - C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
    O23 - Service: YogaPLService - Unknown owner - C:\ProgramData\Lenovo\PLHotkeyService\PLHotkeyService.exe

    --
    End of file - 11727 bytes

  • VG

    ^^ You can fix following:

    O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

  • Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 00:19:00, on 26-09-2016
    Platform: Unknown Windows (WinNT 6.02.1008)
    MSIE: Internet Explorer v11.0 (11.00.10586.0589)

    Boot mode: Normal

    Running processes:
    C:\Users\rashi\AppData\Local\FluxSoftware\Flux\flux.exe
    C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
    C:\Users\rashi\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = dell15.msn.com/?pc=DCTE
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = dell15.msn.com/?pc=DCTE
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8080;https=127.0.0.1:8080
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=wscript C:\WINDOWS\run.vbs,
    O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
    O4 - HKLM\..\Run: [WordWeb] "C:\Program Files (x86)\WordWeb\wweb32.exe" -startup
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [app] C:\Program Files (x86)\sbqh\uc.exe
    O4 - HKCU\..\Run: [OneDrive] "C:\Users\rashi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\system32\StikyNot.exe
    O4 - HKCU\..\Run: [svchost0] C:\Program Files (x86)\sbqh\uc.exe
    O4 - HKCU\..\Run: [Mojorojoup] C:\Users\rashi\AppData\Local\Feeder\Feederup.exe
    O4 - HKCU\..\Run: [Feeder] C:\Users\rashi\AppData\Local\Feeder\Feeder.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
    O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
    O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
    O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
    O18 - Protocol: WSKVAllmytubechrome - (no CLSID) - (no file)
    O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
    O23 - Service: AbtSvcHost - Absolute Software Corp. - C:\WINDOWS\SysWOW64\AbtSvcHost_.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Colon Fax Machine (cykunopo) - Unknown owner - C:\Program.exe (file missing)
    O23 - Service: Dell Customer Connect - Dell Inc. - C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
    O23 - Service: Dell Foundation Services - Dell - C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
    O23 - Service: Dell Help & Support - Unknown owner - C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
    O23 - Service: Dell Product Registration - Dell - C:\Program Files\Dell\Product Registration\PRSvc.exe
    O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
    O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
    O23 - Service: @oem10.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\WINDOWS\SysWOW64\esif_uf.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    O23 - Service: Intel Bluetooth Service (ibtsiva) - Intel Corporation - C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
    O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
    O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
    O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
    O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
    O23 - Service: McAfee Boot Delay Start Service (McBootDelayStartSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
    O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
    O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
    O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
    O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\WINDOWS\system32\mfevtps.exe (file missing)
    O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
    O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
    O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: Intel Security PEF Service (PEFService) - Intel Security, Inc. - C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    O23 - Service: Remote Procedure Call (RPC) LD (rpcld) - Unknown owner - C:\ProgramData\Rpcnet\Bin\rpcld.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
    O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\WINDOWS\SysWOW64\rpcnet.exe
    O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

    --
    End of file - 14623 bytes

    Also, my hosts file is uneditable and it has the following lines:

    127.0.0.1 down.baidu2016.com

    127.0.0.1 123.sogou.com

    127.0.0.1 czzsyzgm.com

    127.0.0.1 czzsyzxl.com

    127.0.0.1 union.baidu2019.com

    Is that a problem?
    Also, everytime I search on google, I'm taken to some cse.google.com. Is that a problem too?
    I have Mcafee subscribed anti-virus.
    Thank you.

  • VG

    ^^ Fix following:

    F2 - REG:system.ini: UserInit=wscript C:\WINDOWS\run.vbs,
    O4 - HKLM\..\Run: [app] C:\Program Files (x86)\sbqh\uc.exe
    O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\system32\StikyNot.exe
    O4 - HKCU\..\Run: [svchost0] C:\Program Files (x86)\sbqh\uc.exe
    O4 - HKCU\..\Run: [Mojorojoup] C:\Users\rashi\AppData\Local\Feeder\Feederup.exe
    O4 - HKCU\..\Run: [Feeder] C:\Users\rashi\AppData\Local\Feeder\Feeder.exe

    To fix Hosts file problem, try following:

    http://www.askvg.com/host-mechanic-freeware-to-edit-delete-or-restore-hosts-file-in-windows/

Leave a Comment

(required)