Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

\AppData\local\Conduit\BackgroundContainer????


  • Please log in to reply
13 replies to this topic

#1 Trent E.

Trent E.

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 11:45 AM

Mod Edit: Moved to Am I Infected forum. ~~ boopme

Hello,
 
  I get this C:\users\HP\AppData\local\Conduit\BackgroundContainer\BachgroundContainer.dll error everytime I startup my computer. I do not know what it is and a lot of software I use seems to be crashing a lot. If anyone can help me with this I would greatly appreciate it. Thanks.

Edited by boopme, 09 December 2013 - 12:21 PM.


BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 09 December 2013 - 11:53 AM

Hi Trent E.,
 
It's not unusual to receive such an error(s) when "booting up" after using anti-virus and other security scanning tools to remove a malware infection.
A "Cannot find...", "Could not run...", "Error loading... or "specific module could not be found" message is usually related to a malware file that was set to run at startup in the registry but has been deleted. Windows is trying to load this file but cannot locate it since the file was mostly likely removed during an anti-virus or anti-malware scan. However, an associated orphaned registry entry still remains and is telling Windows to load the file when you boot up. Since the file no longer exists, Windows will display an error message. You need to remove this registry entry so Windows stops searching for the file when it loads.
 
Lets get a log from autoruns in order to find where the value is running from and disable it:
 
Please download Autoruns.
 
Open Downloads in your browser and click on the Autoruns download.
 
Click on Run to initiate the installation.
 
When Autoruns loads you will see an image similar to the one below.
 
autorunsscreen_zps2ac55e2e.png
 
Click on File, then click on Save.
 
You will see an image similar to the one below.
 
autorunsscreen1_zps8a35cb1a.png
 
Choose Desktop as the destination, then click on the down arrow in the Save as type: box and click on Text (*.txt), then click on Save.
 
There will be a Text icon on the desktop titled AutoRuns, click on it to open the log.
 
Copy the log and paste it in your next post.
 
xXToffeeXx~

If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#3 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 12:00 PM

Ok this is crazy long...

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 11:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/16/2013 8:23 AM"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe" "10/23/2013 7:12 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "12/9/2013 10:52 AM"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "4/16/2013 10:13 PM"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "5/1/2013 5:42 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "9/6/2009 8:56 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 6:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "9/6/2009 8:56 PM"
+ "Google Chrome" "Google Chrome" "Google Inc." "c:\program files (x86)\google\chrome\application\31.0.1650.63\installer\chrmstp.exe" "12/3/2013 8:54 PM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 6:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/11/2013 9:22 AM"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "11/20/2010 5:24 AM"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2013 8:04 AM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 7:12 PM"
+ "Mediafour MacDrive Context Menu" "MacDrive Shell Extensions" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdshell.dll" "4/26/2010 10:49 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "4/4/2012 1:20 AM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "4/4/2012 1:06 AM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 7:12 PM"
+ "Mediafour MacDrive Context Menu" "MacDrive Shell Extensions" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdshell.dll" "4/26/2010 10:49 AM"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll" "3/5/2010 1:13 PM"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2013 8:04 AM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll" "10/23/2013 7:12 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "4/4/2012 1:20 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "4/4/2012 1:06 AM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "4/4/2012 1:20 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "4/4/2012 1:06 AM"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "Mediafour Mac file properties" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll" "3/5/2010 1:13 PM"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "Monitor" "BTNCopy Module" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btncopy.dll" "6/9/2010 1:13 AM"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2013 8:04 AM"
+ " SkyDriveEx" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "ACE" "AMD Desktop Control Panel" "Advanced Micro Devices, Inc." "c:\program files (x86)\ati technologies\ati.ace\core-static\atiacm64.dll" "9/9/2010 1:06 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 8:32 PM"
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll" "7/28/2010 3:27 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 11:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 8:09 PM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "Mediafour Mac file columns" "MacDrive file properties resources" "Mediafour Corporation" "c:\program files\common files\mediafour\macfprop.dll" "3/5/2010 1:13 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "5/8/2013 5:17 AM"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Apache Software Foundation" "c:\program files (x86)\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll" "8/10/2012 9:51 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "4/4/2012 1:20 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "4/4/2012 1:06 AM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "4/4/2012 1:20 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "7/2/2012 4:14 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "4/4/2012 1:06 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "12/9/2013 11:49 AM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\amd64\skydriveshell64.dll" "11/12/2012 2:55 PM"
+ " SkyDrivePro1 (ErrorConflict)" "Microsoft SkyDrive Pro Extensions" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll" "10/17/2013 2:32 AM"
+ " SkyDrivePro2 (SyncInProgress)" "Microsoft SkyDrive Pro Extensions" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll" "10/17/2013 2:32 AM"
+ " SkyDrivePro3 (InSync)" "Microsoft SkyDrive Pro Extensions" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll" "10/17/2013 2:32 AM"
+ "MacDrive volume icons" "MDVolumeIcons.dll" "Mediafour Corporation" "c:\program files\mediafour\macdrive 8\mdvolumeicons.dll" "6/23/2009 11:03 AM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "12/9/2013 11:55 AM"
+ " SkyDrive1" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\skydriveshell.dll" "11/12/2012 3:30 PM"
+ " SkyDrive2" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\skydriveshell.dll" "11/12/2012 3:30 PM"
+ " SkyDrive3" "Microsoft SkyDrive Shell Extension" "Microsoft Corporation" "c:\users\hp\appdata\local\microsoft\skydrive\17.0.2003.1112\skydriveshell.dll" "11/12/2012 3:30 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "12/9/2013 11:49 AM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll" "4/12/2010 6:29 PM"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll" "4/12/2010 6:29 PM"
+ "Lync Browser Helper" "Microsoft Lync" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll" "8/20/2013 9:40 PM"
+ "Microsoft SkyDrive Pro Browser Helper" "Microsoft SkyDrive Pro Extensions" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\grooveex.dll" "10/17/2013 2:32 AM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\urlredir.dll" "9/14/2013 2:39 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 5:11 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "12/9/2013 11:55 AM"
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll" "5/8/2013 4:58 AM"
+ "HP Network Check Helper" "HP Network Check IE Plug-in" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\hpnetworkcheckplugin.dll" "7/9/2012 5:45 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\jp2ssv.dll" "6/21/2013 3:51 PM"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files (x86)\java\jre7\bin\ssv.dll" "6/21/2013 3:50 PM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office 15\root\office15\urlredir.dll" "9/14/2013 2:09 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "7/17/2012 4:46 PM"
+ "WinZip Courier BHO" "WinZip Courier BHO" "WinZip Computing, S.L." "c:\program files (x86)\winzip courier\wzwmcie.dll" "10/21/2011 1:12 AM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "11/16/2013 8:23 AM"
+ "Lync Click to Call" "Microsoft Lync" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\ochelper.dll" "8/20/2013 9:40 PM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnielinkednotes.dll" "8/14/2013 7:36 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilesx64\microsoft office\office15\onbttnie.dll" "8/14/2013 7:31 PM"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm" "8/25/2009 1:43 AM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "11/16/2013 8:23 AM"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "2/6/2013 1:43 AM"
+ "HP Network Check" "NCLauncherFromIE" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpnetworkcheck\nclauncherfromie.exe" "7/9/2012 5:46 PM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office 15\root\office15\onbttnielinkednotes.dll" "8/14/2013 7:14 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office 15\root\office15\onbttnie.dll" "8/14/2013 7:24 PM"
+ "Send to &Bluetooth Device..." "" "" "c:\program files\widcomm\bluetooth software\btsendto_ie.htm" "8/25/2009 1:43 AM"
"Task Scheduler" "" "" "" ""
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.9 r900" "Adobe Systems Incorporated" "c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe" "10/28/2013 7:43 PM"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "6/1/2011 7:46 PM"
+ "\BackgroundContainer Startup Task" "" "" "File not found: C:\Users\HP\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll" ""
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "2/15/2012 9:43 PM"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files (x86)\google\update\googleupdate.exe" "2/15/2012 9:43 PM"
+ "\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe" "9/27/2012 8:40 AM"
+ "\Hewlett-Packard\HP Support Assistant\PC Health Analysis" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe" "9/27/2012 8:40 AM"
+ "\Hewlett-Packard\HP Support Assistant\PC Tuneup" "HP Support Assistant" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsf.exe" "9/27/2012 8:40 AM"
+ "\Hewlett-Packard\HP Support Assistant\Update Check" "HPSFUpdater" "Hewlett-Packard Company" "c:\programdata\hewlett-packard\hp support framework\resources\updater7\hpsfupdater.exe" "9/5/2012 5:08 PM"
+ "\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" "HPWarrantyChecker" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe" "10/15/2013 3:40 PM"
+ "\HPCeeScheduleForHP" "HP Ceement" "Hewlett-Packard" "c:\program files (x86)\hewlett-packard\hp ceement\hpcee.exe" "9/14/2010 12:11 AM"
+ "\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe" "10/23/2013 7:11 PM"
+ "\Microsoft\Office\Office Automatic Updates" "Microsoft Office Click-to-Run" "Microsoft Corporation" "c:\program files\microsoft office 15\clientx64\integratedoffice.exe" "9/14/2013 2:48 AM"
+ "\Microsoft\Office\Office Subscription Maintenance" "Office Subscription Licensing Heartbeat" "Microsoft Corporation" "c:\program files\microsoft office 15\root\vfs\programfilescommonx86\microsoft shared\office15\olicenseheartbeat.exe" "10/17/2013 2:01 AM"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "2/6/2013 1:43 AM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 3:36 PM"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 7:24 PM"
+ "\MirageAgent" "YouCam Mirage" "CyberLink" "c:\program files (x86)\hewlett-packard\media\webcam\ycmmirage.exe" "5/25/2010 9:59 PM"
+ "\RecoveryCDWin7" "ESAdvRemIntegrator" "" "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe" "5/25/2010 7:21 AM"
+ "\Registration" "ESAdvRemIntegrator" "" "c:\program files (x86)\hewlett-packard\hp setup\remengine.exe" "5/25/2010 7:21 AM"
+ "\{8E1BBE03-01FC-482C-9F83-8EC28D10F9F0}" "Kontakt 5" "Native Instruments GmbH" "c:\program files\native instruments\kontakt 5\kontakt 5.exe" "1/11/2012 8:58 AM"
+ "\{A3753398-7DD9-4E08-A477-D8F5A3AD1E0D}" "Kontakt 5" "Native Instruments GmbH" "c:\program files\native instruments\kontakt 5\kontakt 5.exe" "1/11/2012 8:58 AM"
+ "\{A68EF8AC-0D3E-470A-A892-F8DAE33AE955}" "Pro Tools Application" "Avid Technology, Inc." "c:\program files (x86)\avid\pro tools\protools.exe" "8/7/2013 1:19 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/12/2013 4:28 PM"
+ "AxiomAudioDevMon" "Manages device settings and hot plugging for M-Audio Axiom devices." "M-Audio" "c:\program files (x86)\m-audio\axiom\audiodevmon.exe" "2/19/2010 7:12 PM"
+ "digiSPTIService64" "Pro Tools CD Ripping Service using SPTI" "Avid Technology, Inc." "c:\program files\avid\pro tools\digisptiservice64.exe" "6/28/2013 3:15 AM"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files (x86)\windows live\family safety\fsssvc.exe" "2/6/2013 1:39 AM"
+ "HP Support Assistant Service" "HP Support Assistant Service" "Hewlett-Packard Company" "c:\program files (x86)\hewlett-packard\hp support framework\hpsa_service.exe" "9/27/2012 6:55 AM"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe" "10/23/2013 7:11 PM"
+ "NIHardwareService" "Manages Native Instruments controller hardware. If this service is stopped, the hardware becomes unavailable." "Native Instruments GmbH" "c:\program files\common files\native instruments\hardware\nihardwareservice.exe" "10/15/2013 6:29 AM"
+ "NisSrv" "Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols" "Microsoft Corporation" "c:\program files\microsoft security client\nissrv.exe" "10/23/2013 7:11 PM"
+ "OfficeSvc" "Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates." "Microsoft Corporation" "c:\program files\microsoft office 15\clientx64\integratedoffice.exe" "9/14/2013 2:48 AM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "11/7/2012 5:37 AM"
+ "osppsvc" "Enables the download, installation, and enforcement of digital licenses for Microsoft Office applications. These applications require this service for proper operation. It is strongly recommended that you keep this service enabled." "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "7/5/2012 7:13 PM"
+ "OxygenAudioDevMon" "Manages device settings and hot plugging for M-Audio Oxygen devices." "M-Audio" "c:\program files (x86)\m-audio\oxygen\audiodevmon.exe" "3/4/2010 10:28 AM"
+ "PaceLicenseDServices" "Services for PACE Licensing Technology" "PACE Anti-Piracy, Inc." "c:\program files (x86)\common files\pace\services\licenseservices\ldsvc.exe" "10/2/2013 6:03 AM"
+ "TeamViewer8" "TeamViewer Remote Software" "TeamViewer GmbH" "c:\program files (x86)\teamviewer\version8\teamviewer_service.exe" "10/1/2013 7:13 AM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "5/27/2013 12:51 AM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "7/17/2012 5:11 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 6:18 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/12/2013 4:28 PM"
+ "Accelerometer" "HP Accelerometer" "Hewlett-Packard Company" "c:\windows\system32\drivers\accelerometer.sys" "5/13/2011 1:47 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 6:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 12:30 PM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 7:04 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 6:19 PM"
+ "amdkmdag" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys" "9/9/2010 1:24 PM"
+ "amdkmdap" "AMD multi-vendor Miniport Driver" "Advanced Micro Devices, Inc." "c:\windows\system32\drivers\atikmpag.sys" "9/9/2010 12:52 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 7:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 1:36 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 11:18 AM"
+ "AmUStor" "Alocr Micro USB Mass Storage Driver" "Alcor Micro, Corp." "c:\windows\system32\drivers\amustor.sys" "7/8/2009 9:27 PM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 4:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 2:27 PM"
+ "AtiHdmiService" "ATI High Definition Audio Function Driver" "ATI Technologies, Inc." "c:\windows\system32\drivers\atihdmi.sys" "5/6/2010 4:20 AM"
+ "AXIOM" "Axiom WDM Audio Streaming Driver" "M-Audio" "c:\windows\system32\drivers\maudioaxiom.sys" "2/19/2010 7:20 PM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 5:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 6:14 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 8:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 8:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 8:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 8:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 8:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 7:11 AM"
+ "btwampfl" "Broadcom Bluetooth USB AMP Filter for Windows Vista" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys" "6/3/2010 2:37 PM"
+ "btwaudio" "Bluetooth Audio Device" "Broadcom Corporation." "c:\windows\system32\drivers\btwaudio.sys" "6/3/2010 2:36 PM"
+ "btwavdt" "Broadcom Bluetooth AVDT Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwavdt.sys" "6/3/2010 2:34 PM"
+ "btwl2cap" "Broadcom Bluetooth L2CAP Service" "Broadcom Corporation." "c:\windows\system32\drivers\btwl2cap.sys" "3/1/2010 9:25 PM"
+ "btwrchid" "Bluetooth Remote Control HID Minidriver" "Broadcom Corporation." "c:\windows\system32\drivers\btwrchid.sys" "6/3/2010 2:36 PM"
+ "clwvd" "CyberLink WebCam Virtual Driver" "Windows ® Win 7 DDK provider" "c:\windows\system32\drivers\clwvd.sys" "5/25/2010 10:06 PM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 6:19 PM"
+ "DigiNet" "Digidesign Ethernet Support" "Avid Technology, Inc." "c:\windows\system32\drivers\diginet.sys" "10/14/2011 2:10 AM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 11:29 AM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 5:52 PM"
+ "gbxavs" "Maschine Controller" "Native Instruments GmbH" "c:\windows\system32\drivers\gbxavs.sys" "7/7/2011 7:54 AM"
+ "gbxusb_svc" "Maschine Controller" "Native Instruments GmbH" "c:\windows\system32\drivers\gbxusb.sys" "7/7/2011 7:54 AM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 3:26 AM"
+ "HECIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys" "9/17/2009 2:54 PM"
+ "hpdskflt" "HP Disk Filter - SATA/RAID" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpdskflt.sys" "5/13/2011 1:47 PM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 1:32 PM"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys" "3/24/2010 3:55 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 7:46 PM"
+ "igfx" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdkmd64.sys" "7/28/2010 4:10 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 4:47 PM"
+ "iLokDrvr" "iLok Kernel Driver File" "" "c:\windows\system32\drivers\ilokdrvr.sys" "11/7/2012 2:00 PM"
+ "Impcd" "Intel® Turbo Boost Technology Driver" "Intel Corporation" "c:\windows\system32\drivers\impcd.sys" "2/26/2010 6:32 PM"
+ "intelkmd" "Intel Graphics Kernel Mode Driver" "Intel Corporation" "c:\windows\system32\drivers\igdpmd64.sys" "7/28/2010 4:10 PM"
+ "ka6avs" "Komplete Audio 6" "Native Instruments GmbH" "c:\windows\system32\drivers\ka6avs.sys" "9/15/2011 9:45 AM"
+ "ka6usb_svc" "Komplete Audio 6" "Native Instruments GmbH" "c:\windows\system32\drivers\ka6usb.sys" "9/15/2011 9:45 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 5:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 7:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 7:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 5:13 PM"
+ "MAUSBMOBILEPREII" "M-Audio USB Audio Driver (WDM)" "M-Audio" "c:\windows\system32\drivers\maudiomobilepreii.sys" "6/21/2010 9:21 PM"
+ "MDFSYSNT" "MacDrive file system driver" "Mediafour Corporation" "c:\windows\system32\drivers\mdfsysnt.sys" "5/18/2010 9:07 AM"
+ "MDPMGRNT" "MacDrive partition driver" "Mediafour Corporation" "c:\windows\system32\drivers\mdpmgrnt.sys" "5/5/2010 9:38 AM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 8:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 8:25 PM"
+ "mianreqe" "" "" "File not found: C:\Windows\system32\drivers\mianreqe.sys" ""
+ "mmxavs" "Maschine Mikro" "Native Instruments GmbH" "c:\windows\system32\drivers\mmxavs.sys" "9/15/2011 10:00 AM"
+ "mmxusb_svc" "Maschine Mikro" "Native Instruments GmbH" "c:\windows\system32\drivers\mmxusb.sys" "9/15/2011 10:00 AM"
+ "NETw5s64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5s64.sys" "3/18/2010 12:21 AM"
+ "netw5v64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netw5v64.sys" "3/26/2009 11:21 AM"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwsw00.sys" "4/18/2013 9:31 AM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 4:11 PM"
+ "NIWinCDEmu" "" "" "c:\windows\system32\drivers\niwincdemu.sys" "8/9/2011 3:25 AM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 3:59 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 3:45 PM"
+ "OXYGEN" "Oxygen WDM Audio Streaming Driver" "M-Audio" "c:\windows\system32\drivers\maudiooxygen.sys" "3/4/2010 10:35 AM"
+ "PxHlpa64" "Px Engine Device Driver for 64-bit Windows" "Sonic Solutions" "c:\windows\system32\drivers\pxhlpa64.sys" "10/20/2009 1:08 PM"
+ "Q2HDWEBCAMAUD" "Q2HD Web Cam Audio" "ZOOM" "c:\windows\system32\drivers\q2hdwebcamaud.sys" "6/12/2012 7:36 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 6:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 8:18 PM"
+ "rig3avs" "Rig Kontrol 3" "Native Instruments GmbH" "c:\windows\system32\drivers\rig3avs.sys" "4/11/2011 8:02 AM"
+ "rig3usb_svc" "Rig Kontrol 3" "Native Instruments GmbH" "c:\windows\system32\drivers\rig3usb.sys" "4/11/2011 8:02 AM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "3/4/2010 8:42 AM"
+ "SANDRA" "Sandra Device Driver (x64)(Unicode)" "SiSoftware" "c:\program files\sisoftware\sisoftware sandra lite 2012.sp5c\wnt500x64\sandra.sys" "8/7/2009 5:44 PM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 8:18 AM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 1:28 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 4:56 PM"
+ "SrvHsfHDA" "HSF_HWAZL WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstazl6.sys" "10/15/2008 7:53 PM"
+ "SrvHsfV92" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstdpv6.sys" "10/15/2008 7:57 PM"
+ "SrvHsfWinac" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\vstcnxt6.sys" "10/15/2008 7:52 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 6:03 PM"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\stwrt64.sys" "6/17/2010 9:16 PM"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys" "10/13/2011 9:34 PM"
+ "Tpkd" "64bit Tpkd Device Driver" "PACE Anti-Piracy, Inc." "c:\windows\system32\drivers\tpkd.sys" "4/11/2013 4:04 PM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 6:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 8:18 PM"
+ "yukonw7" "Miniport Driver for Marvell Yukon Ethernet Controller." "Marvell" "c:\windows\system32\drivers\yk62x64.sys" "2/23/2009 10:02 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "10/11/2013 7:45 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 8:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "12/9/2013 10:52 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 8:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 6:59 AM"
"HKLM\Software\Classes\Filter" "" "" "" "12/8/2013 8:59 AM"
+ "iZotope Alloy 2" "iZotope Alloy 2 (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\alloy 2\win64\izalloy2dxhook.dll" "7/31/2013 11:20 AM"
+ "iZotope Alloy 2" "iZotope Alloy 2 (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\alloy 2\win32\izalloy2dxhook.dll" "7/31/2013 11:19 AM"
+ "iZotope Nectar" "iZotope Nectar (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\nectar\win64\iznectardxhook.dll" "2/11/2013 9:57 AM"
+ "iZotope Nectar" "iZotope Nectar (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\nectar\win32\iznectardxhook.dll" "2/11/2013 9:55 AM"
+ "iZotope Ozone 5" "iZotope Ozone 5 (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\ozone 5\win64\izozone5dxhook.dll" "6/19/2013 6:15 AM"
+ "iZotope Ozone 5" "iZotope Ozone 5 (DX)" "iZotope, Inc." "c:\program files (x86)\izotope\ozone 5\win32\izozone5dxhook.dll" "6/19/2013 6:14 AM"
+ "iZotope Vinyl" "iZotope Vinyl" "iZotope, Inc." "c:\program files (x86)\izotope\vinyl\win64\izvinyl.dll" "8/8/2006 3:23 AM"
+ "iZotope Vinyl" "iZotope Vinyl" "iZotope, Inc." "c:\program files (x86)\izotope\vinyl\win32\izvinyl.dll" "8/8/2006 3:09 AM"
+ "MainConcept (Adobe2) AMR Decoder" "AMR Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amrd.ax" "7/30/2009 4:26 AM"
+ "MainConcept (Adobe2) AMR Encoder" "AMR Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amre.ax" "7/30/2009 4:26 AM"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax" "7/30/2009 4:20 AM"
+ "MainConcept (Adobe2) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4demux.ax" "7/30/2009 4:41 AM"
+ "MainConcept (Adobe2) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4mux.ax" "7/30/2009 4:43 AM"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax" "7/30/2009 4:11 AM"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax" "7/30/2009 4:12 AM"
+ "MainConcept (Adobe2) MPEG-4 Video Encoder" "MPEG-4 Video Encoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4ve.ax" "7/30/2009 4:33 AM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 11:53 PM"
+ "DVBuffers Filter" "" "" "c:\program files\avid\pro tools\video engine\dvbuffers.ax" "6/18/2013 3:57 PM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 11:53 PM"
+ "ATI Ticker" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\ticker.ax" "9/9/2010 1:05 PM"
+ "Capture File Writer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "CyberLink Audio Decoder (HP)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claud.ax" "4/22/2010 1:14 AM"
+ "CyberLink Audio Effect (HP)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudfx.ax" "12/8/2009 9:51 PM"
+ "CyberLink Audio Noise Reduction" "CLAuNR" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaunrwrapper.ax" "10/16/2005 9:34 PM"
+ "CyberLink Audio Resampler" "CLAuRsmpl.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaursmpl.ax" "2/24/2005 9:41 PM"
+ "CyberLink Audio VolumeBooster" "CyberLink Audio Volume Booster Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvb.ax" "10/8/2004 3:36 AM"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudiocd.ax" "1/21/2008 5:35 AM"
+ "Cyberlink Dump Dispatch Filter" "Cyberlink File Dump Dispatch Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdumpdispatch.ax" "12/12/2003 2:01 AM"
+ "Cyberlink Dump Filter" "Cyberlink File Dump Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gdump.ax" "11/22/2006 7:15 AM"
+ "CyberLink DVD Navigator (HP)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clnavx.ax" "4/23/2010 4:05 AM"
+ "CyberLink Editing Service 3.0 (Source)" "CES Kernel" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gedtkrn.dll" "5/3/2007 1:18 AM"
+ "Cyberlink File Reader (Async.)" "Cyberlink MPEG File Reader" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2greader.ax" "6/15/2003 10:35 PM"
+ "CyberLink Line21 Decoder Filter (HP)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clline21.ax" "7/23/2009 9:21 PM"
+ "CyberLink Load Image Filter" "CLImage" "CyberLink" "c:\program files (x86)\cyberlink\shared files\climage.ax" "11/6/2006 11:16 PM"
+ "CyberLink M2V Writer" "CLM2VWriter" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gm2vwriter.ax" "8/17/2005 9:45 AM"
+ "CyberLink MP3/WAV Wrapper" "CyberLink MP3 Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmp3wrap.ax" "1/13/2008 9:30 PM"
+ "CyberLink MPEG Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gmvd.ax" "9/29/2003 8:50 AM"
+ "CyberLink MPEG Muxer" "MpgMux" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gmpgmux.ax" "5/23/2008 2:27 AM"
+ "CyberLink MPEG Video Encoder" "CyberLink MPEG Video Encoder                               " "CyberLink Corp.                                            " "c:\program files (x86)\cyberlink\power2go\p2gvidenc.ax" "10/26/2005 6:41 AM"
+ "CyberLink MPEG-1 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm1spliter.ax" "12/3/2007 10:11 PM"
+ "CyberLink MPEG-2 Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gm2spliter.ax" "12/3/2007 10:10 PM"
+ "CyberLink PCM Wrapper" "CyberLink PCM Wrapper" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gpcmenc.ax" "3/21/2002 12:54 AM"
+ "Cyberlink SubTitle(HP)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clsubtitle.ax" "12/22/2009 8:08 AM"
+ "CyberLink TimeStretch Filter (CES)" "CLAuTS.ax" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gauts.ax" "10/12/2004 9:32 AM"
+ "CyberLink TL MPEG Splitter" "CyberLink MPEG Splitter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gtlmsplter.ax" "10/19/2006 12:33 AM"
+ "CyberLink Tzan Filter (HP)" "Cyberlink Tzan Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\cltzan.ax" "3/22/2010 5:00 AM"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvidfx.ax" "8/29/2005 11:01 PM"
+ "CyberLink Video Regulator" "CLRGL" "Cyberlink" "c:\program files (x86)\cyberlink\power2go\p2grgl.ax" "9/28/2005 5:42 AM"
+ "CyberLink Video Stabilizer" "CLVideoDeShaking" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gvideostabilizer.ax" "10/17/2005 1:28 AM"
+ "CyberLink Video/SP Decoder (HP)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\clvsd.ax" "4/22/2010 2:21 AM"
+ "Digiclock" "DigiDesign Reference Clock" "Avid Technology, Inc." "c:\program files (x86)\avid\pro tools\digirefclock.dll" "8/7/2013 12:41 AM"
+ "MainConcept (Adobe2) AAC Decoder" "AAC audio decoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2daac.ax" "7/30/2009 4:23 AM"
+ "MainConcept (Adobe2) AAC Encoder" "AAC audio encoder filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2eaac.ax" "7/30/2009 4:24 AM"
+ "MainConcept (Adobe2) AMR Decoder" "AMR Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amrd.ax" "7/30/2009 4:26 AM"
+ "MainConcept (Adobe2) AMR Encoder" "AMR Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2amre.ax" "7/30/2009 4:26 AM"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder" "AVC/H.264 Video Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2avcvd.ax" "7/30/2009 4:16 AM"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder" "AVC/H.264 Video Encoder DirectShow Filter" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2h264ve.ax" "7/30/2009 4:20 AM"
+ "MainConcept (Adobe2) Dolby Digital Audio Decoder" "Dolby Digital Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2ddad.ax" "7/30/2009 4:28 AM"
+ "MainConcept (Adobe2) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax" "7/30/2009 4:45 AM"
+ "MainConcept (Adobe2) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2dsdv.ax" "7/30/2009 4:45 AM"
+ "MainConcept (Adobe2) Layer II Audio Decoder" "Layer II Audio Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2l2ad.ax" "7/30/2009 4:08 AM"
+ "MainConcept (Adobe2) Layer II Audio Encoder" "Layer-II Audio Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2l2ae.ax" "7/30/2009 4:12 AM"
+ "MainConcept (Adobe2) MP4 Demultiplexer" "MPEG-4 Demultiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4demux.ax" "7/30/2009 4:41 AM"
+ "MainConcept (Adobe2) MP4 Multiplexer" "MPEG-4 Multiplexer Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2mp4mux.ax" "7/30/2009 4:43 AM"
+ "MainConcept (Adobe2) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax" "8/30/2005 8:10 AM"
+ "MainConcept (Adobe2) MPEG Demultiplexer" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax" "7/30/2009 4:11 AM"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer" "MPEG Push Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgpdmx.ax" "7/30/2009 4:12 AM"
+ "MainConcept (Adobe2) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files (x86)\common files\adobe\dva\com\rel1\ad2mcdsmpeg.ax" "8/30/2005 8:10 AM"
+ "MainConcept (Adobe2) MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m2vd.ax" "7/30/2009 4:09 AM"
+ "MainConcept (Adobe2) MPEG-2 Video Encoder" "MPEG-2 Video Encoder" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m2ve.ax" "7/30/2009 4:12 AM"
+ "MainConcept (Adobe2) MPEG-4 Video Decoder" "MPEG-4 Video Decoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4vd.ax" "7/30/2009 4:31 AM"
+ "MainConcept (Adobe2) MPEG-4 Video Encoder" "MPEG-4 Video Encoder Direct Show Filter" "MainConcept AG" "c:\program files (x86)\adobe\adobe premiere elements 8.0\ad2m4ve.ax" "7/30/2009 4:33 AM"
+ "MainConcept (Adobe2) Stream Parser" "MPEG-1/2 Demultiplexer" "MainConcept AG" "c:\program files (x86)\adobe\elements organizer 8.0\caheadless\ad2mpgdmx.ax" "7/30/2009 4:11 AM"
+ "MMACE Deinterlace" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "9/9/2010 1:05 PM"
+ "MMACE ProcAmp" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "9/9/2010 1:05 PM"
+ "MMACE SoftEmu" "" "" "c:\program files (x86)\ati technologies\ati.ace\graphics-previews-common\mmacefilters.dll" "9/9/2010 1:05 PM"
+ "MSDVD Audio Wizard (HP)" "CyberLink Audio Wizard Filter" "CyberLink Corp." "c:\program files (x86)\hewlett-packard\media\dvd\kernel\movie\claudwizard.ax" "8/14/2009 8:26 AM"
+ "P2G Audio Decoder" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaud.ax" "12/1/2006 12:59 AM"
+ "P2G Audio Encoder" "CyberLink Audio Encoder Filter" "Cyberlink Corp." "c:\program files (x86)\cyberlink\power2go\p2gaudenc.ax" "12/20/2006 4:20 AM"
+ "P2G Video Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files (x86)\cyberlink\power2go\p2gvsd.ax" "11/10/2005 7:36 AM"
+ "P2G Video Regulator" "CyberLink Video Regulator" "CyberLink" "c:\program files (x86)\cyberlink\power2go\p2gresample.ax" "6/17/2002 10:32 PM"
+ "Record Queue" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\sdsreader.dll" "11/1/2007 6:04 PM"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files (x86)\smartsound software\quicktracks\directqx.dll" "11/1/2007 6:04 PM"
+ "SyncReader" "Digi SyncReader" "Avid Technology, Inc." "c:\program files (x86)\avid\pro tools\digisyncreader.dll" "8/7/2013 12:41 AM"
+ "Track1Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track1filter.dll" "9/17/2009 2:10 PM"
+ "Track2Filter" "Adobe Photoshop Elements 8.0 (component)" "Adobe Systems Incorporated" "c:\program files (x86)\adobe\elements organizer 8.0\track2filter.dll" "9/17/2009 2:10 PM"
+ "WM VIH2 Fix" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "WMT DV Extract Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "WMT Sample Info Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "WMT Switch Filter" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "WMT Virtual Renderer" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
+ "WMT Virtual Source" "Photo Gallery Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "2/6/2013 1:40 AM"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 11:53 PM"
+ "BtwCredentialProvider" "BtwCP DLL" "Broadcom Corporation." "c:\program files\widcomm\bluetooth software\btwcp.dll" "6/9/2010 1:48 AM"
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "7/17/2012 5:11 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" "" "12/9/2013 10:52 AM"
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll" "7/28/2010 3:26 PM"
+ "WB" "" "" "File not found: C:\Program Files (x86)\Stardock\MyColors\fast64.dll" ""
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "10/10/2013 7:40 AM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 4:45 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 4:45 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "10/10/2013 7:40 AM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 5:09 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "7/17/2012 5:09 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "12/9/2013 10:52 AM"
+ "Canon BJ Language Monitor MG5300 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmat.dll" "3/13/2012 2:45 AM"
+ "Epson Inbox Language Monitor01" "Epson Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm01.dll" "7/13/2009 8:29 PM"
"C:\Users\HP\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" "" "12/2/2013 12:03 AM"
+ "WinZip Gadget" "" "WinZip" "C:\Program Files\Windows Sidebar\Shared Gadgets\WinZip.Gadget\en-US\Gadget.xml" "4/4/2012 12:06 AM"
 



#4 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 09 December 2013 - 02:01 PM

Hi Trent E.
 
Open up AutoRuns again and press ctrl and f. Then type \BackgroundContainer and press enter, an entry called \BackgroundContainer Startup Task should be highlighted. Remove the tick in the box by clicking on it.
Reboot and tell me if any errors occur upon startup.
 
Also please run these for me:
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

-----------
 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#5 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 02:22 PM

After the first step and reboot the error box did not appear but the search engine that I thought was associated with it did. Here is the next text....its a long one...I will do the next...thanks

 

# AdwCleaner v3.014 - Report created 09/12/2013 at 14:18:43
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : HP - HPENVY
# Running from : C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U4MSAMIC\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IBUpdaterService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\blekko toolbars
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\lucky leap
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Windows\SysWOW64\ARFC
Folder Deleted : C:\Windows\SysWOW64\jmdp
Folder Deleted : C:\Windows\SysWOW64\WNLT
Folder Deleted : C:\Program Files\DomaIQ Uninstaller
Folder Deleted : C:\Windows\System32\ljkb
Folder Deleted : C:\Users\HP\AppData\Local\Conduit
Folder Deleted : C:\Users\HP\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\HP\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\HP\AppData\Local\PackageAware
Folder Deleted : C:\Users\HP\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\HP\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\HP\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\HP\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\HP\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\HP\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\HP\AppData\Roaming\strongvault
File Deleted : C:\END
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\HP\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298570
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videopad-video-editor_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_videopad-video-editor_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AF6B0594-6008-4327-93E5-608AD710A6FA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\wnlt
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\PricePeep
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\wnlt

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : search_url
Deleted : suggest_url
Deleted : keyword
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [11670 octets] - [09/12/2013 14:12:48]
AdwCleaner[R1].txt - [11731 octets] - [09/12/2013 14:17:56]
AdwCleaner[S0].txt - [11118 octets] - [09/12/2013 14:18:43]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11179 octets] ##########



#6 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 02:30 PM

Here we go last one......

 

Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by HP on Mon 12/09/2013 at 14:24:16.36
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iLividSetupV1[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1[1]_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\iLividSetupV1[1]_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{364E84B8-78A9-4989-BB11-359053EDF29B}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{7E72FB9D-DBAE-448C-B655-39B5047C3BE4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{7E72FB9D-DBAE-448C-B655-39B5047C3BE4}

 

~~~ Files

Successfully deleted: [File] "C:\Users\HP\appdata\locallow\SkwConfig.bin"

 

~~~ Folders

Successfully deleted: [Folder] "C:\Users\HP\appdata\local\blekkotb_031"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\HP\appdata\local\stronghold_llc"
Successfully deleted: [Folder] "C:\Users\HP\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free window registry repair"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"

 

~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/09/2013 at 14:29:32.14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#7 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 09 December 2013 - 02:34 PM

Hi Trent E.,

 

Does that search engine still appear?

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#8 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 02:39 PM

Hello,

 

  No the search engine gone!!!! Nice!!! You gals/guys are awesome!!! My PC seems a little faster too. I should do this more often. THanks....anything else I should do???



#9 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 09 December 2013 - 02:49 PM

Hi Trent E.,
 
You are most welcome. Lets run one final quick scan to see if anything needs updating:
 
Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#10 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 09 December 2013 - 02:53 PM

Here you go...

 

Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1   
 Java 7 Update 25 
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome 31.0.1650.57 
 Google Chrome 31.0.1650.63 
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 31,762 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:55 PM

Posted 09 December 2013 - 08:42 PM

FYI: If you're going to keep Autoruns (which I recommend), be careful using it and be sure to read:
Microsoft MVP - Consumer Security 2007-2014 MVP.gif

Member of UNITE, Unified Network of Instructors and Trusted Eliminators

#12 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 10 December 2013 - 03:03 PM

Hi Trent E.,

 

Go to the control panel and uninstall these programs:

 

Java 7 Update 25 - Unless you need Java specifically for something then I suggest just uninstalling it as Java is most commonly used to exploit your system. See below for why you might not need java.
Adobe Flash Player 10 Flash Player - Update here: http://get.adobe.com/flashplayer/
Adobe Reader 9 Adobe Reader - Update here: http://get.adobe.com/uk/reader/
 

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#13 Trent E.

Trent E.
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:55 PM

Posted 11 December 2013 - 09:19 AM

Should I uninstall all JAVA related programs JAVA 6 update, JAVA FX2.2.1, JAVA development kit?    I had the development kit because I had a JAVA programming class last year.

 

Also are you recommending I update the Adobe Flash player and Adobe Reader or uninstall them? THanks again.



#14 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Team
  • 2,340 posts
  • ONLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:11:55 PM

Posted 11 December 2013 - 11:45 AM

Should I uninstall all JAVA related programs JAVA 6 update, JAVA FX2.2.1, JAVA development kit?    I had the development kit because I had a JAVA programming class last year.

 

Also are you recommending I update the Adobe Flash player and Adobe Reader or uninstall them? THanks again.

Yes, unless you are using any of them.

 

Uninstall the old version, and then visit the websites I listed to update them.

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users