Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Continuetosave 1.74.


  • Please log in to reply
33 replies to this topic

#1 NutOfDeath

NutOfDeath

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 12:56 AM

Hi, recently, IE 10 has been giving me almost non-stop ads. I realized there was two programs I haven't installed that appeared on the "Uninstall a program" list. One was Scorpion Saver, and the other was continuetosave. I deleted both, reseted IE, and restarted the computer. Everything seemed fine, since there were no ads. However, I went back into the programs list, and found a new program was there: continuetosave 1.74. I have Nortion 360 installed, but I don't really rely on it or believe it's the best anti-virus program ever like my parents do. Could you guys help me? I use Windows 7.

 

I reposted it in this subforum because I think I put it in the wrong place.

 

EDIT: I now remember there were some error messages about a .dll not being installed or something during and after the uninstalling. I can't remember, sorry. :(


Edited by NutOfDeath, 24 November 2013 - 01:05 AM.


BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 24 November 2013 - 02:05 AM

Hello -

As always, this shows that "no single program" will prevent and fix all problems -

 

Please download and run RKill by Grinler.

A black DOS box will briefly flash and then disappear.
This is normal and indicates the tool ran successfully.
If a log is produced, save it, or post it back here -

 

Important: Do not reboot your computer until you complete the next step.

 

Please download AdwCleaner by Xplode and save to your Desktop.
* Double-click on AdwCleaner.exe to run the tool.
* Vista/Windows 7/8 users right-click and select Run As Administrator.
* Click on the Scan button. (only once)
* AdwCleaner will begin...be patient as the scan may take some time to complete.
* After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
* Click on the Clean button. (only once)
* Press OK when asked to close all programs and follow the onscreen prompts.
+ Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
* After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
* Copy and paste the contents of that logfile in your next reply.
 

 

Download Malwarebytes' Anti-Malware Free (aka MBAM)

NOTE : Do not select the Free Pro Trial Version at this time ........
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.
Be sure to reboot the computer if required after you post the log.
 

Thank You -



#3 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 10:23 AM

I'm guessing this is what you mean by log? Will post more stuff later.

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/24/2013 09:21:28 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\ProgramData\BetterSoft\OptimizerPro\OptimizerPro.exe (PID: 1688) [AU-HEUR]
 * C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4OHNU7U\unblock-us.exe (PID: 4960) [UP-HEUR]

2 proccesses terminated!

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Jorge\Desktop\rkill\rkill-11-24-2013-09-21-36.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 11/24/2013 09:22:01 AM
Execution time: 0 hours(s), 0 minute(s), and 33 seconds(s)



#4 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 10:34 AM

Step 2:

# AdwCleaner v3.013 - Report created 24/11/2013 at 09:27:28
# Updated 24/11/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Jorge - JORGE-VAIO
# Running from : C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LMVQVRPM\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\StarApp
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\continuuetosave
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\continuetosave
Folder Deleted : C:\Program Files (x86)\DealPly
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\GamesBar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\Jorge\AppData\Local\Conduit
Folder Deleted : C:\Users\Jorge\AppData\Local\iac
Folder Deleted : C:\Users\Jorge\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\Jorge\AppData\Local\jZip
Folder Deleted : C:\Users\Jorge\AppData\Local\PackageAware
Folder Deleted : C:\Users\Jorge\AppData\Local\Smartbar
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\Delta
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\iac
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\Jorge\AppData\LocalLow\continuuetosave
Folder Deleted : C:\Users\Jorge\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Jorge\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Jorge\AppData\Roaming\file scout
Folder Deleted : C:\Users\Jorge\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Jorge\AppData\Roaming\SpeedAnalysis2
Folder Deleted : C:\Users\Jorge\AppData\Roaming\strongvault
Folder Deleted : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Extensions\jokkhonkcoijajjepahfbgahapfpelcj
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Jorge\AppData\Roaming\speedanalysis.ico
File Deleted : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Messenger\View Inbox.lnk

***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis02@SpeedAnalysis.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apntoolbarinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_e14dcdfa
Key Deleted : HKCU\Software\5e53d7d8b56dbe49
Key Deleted : HKLM\SOFTWARE\5e53d7d8b56dbe49
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3317127
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38495740-0035-4471-851E-F5BBB86AB085}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14F35FFC-522A-4DD1-A07E-6B8B65C6891E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AC329328-7EC4-4C34-B672-0A2B90CB9B00}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F02C0832-C85C-4B93-8C6F-9DF20121A10D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5D79F641-C168-40DF-A32F-BACEA7509E75}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C98D5B61-B0EA-4D48-9839-1079D352D880}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CB41FC95-F1B3-4797-8BB6-1012FF62ABBA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A5B9C0F5-5616-47CD-A95F-E43B488FACCF}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DeviceVM
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SP Global
Key Deleted : HKLM\Software\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736

-\\ Google Chrome v

[ File : C:\Users\Jorge\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [23148 octets] - [24/11/2013 09:24:32]
AdwCleaner[S0].txt - [22928 octets] - [24/11/2013 09:27:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22989 octets] ##########

 

Also, I had an interesting error: CfKmJMu.png



#5 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 10:52 AM

Step 3:

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.24.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16736
Jorge :: JORGE-VAIO [administrator]

11/24/2013 9:38:53 AM
mbam-log-2013-11-24 (09-38-53).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 220887
Time elapsed: 8 minute(s), 32 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 6
HKCR\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3} (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE} (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd -> Delete on reboot.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Best Buy pc app (Trojan.Agent) -> Data: regsvr32.exe /s "C:\Users\Jorge\AppData\Local\Microsoft Help\Best Buy pc app\klkedimmig.dll" -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName (PUP.Optional.Adpeak) -> Data: Level Quality Watcher -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 4
C:\Program Files (x86)\Level Quality Watcher (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.

Files Detected: 15
C:\temp\ScorpionSaver.msi (Adware.Adpeak) -> Quarantined and deleted successfully.
C:\Users\Jorge\Downloads\InternetExplorer_Setup.exe (PUP.Optional.AirInstaller) -> Quarantined and deleted successfully.
C:\Users\Jorge\Pictures\mplayer_tuguu_1271.exe (PUP.Optional.InstallIQ.A) -> Quarantined and deleted successfully.
C:\Windows\Installer\17553486.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\Tasks\schedule!3036567561.job (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Level Quality Watcher\LevelQualityWatcher64.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Level Quality Watcher\LevelQualityWatcher32.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Windows\System32\config\systemprofile\AppData\Roaming\DealPly\UpdateProc\config.dat (PUP.Optional.DealPly.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\Custom.dll (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\Readme.txt (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\Setup.dat (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\Setup.exe (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\Setup.ico (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\TsuDll.dll (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.
C:\ProgramData\InstallMate\OptimizerPro\_Setup.dll (PUP.Optional.OptimizerPro.A) -> Quarantined and deleted successfully.

(end)



#6 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 24 November 2013 - 02:38 PM

Hello -

That report looks like you have removed a lot of infections in all ranges.

There were some very small ones as well as some that can become deeply entrenched -

 

We can look at that error message shortly.

How is the computer going now (based on your original problem)

 

Thank You -



#7 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 06:39 PM

I think you fixed it. Thanks! I'll see if there's any problems.

#8 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 24 November 2013 - 07:01 PM

Try and play for an hour and see what happens.

 

Then post back any results -



#9 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 24 November 2013 - 07:11 PM

Well, I've been using it for an hour. No sketchy popup ads, no errors (except when I start up the computer, then the .dll thing pops up). Continuetosave isn't in the program list. Everything seems OK.

#10 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 24 November 2013 - 07:52 PM

OK -

Just still keep an eye here as I am still looking for a "safe" answer to your ".dll failed to load"



#11 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 24 November 2013 - 08:35 PM

Please use Autoruns -
* Download  Autoruns
* Extract and launch autoruns.exe
* Allow the scan to fully finish
* Now click on FILE > SAVE
* Use > Filename:Autoruns.txt - Save as Type :Text
Copy and Paste the contents of text here

 

Thanks -



#12 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 27 November 2013 - 11:37 AM

Sorry I'm late. Here it is:

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" "" "7/13/2009 10:49 PM"
+ "rdpclip" "" "" "File not found: rdpclip" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" "" "6/8/2013 2:22 AM"
+ "IntelPAN" "Intel® PROSet/Wireless Framework" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\ifrmewrk.exe" "6/1/2011 1:26 PM"
+ "RtHDVBg" "HD Audio Background Process" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravbg64.exe" "6/3/2011 12:08 AM"
+ "RtHDVCpl" "Realtek HD Audio Manager" "Realtek Semiconductor" "c:\program files\realtek\audio\hda\ravcpl64.exe" "6/24/2011 4:05 AM"
+ "SynTPEnh" "Synaptics TouchPad Enhancements" "Synaptics Incorporated" "c:\program files\synaptics\syntp\syntpenh.exe" "12/16/2010 11:00 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/24/2013 9:53 AM"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe" "4/16/2013 9:13 PM"
+ "BCSSync" "Microsoft Office 2010 component" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\bcssync.exe" "3/13/2010 3:54 PM"
+ "Dolby Home Theater v4" "Dolby Profile Selector" "Dolby Laboratories Inc." "c:\program files (x86)\dolby home theater v4\pcee4.exe" "5/2/2011 3:09 PM"
+ "EaseUS EPM tray" "" "" "File not found: C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" ""
+ "HP Software Update" "hpwuSchd Application" "Hewlett-Packard" "c:\program files (x86)\hp\hp software update\hpwuschd2.exe" "5/8/2007 3:24 PM"
+ "IAStorIcon" "IAStorIcon" "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastoricon.exe" "1/12/2011 7:56 PM"
+ "ImproveSpeedPC" "" "" "File not found: C:\Program Files (x86)\ImproveSpeedPC\ImproveSpeedPC.exe" ""
+ "ISBMgr.exe" "" "Sony Corporation" "c:\program files (x86)\sony\isb utility\isbmgr.exe" "5/22/2011 7:19 PM"
+ "ISUSPM" "Common Software Manager" "Flexera Software LLC." "c:\programdata\flexnet\connect\11\isuspm.exe" "10/12/2011 10:10 PM"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files (x86)\common files\installshield\updateservice\issch.exe" "2/16/2005 4:13 PM"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files (x86)\itunes\ituneshelper.exe" "10/1/2013 1:51 AM"
+ "Nuance PDF Converter Professional 8-reminder" "Ereg (Unicode version)" "Nuance Communications, Inc." "c:\program files (x86)\nuance\pdf professional 8\ereg\ereg.exe" "10/11/2012 6:11 AM"
+ "PDF8 Registry Controller" "REGISTRYCONTROLLER.EXE" "Nuance Communications, Inc." "c:\program files (x86)\nuance\pdf professional 8\registrycontroller.exe" "10/23/2012 2:19 PM"
+ "PDFProHook" "PdfPro8Hook.exe" "Nuance Communications, Inc." "c:\program files (x86)\nuance\pdf professional 8\pdfpro8hook.exe" "10/23/2012 2:23 PM"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe" "3/14/2011 11:29 PM"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files (x86)\quicktime\qttask.exe" "5/1/2013 4:42 AM"
+ "sbsdk-server" "Node Launcher" "SMART Technologies" "c:\program files (x86)\smart technologies\education software\sbsdk-server\nodelauncher.exe" "10/17/2012 8:40 AM"
+ "SMART Board Service" "SMART Board Service" "SMART Technologies" "c:\program files (x86)\smart technologies\education software\smartboardservice.exe" "10/17/2012 8:31 AM"
+ "SMART Board Tools" "SMART Board Tools" "SMART Technologies ULC" "c:\program files (x86)\smart technologies\education software\smartboardtools.exe" "3/9/2012 10:14 AM"
+ "SMART Ink" "SMARTInk" "SMART Technologies" "c:\program files (x86)\smart technologies\education software\smartink.exe" "10/25/2012 4:38 PM"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "5/16/2013 4:47 PM"
+ "Adobe Gamma Loader.exe.lnk" "Adobe Gamma Loader" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\calibration\adobe gamma loader.exe" "6/16/1999 12:57 PM"
+ "Bluetooth.lnk" "" "" "File not found: C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe" "5/21/2009 11:12 PM"
+ "Nuance Cloud Connector.lnk" "" "" "c:\program files (x86)\nuance\nuance cloud connector\gladlauncher.exe" "5/18/2012 11:34 AM"
"C:\Users\Jorge\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup" "" "" "" "10/26/2013 9:03 AM"
+ "GameStop Now.lnk" "" "" "File not found: C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe" ""
+ "OneNote 2010 Screen Clipper and Launcher.lnk" "Microsoft OneNote Quick Launcher" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onenotem.exe" "6/25/2013 3:46 PM"
"HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows\Load" "" "" "" "11/24/2013 10:37 AM"
+ "C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd" "" "" "File not found: C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd" ""
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" "" "2/10/2011 4:48 PM"
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe" "7/13/2009 5:58 PM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components" "" "" "" "2/10/2011 4:48 PM"
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""
+ "Microsoft Windows" "Windows Mail" "Microsoft Corporation" "c:\program files (x86)\windows mail\winmail.exe" "7/13/2009 5:42 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" "" "11/23/2013 11:28 PM"
+ "Sidebar" "Windows Desktop Gadgets" "Microsoft Corporation" "c:\program files\windows sidebar\sidebar.exe" "11/20/2010 4:24 AM"
+ "SMART Technologies Update" "" "" "File not found: C:\Users\Jorge\AppData\Local\SMART Technologies\bordbk150.dll" ""
+ "Softango  Downloader213706.exe" "" "" "File not found: C:\Users\Jorge\AppData\Local\Temp\Softango  Downloader213706.exe" ""
+ "Ycbalo" "" "" "File not found: C:\Users\Jorge\AppData\Roaming\Ophevi\iqeg.exe" ""
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" "" "11/23/2013 11:28 PM"
+ "FlashPlayerUpdate" "Adobe® Flash® Player Installer/Uninstaller 11.7 r700" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashutil64_11_7_700_202_activex.exe" "4/30/2013 1:48 PM"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" "" "7/13/2009 10:53 PM"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office14\msoxmlmf.dll" "2/28/2010 3:24 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "10/26/2013 9:02 AM"
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" "" "11/24/2013 9:53 AM"
+ "Groove GFS Stub Execution Hook" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
+ "PDFC7.ShellExtension" "SHELLEXT70.DLL" "Nuance Communications, Inc." "c:\program files (x86)\nuance\pdf professional 8\shellext70.dll" "10/23/2012 2:21 PM"
+ "ShellConverter" "" "" "File not found: C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\navshext.dll" "6/3/2013 10:34 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "10/12/2012 1:33 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Zeon.GMFCDirectShellExt" "GDirectShellExt Module" "Zeon International Investment Corp. " "c:\program files (x86)\nuance\pdf professional 8\bin\gdirectshellext.dll" "4/15/2013 1:16 AM"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll" "11/18/2010 10:08 AM"
+ "PCBoosterCMenu" "" "" "File not found: C:\Program Files (x86)\PC Booster\PCBoosterCMenu.dll" ""
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "10/12/2012 1:12 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll" "2/15/2012 10:19 AM"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\navshext.dll" "6/3/2013 10:34 PM"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "BuPropertySheet" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll" "2/15/2012 10:19 AM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
+ "Open With Gladinet" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetshellproxy.dll" "5/18/2012 11:30 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Open With Gladinet" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetshellproxy32.dll" "5/18/2012 11:29 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "10/12/2012 1:33 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll" "11/18/2010 10:08 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "10/12/2012 1:12 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "GladinetDDHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetddhandler.dll" "5/18/2012 11:33 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "10/12/2012 1:33 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files (x86)\7-zip\7-zip.dll" "11/18/2010 10:08 AM"
+ "GladinetDDHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetddhandler32.dll" "5/18/2012 11:33 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "10/12/2012 1:12 AM"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "GladinetCopyHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\glcopyhandler.dll" "5/18/2012 11:32 AM"
"HKLM\Software\Wow6432Node\Classes\Directory\Shellex\CopyHookHandlers" "" "" "" "7/4/2012 12:43 PM"
+ "GladinetCopyHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\glcopyhandler32.dll" "5/18/2012 11:32 AM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files\windows sidebar\sbdrop.dll" "7/13/2009 7:32 PM"
+ "NvCplDesktopContext" "" "NVIDIA Corporation" "c:\windows\system32\nvshext.dll" "6/16/2011 9:30 PM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" "" "7/13/2009 10:53 PM"
+ "Gadgets" "Sidebar droptarget" "Microsoft Corporation" "c:\program files (x86)\windows sidebar\sbdrop.dll" "7/13/2009 7:09 PM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers" "" "" "" "10/10/2011 10:55 PM"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll" "4/3/2012 9:49 PM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "10/10/2011 10:55 PM"
+ "AddtoVAIOGate" "VAIOGateShellExt" "Sony Corporation" "c:\program files\sony\vaio gate\vaiogateshellext.dll" "2/15/2012 10:19 AM"
+ "BUContextMenu" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll" "2/28/2013 2:39 PM"
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\navshext.dll" "6/3/2013 10:34 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "10/12/2012 1:33 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" "" "10/10/2011 10:55 PM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "10/12/2012 1:12 AM"
+ "XXX Groove GFS Context Menu Handler XXX" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "10/10/2011 10:55 PM"
+ "GladinetDDHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetddhandler.dll" "5/18/2012 11:33 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshls64.dll" "10/12/2012 1:33 AM"
"HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\DragDropHandlers" "" "" "" "10/10/2011 10:55 PM"
+ "GladinetDDHandler" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladinetddhandler32.dll" "5/18/2012 11:33 AM"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, S.L." "c:\program files\winzip\wzshlstb.dll" "10/12/2012 1:12 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "10/26/2013 9:02 AM"
+ "GladinetIconOverlay" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gloverlayicon.dll" "5/18/2012 11:31 AM"
+ "GladinetUploading" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gloverlayiconu.dll" "5/18/2012 11:34 AM"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "OverlayExcluded" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
+ "OverlayPending" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
+ "OverlayProtected" "Backup Shell" "Symantec Corporation" "c:\program files (x86)\norton 360\engine64\20.4.0.40\bushell.dll" "5/28/2013 8:40 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" "" "11/24/2013 9:53 AM"
+ "GladinetIconOverlay" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gloverlayicon32.dll" "5/18/2012 11:31 AM"
+ "GladinetUploading" "Gladinet Cloud Suite" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gloverlayiconu32.dll" "5/18/2012 11:34 AM"
+ "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 2 (GFS Stub)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 3 (GFS Folder)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "10/26/2013 9:02 AM"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files\microsoft office\office14\grooveex.dll" "8/15/2012 11:46 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll" "5/4/2011 11:29 AM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files\microsoft office\office14\urlredir.dll" "12/20/2010 9:48 PM"
+ "SMART Notebook Download Utility" "Notebook Download Plugin" "SMART Technologies ULC." "c:\program files (x86)\smart technologies\education software\win64\notebookplugin.dll" "10/17/2012 2:19 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll" "3/28/2011 10:12 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" "" "11/24/2013 9:53 AM"
+ "Bing Bar Helper" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll" "3/1/2011 11:11 PM"
+ "Gaaiho PDF Conversion Toolbar Helper" "ZeonIEFavClient.dll" "Zeon Corporation" "c:\program files (x86)\nuance\pdf professional 8\bin\gzeoniefavclient.dll" "2/18/2013 12:12 AM"
+ "Groove GFS Browser Helper" "Microsoft SharePoint Workspace Extensions" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\grooveex.dll" "8/15/2012 11:39 PM"
+ "HP Smart BHO Class" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll" "5/19/2009 10:23 PM"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files (x86)\java\jre6\bin\jp2ssv.dll" "5/4/2011 6:52 AM"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\20.4.0.40\coieplg.dll" "5/30/2013 7:44 PM"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\20.4.0.40\ips\ipsbho.dll" "8/8/2012 12:50 PM"
+ "Office Document Cache Handler" "Microsoft Office Document Cache Handler" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\urlredir.dll" "12/20/2010 7:04 PM"
+ "ScorpionSaver" "" "" "c:\program files (x86)\scorpionsaver\iecore.dll" "11/7/2013 12:54 PM"
+ "SMART Notebook Download Utility" "Notebook Download Plugin" "SMART Technologies ULC." "c:\program files (x86)\smart technologies\education software\win32\notebookplugin.dll" "10/17/2012 2:11 AM"
+ "Windows Live ID Sign-in Helper" "Microsoft® Windows Live ID Login Helper" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll" "3/28/2011 9:32 PM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar" "" "" "" "11/14/2013 3:43 AM"
+ "Bing" "Bing Client Extensions" "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bingext.dll" "3/1/2011 11:11 PM"
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\20.4.0.40\coieplg.dll" "5/30/2013 7:44 PM"
+ "Nuance PDF" "ZeonIEFavClient.dll" "Zeon Corporation" "c:\program files (x86)\nuance\pdf professional 8\bin\gzeoniefavclient.dll" "2/18/2013 12:12 AM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" "" "11/14/2013 3:43 AM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnielinkednotes.dll" "12/20/2010 11:56 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files\microsoft office\office14\onbttnie.dll" "4/22/2013 5:38 AM"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions" "" "" "" "11/14/2013 3:43 AM"
+ "&Blog This in Windows Live Writer" "Windows Live Writer Blog This Extension" "Microsoft Corporation" "c:\program files (x86)\windows live\writer\writerbrowserextension.dll" "5/13/2011 4:31 PM"
+ "OneNote Lin&ked Notes" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnielinkednotes.dll" "12/20/2010 9:05 PM"
+ "Se&nd to OneNote" "Microsoft OneNote Internet Explorer Add-in" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\onbttnie.dll" "4/22/2013 5:26 AM"
+ "Show or hide HP Smart Web Printing" "HP Smart Web Printing add-on for Internet Explorer" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\smart web printing\hpswp_bho.dll" "5/19/2009 10:23 PM"
"Task Scheduler" "" "" "" ""
+ "\0" "Internet Explorer" "Microsoft Corporation" "c:\program files (x86)\internet explorer\iexplore.exe" "10/11/2013 9:41 PM"
+ "\4684" "" "" "File not found: C:\Users\Jorge\AppData\Local\Temp\launchie.vbs" ""
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files (x86)\apple software update\softwareupdate.exe" "6/1/2011 6:46 PM"
+ "\DDNi Startup" "DDNiStartup" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\ddnistartup.exe" "11/13/2012 2:17 PM"
+ "\Improve Speed PC" "" "" "File not found: C:\Program Files (x86)\ImproveSpeedPC\ImproveSpeedPC.exe" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "5/13/2011 4:21 PM"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "6/10/2009 2:36 PM"
+ "\Microsoft\Windows\TabletPC\InputPersonalization" "" "" "File not found: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/13/2009 6:24 PM"
+ "\Norton 360\Norton Error Analyzer" "Symantec Error Reporting" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\20.4.0.40\symerr.exe" "6/3/2013 7:21 PM"
+ "\Sony Corporation\Sony Home Network Library\SOHLib TaskTray" "SHTtray" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\shttray.exe" "11/3/2011 5:16 AM"
+ "\Sony Corporation\VAIO Care\AutoCheckMessage" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\CRMReminder" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\VAIO Care" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\VAU" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\VCCheckIolo" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\VCMetrics" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Care\VCOneClick" "VCSystemTray" "Sony Corporation" "c:\program files\sony\vaio care\vcsystemtray.exe" "1/30/2012 9:44 PM"
+ "\Sony Corporation\VAIO Control Center\Level4Daily" "VAIO Control Center(WBCBatteryCare Module)" "Sony Corporation" "c:\program files (x86)\sony\vaio control center\wbcbatterycare.exe" "5/5/2011 11:28 PM"
+ "\Sony Corporation\VAIO Control Center\Level4Month" "VAIO Control Center(WBCBatteryCare Module)" "Sony Corporation" "c:\program files (x86)\sony\vaio control center\wbcbatterycare.exe" "5/5/2011 11:28 PM"
+ "\Sony Corporation\VAIO Gate\VAIO Gate" "VAIO Gate" "Sony Corporation" "c:\program files\sony\vaio gate\vaio gate.exe" "2/20/2012 8:43 AM"
+ "\Sony Corporation\VAIO Gate\VAIO Gate Restart" "VAIO Gate" "Sony Corporation" "c:\program files\sony\vaio gate\vaio gate.exe" "2/20/2012 8:43 AM"
+ "\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music Jorge" "VAIO Personalization Manager" "Sony Corporation" "c:\program files\sony\vaio personalization manager\vpmlm.exe" "10/3/2011 4:44 AM"
+ "\Sony Corporation\VAIO Power Management\VPM Logon Start" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe" "3/31/2011 3:42 AM"
+ "\Sony Corporation\VAIO Power Management\VPM Session Change" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe" "3/31/2011 3:42 AM"
+ "\Sony Corporation\VAIO Power Management\VPM Unlock" "SPM Module" "Sony Corporation" "c:\program files\sony\vaio power management\spmgr.exe" "3/31/2011 3:42 AM"
+ "\Sony Corporation\VAIO Smart Network\VSN Logon Start" "VAIO Smart Network" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnclient.exe" "7/14/2011 3:05 AM"
+ "\Sony Corporation\VAIO Update\Launch Application" "ShellExeProxy.exe" "Sony Corporation" "c:\program files\sony\vaio update common\shellexeproxy.exe" "12/19/2011 11:14 PM"
+ "\Sony\Keyboard Shortcuts" "Keyboard Shortcuts" "" "c:\program files (x86)\sony\keyboard shortcuts\keyboardshortcuts.exe" "7/14/2011 1:17 AM"
+ "\Unblock-us" "" "" "File not found: C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4OHNU7U\unblock-us.exe" ""
+ "\USER_ESRV_SVC" "" "" "c:\program files\sony\vaio care\esrv\task.vbs" "7/30/2013 10:54 AM"
+ "\VAIO® Messenger (Administrator)" "VAIO Messenger" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\vaio messenger.exe" "11/13/2012 2:17 PM"
+ "\VAIO® Messenger (Jorge)" "VAIO Messenger" "Digital Delivery Networks, Inc." "c:\program files (x86)\ddni\oasis\vaio messenger.exe" "11/13/2012 2:17 PM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/23/2013 11:38 PM"
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files (x86)\common files\arcsoft\connection service\bin\acservice.exe" "3/17/2010 9:01 PM"
+ "AdobeARMservice" "Adobe Acrobat Updater keeps your Adobe software up to date." "Adobe Systems Incorporated" "c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe" "1/3/2012 1:36 AM"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe" "5/17/2012 9:06 PM"
+ "BBSvc" "Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar." "Microsoft Corporation." "c:\program files (x86)\microsoft\bingbar\bbsvc.exe" "3/1/2011 11:11 PM"
+ "BcmSqlStartupSvc" "Controls the start of the Business Contact Manager SQL Server instance (MSSMLBIZ)." "Microsoft Corporation" "c:\program files (x86)\microsoft small business\business contact manager\bcmsqlstartupsvc.exe" "3/25/2010 9:35 AM"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe" "8/30/2011 11:52 PM"
+ "DMAgent" "Red Bend Device Management Service for Intel® PROSet/Wireless WiMAX Software." "Red Bend Ltd." "c:\program files\intel\wimax\bin\dmagent.exe" "6/14/2011 1:31 AM"
+ "ESRV_SVC" "Intel® Energy Checker SDK. ESRV Service." "" "c:\program files\sony\vaio care\esrv\esrv_svc.exe" "2/22/2013 2:01 PM"
+ "EvtEng" "Manages the event trace messages for all the Intel® PROSet/Wireless Software components." "Intel® Corporation" "c:\program files\intel\wifi\bin\evteng.exe" "6/1/2011 1:38 PM"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Flexera Software, Inc." "c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe" "5/26/2011 4:37 AM"
+ "GladFileMonSvc" "Gladinet File Monitoring Service" "Gladinet, INC" "c:\program files (x86)\nuance\nuance cloud connector\gladfilemonsvc.exe" "5/18/2012 11:40 AM"
+ "hpqcxs08" "HP CUE Context Manager Objects" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll" "5/21/2009 7:21 PM"
+ "hpqddsvc" "This service detects and monitors CUE devices on the system." "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll" "5/21/2009 11:02 PM"
+ "HPSLPSVC" "Discovers and monitors the state and the configuration of the HP devices attached to your network. If the service is stopped, and your network devices change IP addresses, they might become unavailable" "Hewlett-Packard Co." "c:\program files (x86)\hp\digital imaging\bin\hpslpsvc64.dll" "9/20/2009 12:54 PM"
+ "IAStorDataMgrSvc" "Provides storage event notification and manages communication between the storage driver and user space applications." "Intel Corporation" "c:\program files (x86)\intel\intel® rapid storage technology\iastordatamgrsvc.exe" "1/12/2011 7:56 PM"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe" "10/1/2013 1:51 AM"
+ "IviRegMgr" "InterVideo Register Manager" "InterVideo" "c:\program files (x86)\common files\intervideo\regmgr\iviregmgr.exe" "5/20/2010 2:14 AM"
+ "jhi_service" "Intel® Identity Protection Technology Host Interface Service - Allows applications to access the local Intel Identity Protection Technology" "Intel Corporation" "c:\program files (x86)\intel\services\ipt\jhi_service.exe" "2/24/2011 1:59 AM"
+ "Level Quality Watcher" "" "" "c:\program files\level quality watcher\v1.01\levelqualitywatcher64.exe" "11/25/2013 3:02 PM"
+ "LMS" "Allows applications to access the local Intel® Management and Security Application using its locally-available selected network interfaces." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\lms\lms.exe" "5/4/2011 1:27 PM"
+ "Microsoft SharePoint Workspace Audit Service" "Microsoft SharePoint Workspace" "Microsoft Corporation" "c:\program files (x86)\microsoft office\office14\groove.exe" "9/20/2012 7:18 AM"
+ "MSSQL$MSSMLBIZ" "Provides storage, processing and controlled access of data, and rapid transaction processing." "Microsoft Corporation" "c:\program files (x86)\microsoft sql server\mssql10.mssmlbiz\mssql\binn\sqlservr.exe" "3/29/2009 4:29 PM"
+ "MyWiFiDHCPDNS" "Wireless PAN DHCP and DNS Server" "" "c:\program files\intel\wifi\bin\pandhcpdns.exe" "6/1/2011 1:23 PM"
+ "N360" "Norton 360" "Symantec Corporation" "c:\program files (x86)\norton 360\engine\20.4.0.40\ccsvchst.exe" "5/20/2013 5:25 PM"
+ "Net Driver HPZ12" "Dot4Net Module" "Hewlett-Packard" "c:\windows\system32\hpzinw12.dll" "12/3/2008 8:35 AM"
+ "NVSvc" "NVIDIA Driver Helper Service, Version 268.93" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe" "6/16/2011 9:30 PM"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files (x86)\common files\microsoft shared\source engine\ose.exe" "1/9/2010 10:16 PM"
+ "osppsvc" "Office Software Protection Platform Service (unlocalized description)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe" "8/11/2009 8:00 PM"
+ "PDFProFiltSrv" "PDFPROFILTSRV.EXE" "Nuance Communications, Inc." "c:\program files (x86)\nuance\pdf professional 8\pdfprofiltsrv.exe" "10/23/2012 2:24 PM"
+ "PMBDeviceInfoProvider" "Enables PMB to communicate with the device." "Sony Corporation" "c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe" "3/14/2011 11:29 PM"
+ "Pml Driver HPZ12" "PmlDrv Module" "Hewlett-Packard" "c:\windows\system32\hpzipm12.dll" "12/3/2008 8:35 AM"
+ "PSI_SVC_2" "This service provides Protexis licensing functionalty." "Protexis Inc." "c:\program files (x86)\common files\protexis\license service\psiservice_2.exe" "3/11/2010 4:06 PM"
+ "RegSrvc" "Provides registry access to all Intel® PROSet/Wireless Software components" "Intel® Corporation" "c:\program files\common files\intel\wirelesscommon\regsrvc.exe" "6/1/2011 1:19 PM"
+ "SampleCollector" "Checks the systems performance for VAIO Care." "Sony Corporation" "c:\program files\sony\vaio care\vcperfservice.exe" "3/4/2013 3:06 PM"
+ "SeaPort" "Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar." "Microsoft Corporation" "c:\program files (x86)\microsoft\bingbar\seaport.exe" "2/11/2011 8:29 PM"
+ "SMARTHelperService" "Helper service for SMART Board Service" "SMART Technologies" "c:\program files (x86)\smart technologies\education software\smarthelperservice.exe" "10/17/2012 8:31 AM"
+ "SOHCImp" "VAIO Content Importer" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe" "10/27/2011 5:05 AM"
+ "SOHDs" "VAIO Device Searcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\sohlib\sohds.exe" "10/27/2011 4:30 AM"
+ "SpfService" "VAIO Entertainment Common Service" "Sony Corporation" "c:\program files\common files\sony shared\vaio entertainment platform\spf\spfservice64.exe" "9/7/2011 11:09 PM"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe" "7/9/2008 4:45 PM"
+ "Stereo Service" "Provides system support for NVIDIA Stereoscopic 3D driver" "NVIDIA Corporation" "c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe" "6/16/2011 8:16 PM"
+ "UNS" "Intel® Management and Security Application User Notification Service - Updates the Windows Event Log with notifications of pre defined events received from the local Intel® Management and Security Application Device." "Intel Corporation" "c:\program files (x86)\intel\intel® management engine components\uns\uns.exe" "5/4/2011 1:31 PM"
+ "USER_ESRV_SVC" "Intel® Energy Checker SDK. ESRV Service." "" "c:\program files\sony\vaio care\esrv\esrv_svc.exe" "2/22/2013 2:01 PM"
+ "VAIO Event Service" "Provides the hardware event managing service for VAIO. During termination of this service, some fuctions such as Special button ,Hotkey ,and VAIO original powermanagement are limited." "Sony Corporation" "c:\program files (x86)\sony\vaio control center\vesmgr.exe" "5/31/2011 1:50 AM"
+ "VAIO Power Management" "Provides power management service for VAIO. If this service is stopped or disabled,  power management functions for VAIO will not be available." "Sony Corporation" "c:\program files\sony\vaio power management\spmservice.exe" "12/31/2010 12:10 AM"
+ "VCFw" "VAIO Content Folder Watcher" "Sony Corporation" "c:\program files (x86)\common files\sony shared\vaio content folder watcher\vcfw.exe" "8/24/2011 9:28 PM"
+ "VcmIAlzMgr" "Provides the content analysis function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmialzmgr.exe" "9/8/2011 12:44 AM"
+ "VcmINSMgr" "Provides the information retrieval service function used with VAIO original software." "Sony Corporation" "c:\program files\sony\vcm intelligent network service manager\vcminsmgr.exe" "9/7/2011 11:34 PM"
+ "VcmXmlIfHelper" "VcmXml Helper Interface" "Sony Corporation" "c:\program files\common files\sony shared\vcmxml\vcmxmlifhelper64.exe" "8/26/2011 2:36 AM"
+ "VCService" "Provides important VAIO Care functionality.  If this service is stopped or disabled, VAIO Care may not function correctly." "Sony Corporation" "c:\program files\sony\vaio care\vcservice.exe" "1/19/2012 9:48 PM"
+ "VSNService" "VAIO Smart Network Service" "Sony Corporation" "c:\program files\sony\vaio smart network\vsnservice.exe" "7/3/2011 8:38 PM"
+ "VUAgent" "Agent for VAIO Update." "Sony Corporation" "c:\program files\sony\vaio update common\vuagent.exe" "1/12/2012 4:28 AM"
+ "WiMAXAppSrv" "WiMAX SDK Service for Intel® PROSet/Wireless WiMAX Software" "Intel® Corporation" "c:\program files\intel\wimax\bin\appsrv.exe" "6/14/2011 1:26 AM"
+ "WinDefend" "Protection against spyware and potentially unwanted software" "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll" "5/26/2013 11:51 PM"
+ "wlidsvc" "Enables Windows Live ID authentication." "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe" "3/28/2011 10:11 PM"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe" "11/20/2010 5:18 AM"
"HKLM\System\CurrentControlSet\Services" "" "" "" "11/23/2013 11:38 PM"
+ "adp94xx" "Adaptec Windows SAS/SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adp94xx.sys" "12/5/2008 5:54 PM"
+ "adpahci" "Adaptec Windows SATA Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\adpahci.sys" "5/1/2007 11:30 AM"
+ "adpu320" "Adaptec StorPort Ultra320 SCSI Driver (X64)" "Adaptec, Inc." "c:\windows\system32\drivers\adpu320.sys" "2/27/2007 6:04 PM"
+ "aliide" "ALi mini IDE Driver" "Acer Laboratories Inc." "c:\windows\system32\drivers\aliide.sys" "7/13/2009 5:19 PM"
+ "amdsata" "AHCI 1.2 Device Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdsata.sys" "3/18/2010 6:45 PM"
+ "amdsbs" "AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform" "AMD Technologies Inc." "c:\windows\system32\drivers\amdsbs.sys" "3/20/2009 12:36 PM"
+ "amdxata" "Storage Filter Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdxata.sys" "3/19/2010 10:18 AM"
+ "arc" "Adaptec RAID Storport Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arc.sys" "5/24/2007 3:27 PM"
+ "arcsas" "Adaptec SAS RAID WS03 Driver" "Adaptec, Inc." "c:\windows\system32\drivers\arcsas.sys" "1/14/2009 1:27 PM"
+ "athr" "Atheros Extensible Wireless LAN device driver" "Atheros Communications, Inc." "c:\windows\system32\drivers\athrx.sys" "6/9/2009 12:06 PM"
+ "b06bdrv" "Broadcom NetXtreme II GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\bxvbda.sys" "2/13/2009 4:18 PM"
+ "b57nd60a" "Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57nd60a.sys" "4/26/2009 5:14 AM"
+ "BHDrvx64" "SONAR Engine Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\bashdefs\20131114.001\bhdrvx64.sys" "10/17/2013 2:36 AM"
+ "bpenum" "Intel® WiMax Link 5050 Series Enumerator" "Intel Corporation" "c:\windows\system32\drivers\bpenum.sys" "5/19/2011 4:24 AM"
+ "bpmp" "Intel® WiMax Link 5050 Series Driver" "Intel Corporation" "c:\windows\system32\drivers\bpmp.sys" "5/19/2011 4:25 AM"
+ "bpusb" "Intel® WiMax Link 5050 Series Function Driver" "Intel Corporation" "c:\windows\system32\drivers\bpusb.sys" "5/19/2011 4:25 AM"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys" "8/6/2006 7:51 PM"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys" "8/6/2006 7:51 PM"
+ "Brserid" "Brotehr Serial I/F Driver (WDM)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserid.sys" "8/6/2006 7:51 PM"
+ "BrSerWdm" "Brother Serial driver (WDM version)" "Brother Industries Ltd." "c:\windows\system32\drivers\brserwdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbMdm" "Brother USB MDM Driver " "Brother Industries Ltd." "c:\windows\system32\drivers\brusbmdm.sys" "8/6/2006 7:51 PM"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys" "8/9/2006 6:11 AM"
+ "BTWAMPFL" "btwampfl Bluetooth filter driver" "Broadcom Corporation." "c:\windows\system32\drivers\btwampfl.sys" "4/30/2011 1:04 PM"
+ "btwaudio" "" "" "File not found: system32\drivers\btwaudio.sys" ""
+ "btwl2cap" "" "" "File not found: system32\DRIVERS\btwl2cap.sys" ""
+ "btwrchid" "" "" "File not found: system32\DRIVERS\btwrchid.sys" ""
+ "ccSet_N360" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\ccsetx64.sys" "3/21/2013 9:02 PM"
+ "cmdide" "CMD PCI IDE Bus Driver" "CMD Technology, Inc." "c:\windows\system32\drivers\cmdide.sys" "7/13/2009 5:19 PM"
+ "e1yexpress" "Intel® Gigabit Network Connection NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1y60x64.sys" "8/18/2008 3:45 PM"
+ "ebdrv" "Broadcom NetXtreme II 10 GigE VBD" "Broadcom Corporation" "c:\windows\system32\drivers\evbda.sys" "12/31/2008 10:29 AM"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eectrl64.sys" "10/9/2013 2:50 PM"
+ "elxstor" "Storport Miniport Driver for LightPulse HBAs" "Emulex" "c:\windows\system32\drivers\elxstor.sys" "2/3/2009 4:52 PM"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files (x86)\common files\symantec shared\eengine\eraserutilrebootdrv.sys" "10/9/2013 2:50 PM"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys" "5/3/2012 1:56 PM"
+ "hcw85cir" "Hauppauge WinTV 885 Consumer IR Driver for eHome" "Hauppauge Computer Works, Inc." "c:\windows\system32\drivers\hcw85cir.sys" "5/11/2009 2:26 AM"
+ "HpSAMD" "Smart Array SAS/SATA Controller Media Driver" "Hewlett-Packard Company" "c:\windows\system32\drivers\hpsamd.sys" "4/20/2010 12:32 PM"
+ "iaStor" "Intel Rapid Storage Technology driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys" "1/12/2011 7:50 PM"
+ "iaStorV" "Intel Matrix Storage Manager driver - x64" "Intel Corporation" "c:\windows\system32\drivers\iastorv.sys" "6/10/2010 6:46 PM"
+ "IDSVia64" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\ipsdefs\20131126.001\idsvia64.sys" "10/16/2013 4:10 PM"
+ "iirsp" "Intel/ICP Raid Storport Driver" "Intel Corp./ICP vortex GmbH" "c:\windows\system32\drivers\iirsp.sys" "12/13/2005 3:47 PM"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkvhd64.sys" "6/24/2011 4:44 AM"
+ "LSI_FC" "LSI Fusion-MPT FC Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_fc.sys" "12/9/2008 4:46 PM"
+ "LSI_SAS" "LSI Fusion-MPT SAS Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas.sys" "5/18/2009 6:20 PM"
+ "LSI_SAS2" "LSI SAS Gen2 Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_sas2.sys" "5/18/2009 6:31 PM"
+ "LSI_SCSI" "LSI Fusion-MPT SCSI Driver (StorPort)" "LSI Corporation" "c:\windows\system32\drivers\lsi_scsi.sys" "4/16/2009 4:13 PM"
+ "megasas" "MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64" "LSI Corporation" "c:\windows\system32\drivers\megasas.sys" "5/18/2009 7:09 PM"
+ "MegaSR" "LSI MegaRAID Software RAID Driver" "LSI Corporation, Inc." "c:\windows\system32\drivers\megasr.sys" "5/18/2009 7:25 PM"
+ "MEIx64" "Intel® Management Engine Interface" "Intel Corporation" "c:\windows\system32\drivers\hecix64.sys" "10/19/2010 5:33 PM"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20131126.016\eng64.sys" "8/22/2013 2:38 PM"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_20.1.0.24\definitions\virusdefs\20131126.016\ex64.sys" "8/22/2013 2:36 PM"
+ "NEOFLTR_717_20581" "NetBIOS Redirector" "Juniper Networks" "c:\windows\system32\drivers\neofltr_717_20581.sys" "3/12/2012 3:13 AM"
+ "NETwNs64" "Intel® Wireless WiFi Link Driver" "Intel Corporation" "c:\windows\system32\drivers\netwns64.sys" "5/1/2011 3:33 PM"
+ "nfrd960" "IBM ServeRAID Controller Driver" "IBM Corporation" "c:\windows\system32\drivers\nfrd960.sys" "6/6/2006 3:11 PM"
+ "nusb3hub" "USB 3.0 Hub Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3hub.sys" "12/9/2010 10:50 PM"
+ "nusb3xhc" "USB 3.0 Host Controller Driver" "Renesas Electronics Corporation" "c:\windows\system32\drivers\nusb3xhc.sys" "12/9/2010 10:50 PM"
+ "NVHDA" "NVIDIA HDMI Audio Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvhda64v.sys" "3/3/2011 9:59 AM"
+ "nvlddmkm" "NVIDIA Windows Kernel Mode Driver, Version 268.93 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys" "6/16/2011 9:08 PM"
+ "nvraid" "NVIDIA® nForce™ RAID Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvraid.sys" "3/19/2010 2:59 PM"
+ "nvstor" "NVIDIA® nForce™ Sata Performance Driver" "NVIDIA Corporation" "c:\windows\system32\drivers\nvstor.sys" "3/19/2010 2:45 PM"
+ "ql2300" "QLogic Fibre Channel Stor Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql2300.sys" "1/22/2009 5:05 PM"
+ "ql40xx" "QLogic iSCSI Storport Miniport Driver" "QLogic Corporation" "c:\windows\system32\drivers\ql40xx.sys" "5/18/2009 7:18 PM"
+ "regi" "regi driver" "InterVideo" "c:\windows\system32\drivers\regi.sys" "4/16/2007 9:19 AM"
+ "rimspci" "RICOH MS Driver" "REDC" "c:\windows\system32\drivers\rimssne64.sys" "10/20/2010 7:33 PM"
+ "risdsnpe" "RICOH PCIe SDXC/MMC Controller Driver" "REDC" "c:\windows\system32\drivers\risdsnxc64.sys" "12/17/2010 6:45 AM"
+ "RTL8167" "Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver                " "Realtek                                            " "c:\windows\system32\drivers\rt64win7.sys" "4/21/2011 12:15 PM"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys" "9/13/2006 7:18 AM"
+ "semav6thermal64ro" "" "" "c:\windows\system32\drivers\semav6thermal64ro.sys" "12/28/2011 2:17 PM"
+ "SFEP" "Sony Firmware Extension Parser driver" "Sony Corporation" "c:\windows\system32\drivers\sfep.sys" "11/26/2009 11:39 PM"
+ "SiSRaid2" "SiS RAID Stor Miniport Driver" "Silicon Integrated Systems Corp." "c:\windows\system32\drivers\sisraid2.sys" "9/24/2008 12:28 PM"
+ "SiSRaid4" "SiS AHCI Stor-Miniport Driver" "Silicon Integrated Systems" "c:\windows\system32\drivers\sisraid4.sys" "10/1/2008 3:56 PM"
+ "SMARTMouseFilterx64" "Mouse Upper Filter Driver" "SMART Technologies ULC" "c:\windows\system32\drivers\smartmousefilterx64.sys" "2/13/2008 11:34 AM"
+ "SMARTVHidMiniVistaAmd64" "Driver for SMART HID Device" "SMART Technologies ULC" "c:\windows\system32\drivers\smartvhidminivistaamd64.sys" "2/13/2008 9:53 AM"
+ "SMARTVTabletPCx64" "Driver for SMART Virtual TabletPC HID Device" "SMART Technologies ULC" "c:\windows\system32\drivers\smartvtabletpcx64.sys" "11/10/2010 9:15 AM"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\srtsp64.sys" "4/22/2013 4:26 PM"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\srtspx64.sys" "1/25/2013 3:30 PM"
+ "stexstor" "Promise  SuperTrak EX Series Driver for Windows " "Promise Technology" "c:\windows\system32\drivers\stexstor.sys" "2/17/2009 5:03 PM"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\symds64.sys" "4/25/2013 5:19 PM"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\symefa64.sys" "1/18/2013 6:31 PM"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent64x86.sys" "8/21/2012 11:33 PM"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\ironx64.sys" "7/23/2012 6:34 PM"
+ "SymNetS" "Network Security Driver" "Symantec Corporation" "c:\windows\system32\drivers\n360x64\1404000.028\symnets.sys" "4/9/2013 5:24 PM"
+ "SynTP" "Synaptics Touchpad Driver" "Synaptics Incorporated" "c:\windows\system32\drivers\syntp.sys" "12/17/2010 10:51 AM"
+ "USBAAPL64" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl64.sys" "11/27/2012 5:38 PM"
+ "viaide" "VIA Generic PCI IDE Bus Driver" "VIA Technologies, Inc." "c:\windows\system32\drivers\viaide.sys" "7/13/2009 5:19 PM"
+ "vsmraid" "VIA RAID DRIVER FOR AMD-X86-64" "VIA Technologies Inc.,Ltd" "c:\windows\system32\drivers\vsmraid.sys" "1/30/2009 7:18 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "10/11/2013 2:33 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm" "7/13/2009 7:28 PM"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" "" "11/24/2013 9:53 AM"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\syswow64\l3codeca.acm" "7/13/2009 7:06 PM"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\syswow64\iccvid.dll" "11/20/2010 5:59 AM"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\syswow64\tsccvid.dll" "10/10/2002 1:46 PM"
"HKLM\Software\Classes\Filter" "" "" "" "11/24/2013 9:38 AM"
+ "Sony Amplitude Modulation" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Chorus" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Distortion" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Dither" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll" "9/2/2010 2:47 PM"
+ "Sony ExpressFX Amplitude Modulation" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Audio Restoration" "Sony ExpressFX Audio Restoration" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\xpvinyl.dll" "9/2/2010 2:48 PM"
+ "Sony ExpressFX Chorus" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Delay" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Distortion" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Dynamics" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll" "9/2/2010 2:47 PM"
+ "Sony ExpressFX Equalization" "Sony ExpressFX 2 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx2.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Flange/Wah-Wah" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Graphic EQ" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll" "9/2/2010 2:47 PM"
+ "Sony ExpressFX Noise Gate" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll" "9/2/2010 2:47 PM"
+ "Sony ExpressFX Reverb" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Stutter" "Sony ExpressFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx1.dll" "9/2/2010 2:46 PM"
+ "Sony ExpressFX Time Stretch" "Sony ExpressFX 3 " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfxpfx3.dll" "9/2/2010 2:47 PM"
+ "Sony Flange/Wah-wah" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Gapper/Snipper" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Graphic Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Graphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Multi-Band Dynamics" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Multi-Tap Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Noise Gate" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Pan" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll" "9/2/2010 2:48 PM"
+ "Sony Paragraphic EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Parametric EQ" "Sony XFX 2 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack2.dll" "9/2/2010 2:44 PM"
+ "Sony Pitch Shift" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Resonant Filter" "Sony Resonant Filter" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfresfilter.dll" "9/2/2010 2:48 PM"
+ "Sony Reverb" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Simple Delay" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Smooth/Enhance" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Time Stretch" "Sony XFX 1 Plug-In Pack " "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack1.dll" "9/2/2010 2:44 PM"
+ "Sony Track Compressor" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll" "9/2/2010 2:47 PM"
+ "Sony Track EQ" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll" "9/2/2010 2:47 PM"
+ "Sony Track Noise Gate" "Sony TrackFX 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sftrkfx1.dll" "9/2/2010 2:47 PM"
+ "Sony Vibrato" "Sony XFX 3 Plug-In Pack" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sfppack3.dll" "9/2/2010 2:45 PM"
+ "Sony Volume" "Sound Forge Pro Pan and Volume 1" "Sony Creative Software Inc." "c:\program files (x86)\sony\shared plug-ins\audio\sffrgpnv.dll" "9/2/2010 2:48 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "MS PR Source Filter" "PlayReady DirectShow Source Filter DLL" "Microsoft Corporation" "c:\program files\playready\prsource.dll" "4/23/2009 3:11 AM"
+ "PlayReady DMO Wrapper" "PlayReady DirectShow DMO Wrapper Filter DLL" "Microsoft Corporation" "c:\program files\playready\prdmowrapper.dll" "4/23/2009 3:11 AM"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" "" "7/13/2009 10:53 PM"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "InterVideo Audio Decoder" "IVIAUDIO LOGID.526626" "InterVideo Inc." "c:\program files (x86)\corel\corelwindvd2010\iviaudio.ax" "1/17/2012 3:11 AM"
+ "InterVideo Video Decoder" "IVIVIDEO LOGID.526626" " InterVideo Inc." "c:\program files (x86)\corel\corelwindvd2010\ivivideo.ax" "1/17/2012 3:11 AM"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "VAIO Content Metadata Univ Filter" "DirectShow Filter for VCM Intelligent Analyzing Manager" "Sony Corporation" "c:\program files\sony\vcm intelligent analyzing manager\vcmsmplcapflt.ax" "8/25/2011 11:14 PM"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll" "5/13/2011 4:39 PM"
+ "Xiph.Org Ogg Demuxer" "dsfOggDemux2" "Xiph.org Foundation" "c:\program files (x86)\smart technologies\education software\dsfoggdemux2-vc100-mt-0_84.dll" "4/28/2011 11:33 AM"
+ "Xiph.Org Ogg Muxer" "dsfOggMux" "Xiph.org Foundation" "c:\program files (x86)\smart technologies\education software\dsfoggmux-vc100-mt-0_84.dll" "4/28/2011 11:33 AM"
+ "Xiph.Org Vorbis Decoder" "dsfVorbisDecoder" "Xiph.org Foundation" "c:\program files (x86)\smart technologies\education software\dsfvorbisdecoder-vc100-mt-0_84.dll" "4/28/2011 11:33 AM"
+ "Xiph.Org Vorbis Encoder" "dsfVorbisEncoder" "Xiph.org Foundation" "c:\program files (x86)\smart technologies\education software\dsfvorbisencoder-vc100-mt-0_84.dll" "4/28/2011 11:33 AM"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls" "" "" "" "5/16/2013 4:45 PM"
+ "c:\progra~2\contin~1\sprote~1.dll" "" "" "File not found: c:\progra~2\contin~1\sprote~1.dll" ""
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers" "" "" "" "7/13/2009 10:53 PM"
+ "BtwCredentialProvider" "" "" "File not found: C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll" ""
+ "WLIDCredentialProvider" "Microsoft® Windows Live ID Credential Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll" "3/28/2011 10:12 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" "" "10/8/2013 5:43 PM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files (x86)\bonjour\mdnsnsp.dll" "8/30/2011 11:44 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "3/28/2011 9:31 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll" "3/28/2011 9:31 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64" "" "" "" "10/8/2013 5:43 PM"
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll" "8/30/2011 11:53 PM"
+ "WindowsLive Local NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "3/28/2011 10:10 PM"
+ "WindowsLive NSP" "Microsoft® Windows Live ID Namespace Provider" "Microsoft Corp." "c:\program files\common files\microsoft shared\windows live\wlidnsp.dll" "3/28/2011 10:10 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" "" "11/24/2013 9:53 AM"
+ "hpf3l70v.dll" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpf3l70v.dll" "4/16/2009 2:38 AM"
+ "SMART Local Port" "SMART Notebook Document Writer Print Capture Port" "SMART Technologies ULC" "c:\windows\system32\smrtlocalmon.dll" "7/12/2010 1:35 PM"
"C:\Users\Jorge\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" "" "10/1/2013 3:22 PM"
+ "" "" "" "C:\Program Files\Windows Sidebar\Gadgets\Norton.Gadget" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\Windows Sidebar\Gadgets\Clock.Gadget\en-US\Gadget.xml" "11/21/2010 1:06 AM"
+ "HP Photo Print" "Drag and drop photos to print." "Hewlett-Packard Corp" "C:\Users\Jorge\AppData\Local\Microsoft\Windows Sidebar\Gadgets\HPPhoto.gadget\Gadget.xml" "5/21/2009 2:44 PM"
 



#13 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 27 November 2013 - 11:43 AM

I think the virus might be back. I saw a popup ad for "NEW Media Player Pro". This was an ad that was around when the virus kept annoying me...

 

Just checked the list of programs in Control Panel. ScorpionSaver is back. What should I do?



#14 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:41 AM

Posted 27 November 2013 - 03:17 PM

Hi -

This has been the reason for you posting the Autoruns log. It allows me to see inside.

Print out this list if you can, as it will make it easier to recognise the programs.

We will start to Disable the problem programs first, and Delete a few also.

Here is the start list - I want you to re-open Autoruns, and at the Left End of these lines "Untick" them.

After a few minutes you will recognise the color patterned layout (I have selected a few extra active infections)

Only the ones I have Bolded, you can Right click, Delete them (totally unwanted).

 

+ "rdpclip" "" "" "File not found: rdpclip" ""
+ "EaseUS EPM tray" "" "" "File not found: C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe" ""
+ "ImproveSpeedPC" "" "" "File not found: C:\Program Files (x86)\ImproveSpeedPC\ImproveSpeedPC.exe" ""
+ "Bluetooth.lnk" "" "" "File not found: C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe" ""
+ "GameStop Now.lnk" "" "" "File not found: C:\Program Files (x86)\GameStop App\Now\GameStopNow.exe" ""
+ "C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd" "" "" "File not found: C:\Users\Jorge\LOCALS~1\Temp\msoidk.cmd" ""
+ "Internet Explorer" "" "" "File not found: C:\Windows\system32\ie4uinit.exe" ""

+ "SMART Technologies Update" "" "" "File not found: C:\Users\Jorge\AppData\Local\SMART Technologies\bordbk150.dll" ""
+ "Softango  Downloader213706.exe" "" "" "File not found: C:\Users\Jorge\AppData\Local\Temp\Softango  Downloader213706.exe" ""
 + "Ycbalo" "" "" "File not found: C:\Users\Jorge\AppData\Roaming\Ophevi\iqeg.exe" ""
+ "ShellConverter" "" "" "File not found: C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll" ""
+ "ScorpionSaver" "" "" "c:\program files (x86)\scorpionsaver\iecore.dll" "11/7/2013 12:54 PM"
+ "\4684" "" "" "File not found: C:\Users\Jorge\AppData\Local\Temp\launchie.vbs" ""
+ "\Improve Speed PC" "" "" "File not found: C:\Program Files (x86)\ImproveSpeedPC\ImproveSpeedPC.exe" ""
+ "\Unblock-us" "" "" "File not found: C:\Users\Jorge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4OHNU7U\unblock-us.exe" ""
+ "Level Quality Watcher" "" "" "c:\program files\level quality watcher\v1.01\levelqualitywatcher64.exe" "11/25/2013 3:02 PM"
+ "btwaudio" "" "" "File not found: system32\drivers\btwaudio.sys" ""
+ "btwl2cap" "" "" "File not found
: system32\DRIVERS\btwl2cap.sys" ""
+ "btwrchid" "" "" "File not found: system32\DRIVERS\btwrchid.sys" ""

 

When you finish, close Autoruns and Fully Reboot your computer -

 

Clear Cache/Temp Files
Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. 
  • Let it run uninterrupted to completion.
  • Once it's finished it may reboot your machine. If it does not, please manually reboot yourself to ensure a complete clean.

 

Now tell me if there is an issue and exactly what it is

 

 

Thank You -


Edited by noknojon, 27 November 2013 - 03:22 PM.


#15 NutOfDeath

NutOfDeath
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:06:41 PM

Posted 27 November 2013 - 04:24 PM

When deleting "\Improve Speed PC", it shows an error:

Error changing item state: The system cannot find the file specified.

It disappeared from the list though.

EDIT: Weird, when I rebooted, the .dll error didn't pop up, but an "update" for Flash did.

Edited by NutOfDeath, 27 November 2013 - 04:30 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users