Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Autoruns results!!!


  • Please log in to reply
67 replies to this topic

#1 Marioo

Marioo

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:40 PM

Posted 05 March 2015 - 01:13 PM

I have checked in autoruns and found :::   Bfilter ( Baidu antivirus Minifilter Drive)  REGISTRY EDITOR

                                                                   

                                                                   Bfmon ( Baidu Fs Monitor Driver)   REGISTRY EDITOR

 

                                                                   Bnbase >>> already deleted in DEVICE MANAGER

 

What would you advise me about ???    Should I delete them ???   Thanks !!!!!

 


BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 PM

Posted 05 March 2015 - 01:36 PM

Hi Marioo :)

You can right-click on their entries in Autoruns and select Delete. You don't have Baidu installed on your system, these drivers are useless now. I guess that they are highlighted in yellow as well?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:40 PM

Posted 05 March 2015 - 01:48 PM

  Should I delete it from autoruns or from registry editor?????

 

They are all files not found!!!!!

 

 

Yes they are highlighted in yellow!!!


Edited by Marioo, 05 March 2015 - 01:52 PM.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:40 PM

Posted 05 March 2015 - 01:49 PM

My question would be...what made you go probing through your system, using Autoruns For Windows?

 

Autoruns lists a lot of information (including Windows drivers which are essential)...so I'm curious as to what you are trying to accomplish by using it.

 

Louis



#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 PM

Posted 05 March 2015 - 01:51 PM

I would delete them from the Autoruns executable directly. Just right-click on the entry and select Delete. It'll do the job just fine. If it doesn't work, make sure that Autoruns is launched with Admin Rights. Right-click on the Autorusn executable and select Run as Administrator.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,612 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:40 PM

Posted 05 March 2015 - 02:00 PM

AutoRuns is a tool for advanced users since it does not have the ability to recognize unsafe or dangerous items...it only displays what it finds. You should not uncheck anything without investigating first.

I am a firm believer that if you're unsure how to use a particular security tool or interpret any logs it generates, then you probably should not be using it. Users often panic when they see log results they do not understand. Some security tools are intended for advanced users, those who are knowledgeable of the Windows registry or to be used under the guidance of an expert who can interpret the log results and investigate it for malicious entries before taking any removal action. Some security tools will show everything they find that is a possible problem but you need to know what to remove and what not to remove. Incorrectly removing legitimate entries could lead to disastrous problems with your operating system.

If you're going to use Autoruns, be careful using it and be sure to read the following before doing anything:


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:40 PM

Posted 05 March 2015 - 02:11 PM

I can understand each file I read but I am used to ask first for I am not a tecknical  but when I have doubts surely I have to ask first!!!

 

 

By the way I have about 46 highlighted  files. I can see that some of them are from deleted programs. What would you advise me about!!  

 

 

 

How can I update autoruns!!! Since it is not listed on add // remove  programs!!

 

Thanks for the tips above!!!


Edited by Marioo, 05 March 2015 - 02:36 PM.


#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,612 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:40 PM

Posted 05 March 2015 - 02:17 PM

Read the third link...Autoruns: What to uncheck and what not?


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 PM

Posted 05 March 2015 - 02:22 PM

You can upload your Autoruns file for me to check Marioo.

sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible;
  • Go on ge.tt and upload the Autoruns file you saved;
  • Once done, post the download URL of your uploaded file in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 hamluis

hamluis

    Moderator


  • Moderator
  • 56,131 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:02:40 PM

Posted 05 March 2015 - 02:35 PM

You haven't answered my question so I would not advise deleting anything.

 

Autoruns has several tabs...so telling us that you have 46 items that you have decided to concern yourself with...is not very useful data.  What tab are you looking at?

 

Louis



#11 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:40 PM

Posted 05 March 2015 - 03:13 PM

I have autoruns already installed should I delete it before downloading the latest version ???   Thanksss!!!



#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,612 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:03:40 PM

Posted 05 March 2015 - 03:16 PM

You haven't answered my question so I would not advise deleting anything.
 
Autoruns has several tabs...so telling us that you have 46 items that you have decided to concern yourself with...is not very useful data.  What tab are you looking at?
 
Louis

Do as requested by our Moderator before proceeding.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 PM

Posted 05 March 2015 - 03:21 PM

Just so everyone knows, he can delete without any risks the entries he listed in the OP, since I made him delete these entries from the Device Manager in another thread.

http://www.bleepingcomputer.com/forums/t/568936/slim-drivers/#entry3644151

They are safe to delete. I don't know about the other 46 ones, hence why I'm asking for the Autoruns file.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Marioo

Marioo
  • Topic Starter

  • Members
  • 237 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Rio de Janeiro
  • Local time:06:40 PM

Posted 05 March 2015 - 03:33 PM

Please!!  Should I delete the autoruns program I already have on my computer!!!


Edited by Marioo, 05 March 2015 - 06:59 PM.


#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,670 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:40 PM

Posted 05 March 2015 - 03:36 PM

Marioo, if you followed my instructions in post #9, you do not have to delete this file. Upload it on mega.co.nz and give me the download link please.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users