(Abine Inc.) C:\Program Files (x86)\DoNotTrackPlus\IE\DNTPService.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Advanced Micro Devices Inc.) c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Microsoft Corporation) C:\Program Files (x86)\EMET 4.0\EMET_Agent.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (Finkit d.o.o.) C:\Users\Robin\Downloads\ManicTime_Jun13_Portable\ManicTimeUsb\ManicTime.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Running from C:\Users\Robin\Downloads\Farbar Rcvry Scan Tool_Oct13\Download Ran by Robin (ATTENTION: The logged in user is not administrator) on ROBIN-HP on 05-10-2013 16:00:34 Scan result of Farbar Recovery Scan Tool (FRST.txt) (圆4) Version: 02-10-2013 Per your request, the Farbar Recovery Scan Tool file FRST.txt is copy-pasted below, and the file Addition.txt is attached. (BTW - I am in the US Pacific time zone.) Thank you for your kind attention to this matter. Order to ensure that these PUMs are not symptoms of an infection that remains to be dealt with? My questions are, (A) How do I delete the three values in the registry for the regular user account? And (B) Do I need to do something more, in Windows refuses permission to delete them, even though I have triedĮvery tweak of Ownership and Permissions for the sub-key. This leaves the three HKCU values in the regular user account. In the regular user account, I was able to delete the two values only in (5) In both administrator accounts I was able to delete all these values. This same set of values appeared in Regedit for the regular user account, for the regular administrator account, and for the backup administrator (4) After MBAM was unable to remove the PUMs, I opened Regedit and found the following values: OpenCandy whenever I update FreeFileSync, I have never had either a report of malware, or an actual infection that I have known about, in the On-demand scanners, ESET Online Scanner, Hitman Pro, Kaspersky TDSSKiller, and Trend Micro Housecall. I regularly scan with MBAM, MS Safety Scanner, SuperAntiSpyware, and have recently added, as I have Norton Antivirus running, as my real-time AV program, together with Windows, IE, and all the other programs I have been using, were functioning properlyīefore MBAM found the "malicious software," and continue to. (4) Furthermore, I have had no symptoms of infection. However, I have continued to be able to open both. (3) An internet search showed that when MBAM has found these so-called "PUMs" on others' computers, they were unable to open Regedit or Repeating this cycle of scan-delete-restart a few times produced the same Restarted, a second Quick scan produced the same positive result. (2) In the MBAM results Window, I clicked first on the "Remove Selected" button, then on the "Click Yes to restart now" button. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Data: 0 -> Delete on reboot. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Data: 0 -> Delete on reboot. (1) An MBAM Quick scan found the following "malicious software" running on my Windows 7 computer: Endpoint Detection & Response for Servers
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |