Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Depending on the license you have. A lifetime license can only be used on one computer, however it can be transferred to another computer. If you have a multi computer license then you can install it on the number of devices you are licensed for. If you deactivate it from your desktop, then you can install and activate it on your laptop. If I am not mistaken, you can go to https://my.malwarebytes.com/en/login and login with the email address you bought your license with, and there should be an option there to add another license.
  3. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  4. Good evening; About two years ago I bought a license for Malwarebytes Premium for my computer from the Malwarebytes website. I'm interested to buy a second license for Malwarebytes Premium, but I have two question to decide what could I do: - I have a license for a Computer and now I want to install Malwarebytes Premium in a Laptop with a license. Could I use in the laptop the Malwarebyte license I have when I do not use the license on my computer? or Must I buy a new license to use the license for the laptop? - I see on the Malwarebytes website that a second license is 10% cheaper if I already have a license purchased from the Malwarebytes website. About two years ago I already bought a license for Malwarebyte website, but I do not know how to buy the second license in that way, worth 10% cheaper. The Malwarebytes website does not leave the option and I can only buy a new license without the discount. How could I buy a secondo license cheaper? Best regards
  5. Today
  6. Hi, Remove these programs in bold via the Control Panel > Programs > Programs and Features. Host App Service (HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\SweetLabs_AP) (Version: 0.269.8.727 - Pokki) <==== ATTENTION Start Menu (HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\SweetLabs_Start_Menu) (Version: 0.269.8.727 - Pokki) Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Please download Malwarebytes Anti-Malware from here Right-click on the MBAM icon and select Run as administrator to run the tool. Click Yes to accept any security warnings that may appear. Once the MBAM dashboard opens, on the right detail pane click on the word "Current" under the Scan Status to update the tool database. On the left menu pane click the Settings tab, and then select the Protection tab on the top. Under the Scan Options, turn on the button Scan for rootkits and Scan within archives. Click the Scan tab on the right detail pane, select Threat Scan and click the Start Scan button Note: The scan may take some time to finish, so please be patient. If potential threats are detected, ensure to check mark all the listed items, and click the Quarantine Selected button. While still on the Scan tab, click the View Report button, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop. The log can also be viewed by clicking the log to select it, then clicking the View Report button. Please post the log for my review. Note: If asked to restart the computer, please do so immediately. === Please post the Fixlog.txt and let me know what problem persists. p.s. If the file is not deleted Boot to Save mode and delete the file in that Mode. fixlist.txt
  7. Hello nasdaq! Thank you very much for the advice and for answering. Here are the files needed. FRST.txt Addition.txt
  8. Thanks for your help nasdaq-----Seems to be back to normal. I'll watch what happens with Chrome usage over the next few day. Here Is what I did: 1.Uninstalled Chrome 2.Ran scan found same 27 threats Deleted them. 3.rebooted computer 4.ran Malw. B. scan it was clear 5.Reinstalled Chrome and went to a variety of my bookmarked sites 6. Ran Malw B. scan and it was clear again.
  9. Sorry Nasdaq, Here is the FRST file pasted: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.04.2019 01 Ran by Patrice (administrator) on PATRICE (LENOVO 20289) (20-04-2019 09:35:38) Running from C:\Users\Patrice\Downloads Loaded Profiles: UpdatusUser & Patrice (Available Profiles: UpdatusUser & Patrice) Platform: Windows 8.1 (Update) (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation-Mobile Wireless Group -> Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe (Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe (IOLO TECHNOLOGIES, LLC -> Copyright 2018.) C:\Program Files (x86)\Phoenix360\MalwareKiller\ZAM.exe (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Cyren -> Cyren, Inc.) C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Pokki -> Pokki) C:\Users\Patrice\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC) C:\Program Files (x86)\Phoenix360\System Mechanic\SSTray.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (iolo technologies, LLC -> iolo technologies, LLC) C:\Program Files (x86)\Phoenix360\System Mechanic\x64\LBGovernor.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Intel(R) Smart Connect software -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (iolo technologies, LLC -> iolo technologies, LLC) C:\Program Files (x86)\Phoenix360\System Mechanic\SystemMechanic.exe (SatoshiLabs s.r.o. -> ) C:\Program Files (x86)\TREZOR Bridge\trezord.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (iolo technologies, LLC -> iolo technologies, LLC) C:\Program Files (x86)\Phoenix360\System Mechanic\ToolKit.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (PointGrab Ltd -> PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818040 2013-09-19] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13651672 2013-09-03] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-18] (Realtek Semiconductor Corp -> Realtek semiconductor) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-05-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-05-22] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Phoenix360\MalwareKiller\ZAM.exe [15814392 2018-02-14] (IOLO TECHNOLOGIES, LLC -> Copyright 2018.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4426560 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [DLSWebSvc] => C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.DLS.Printing.Host.exe [4871680 2017-09-06] (Sanford, L.P.) [File not signed] HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [2033664 2017-09-06] (Sanford, L.P.) [File not signed] HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\RunOnce: [Uninstall C:\Users\Patrice\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Patrice\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\MountPoints2: {2ae7fadd-8ec1-11e4-825b-8086f2a782f2} - "E:\setup.exe" HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\MountPoints2: {e04bab34-05dd-11e7-82be-8086f2a782f2} - "E:\setup.exe" HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\...\MountPoints2: {fe5a539d-a1a5-11e4-8263-8086f2a782f2} - "E:\VZW_Software_upgrade_assistant.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfCredProv.dll [2014-05-22] (Lenovo (Beijing) Limited -> ) [File not signed] AppInit_DLLs: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC64Loader.dll => No File AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-10-31] (NVIDIA CORPORATION -> NVIDIA Corporation) AppInit_DLLs-x32: C:\PROGRA~2\LenovoBrowserGuard\LenovoBrowserGuard\bin\SPVC32Loader.dll => No File AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [156256 2013-10-31] (NVIDIA CORPORATION -> NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-05-22] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) Smart Connect software -> Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2019-02-24] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs s.r.o. -> ) Startup: C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2018-11-21] ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs s.r.o. -> ) GroupPolicy: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03956B10-86F0-4580-B882-119254E5D0C9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {0DA53A98-FA7D-4991-8ABB-7C0F24BEE63F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation) Task: {114F45DF-07B7-477E-9531-C464FF390496} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.) Task: {14BFC19A-FBE4-4A2E-816D-CB0D3994CD9D} - System32\Tasks\Live Boost Process Governor => C:\Program Files (x86)\Phoenix360\System Mechanic\x64\LBgovernor.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {1B84197F-8697-431E-B778-21EE984F6AC9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {25B9EACD-7437-4C07-8FD1-EC63F46F280E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {28336419-6BEF-41D3-B19F-AF968ECBB23F} - System32\Tasks\Phoenix360\ioloTUDsDownloader => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activebridge.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {2FC820FB-2A3B-4B81-A272-71C65A59E3BE} - System32\Tasks\Phoenix360\ActiveSync-MalwareKiller => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activebridge.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {36268AEA-A9AF-4A22-B590-AF0C0D7AD83F} - System32\Tasks\Phoenix360\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activebridge.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {47E6C795-B03D-455D-BE0F-EB98F7420071} - System32\Tasks\Phoenix360\ioloSystemShield => C:\Program Files (x86)\Phoenix360\System Mechanic\SSTray.exe (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC) Task: {4BFB6D85-7322-4A3C-A20C-C1748C067C2A} - System32\Tasks\SweetLabs App Platform => C:\Users\Patrice\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Pokki -> Pokki) Task: {4EB89F86-4740-4A57-8393-E74FD691ADAD} - System32\Tasks\Phoenix360\ioloActiveCare => C:\Program Files (x86)\Phoenix360\System Mechanic\systemmechanic.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {65B6BD6E-3B2F-4017-92DC-591EC088FC7B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation) Task: {6CECA0B0-07D9-489A-B3D5-8513A96F665A} - System32\Tasks\Phoenix360\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {786E35D5-C904-4211-9AA3-916311F0F44B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {9DB2662B-54CA-4828-84E1-6E9717FAF52C} - System32\Tasks\Phoenix360\ioloAVDefsDownloader => C:\Program Files (x86)\Phoenix360\System Mechanic\SSDefs.exe (iolo technologies, LLC -> iolo technologies, LLC) Task: {A4160F6D-2DF8-4392-9599-92ECBF34480F} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe (Intel(R) Update Manager -> Intel Corporation) Task: {AFCC202B-B9A0-4175-9327-426B41EC6799} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) Task: {C1DC4994-FFAB-4C8D-AFBB-22692E079075} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {CF3C28BD-08FC-4900-8B0B-29B8E20CCBF4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1407781348-2952289101-2913086708-1002 => C:\Users\Patrice\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {DF9883AF-3803-4986-A2E2-EC723961FB69} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {DFA88BF2-6579-4F2C-8361-21AF00F41457} - System32\Tasks\Phoenix360\ActiveMessenger-MalwareKiller => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveBridge.exe (iolo technologies, LLC -> iolo technologies, LLC) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{03FCB178-291C-4FE9-BD9E-C136837F06E0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5CC84C9A-2134-4FDA-A67F-DEE740F3C015}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-02-13] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Software Sarl -> Skype Technologies) FireFox: ======== FF DefaultProfile: 2xylln3o.default FF ProfilePath: C:\Users\Patrice\AppData\Roaming\Mozilla\Firefox\Profiles\2xylln3o.default [2019-04-20] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2013-12-12] (Nitro PDF Software -> Nitro PDF) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-27] (Google Inc -> Google LLC) FF Plugin ProgramFiles/Appdata: C:\Users\Patrice\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-01-22] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default [2019-04-20] CHR Extension: (Slides) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Docs) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-19] CHR Extension: (Ledger Manager) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\beimhnaefocolcplfimocfiaiefpkgbf [2018-08-06] CHR Extension: (YouTube) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01] CHR Extension: (Google Search) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Sheets) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Docs Offline) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20] CHR Extension: (TREZOR Chrome Extension) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcjjhjgimijdkoamemaghajlhegmoclj [2017-12-17] CHR Extension: (Cisco Webex Extension) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2018-07-06] CHR Extension: (Ledger Wallet Bitcoin) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkdpmhnladdopljabkgpacgpliggeeaf [2018-08-06] CHR Extension: (MyEtherWallet) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbmnnijcnlegkjjpcfjclmcfggfefdm [2018-09-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03] CHR Extension: (Gmail) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-26] CHR Extension: (Chrome Media Router) - C:\Users\Patrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-04-10] CHR HKU\S-1-5-21-1407781348-2952289101-2913086708-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) S3 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [432528 2013-05-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-09] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-09] (Dropbox, Inc -> Dropbox, Inc.) S3 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2019-04-03] (Dropbox, Inc -> Dropbox, Inc.) S3 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [27136 2017-09-06] (Sanford, L.P.) [File not signed] S3 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S4 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-01] (Intel(R) Smart Connect software -> ) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-10] (Maxthon (Asia) Limited. -> Maxthon) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] (Intel Corporation-Mobile Wireless Group -> ) S3 NitroDriverReadSpool9; C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [230920 2013-12-12] (Nitro PDF Software -> Nitro PDF Software) S3 nlsX86cc; C:\windows\SysWOW64\NLSSRV32.EXE [69640 2013-12-12] (Nitro PDF Software -> Nalpeiron Ltd.) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [161072 2013-08-07] (PointGrab Ltd -> PointGrab LTD) S4 PG_Service_Launcher; C:\Program Files (x86)\Lenovo\Motion Control\PG_Service_Launcher.exe [345408 2013-08-07] (PointGrab Ltd -> PointGrab LTD) S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> ) S4 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-05-22] (Lenovo (Beijing) Limited -> ) R2 vseamps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseamps.exe [133176 2018-10-12] (Cyren -> Cyren, Inc.) R2 vsedsps; C:\Program Files\Common Files\Commtouch\AntiVirus5\vsedsps.exe [130616 2018-10-12] (Cyren -> Cyren, Inc.) R2 vseqrts; C:\Program Files\Common Files\Commtouch\AntiVirus5\vseqrts.exe [193408 2018-10-12] (Cyren -> Cyren, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Phoenix360\MalwareKiller\ZAM.exe [15814392 2018-02-14] (IOLO TECHNOLOGIES, LLC -> Copyright 2018.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel Corporation-Mobile Wireless Group -> Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMP; C:\windows\system32\Drivers\amp.sys [202664 2018-10-15] (Cyren -> Cyren, Inc.) R2 AMPSE; C:\windows\system32\Drivers\ampse.sys [2065632 2018-10-15] (Cyren -> Cyren, Inc.) R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions Inc. -> Motorola Solutions, Inc.) S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153328 2019-03-29] (Malwarebytes Corporation -> Malwarebytes) R1 excfs; C:\windows\System32\DRIVERS\excfs.sys [25872 2013-07-03] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies) R0 excsd; C:\windows\System32\DRIVERS\excsd.sys [112912 2013-07-03] (CONDUSIV TECHNOLOGIES -> Condusiv Technologies) R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) R3 igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [4216320 2013-12-24] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) R3 ikbevent; C:\windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-01] (Intel(R) Smart Connect software -> ) R3 imsevent; C:\windows\system32\DRIVERS\imsevent.sys [21920 2013-08-01] (Intel(R) Smart Connect software -> ) S3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-01] (Intel(R) Smart Connect software -> ) R3 ISCT; C:\windows\System32\drivers\ISCTD64.sys [46568 2013-08-01] (Intel(R) Smart Connect software -> ) R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [198512 2019-03-29] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [127136 2019-04-16] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73912 2019-04-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-20] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [114040 2019-04-16] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R3 NETwNb64; C:\windows\system32\DRIVERS\Netwbw02.sys [3434464 2014-03-13] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation-Mobile Wireless Group -> Intel Corporation) S3 RTLU3E8023-W8-64; C:\windows\system32\DRIVERS\rtu30x64w8.sys [116440 2014-08-13] (Realtek Semiconductor Corp -> Realtek ) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [423128 2013-07-24] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-18] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-14] (Synaptics Incorporated -> Synaptics Incorporated) S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) R1 ZAM; C:\windows\System32\drivers\zam64.sys [250024 2019-04-13] (Zemana Ltd. -> Copyright 2017.) R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [250024 2019-04-13] (Zemana Ltd. -> Copyright 2017.) S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-20 09:35 - 2019-04-20 09:37 - 000033033 _____ C:\Users\Patrice\Downloads\FRST.txt 2019-04-20 09:35 - 2019-04-20 09:35 - 000000000 ____D C:\Users\Patrice\Downloads\FRST-OlderVersion 2019-04-20 09:35 - 2019-04-20 09:35 - 000000000 ____D C:\FRST 2019-04-20 09:34 - 2019-04-20 09:35 - 002434048 _____ (Farbar) C:\Users\Patrice\Downloads\FRST64 (1).exe 2019-04-20 09:15 - 2019-04-20 09:15 - 000002274 _____ C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iolo Premium Support.lnk 2019-04-20 09:14 - 2019-04-20 09:14 - 002211568 _____ (LogMeIn, Inc.) C:\Users\Patrice\Downloads\Support-LogMeInRescue.exe 2019-04-16 16:57 - 2019-04-20 09:26 - 000073912 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2019-04-16 16:57 - 2019-04-20 09:25 - 000274416 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys 2019-04-16 16:57 - 2019-04-16 16:57 - 000127136 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys 2019-04-16 16:57 - 2019-04-16 16:57 - 000114040 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys 2019-04-13 08:39 - 2019-04-20 09:35 - 000066487 _____ C:\windows\ZAM.krnl.trace 2019-04-13 08:39 - 2019-04-20 09:35 - 000031575 _____ C:\windows\ZAM_Guard.krnl.trace 2019-04-13 08:39 - 2019-04-13 08:39 - 000250024 _____ (Copyright 2017.) C:\windows\system32\Drivers\zamguard64.sys 2019-04-13 08:39 - 2019-04-13 08:39 - 000250024 _____ (Copyright 2017.) C:\windows\system32\Drivers\zam64.sys 2019-04-13 08:39 - 2019-04-13 08:39 - 000001303 _____ C:\Users\Public\Desktop\Malware Killer.lnk 2019-04-13 08:39 - 2019-04-13 08:39 - 000000000 ____D C:\Users\Patrice\AppData\Local\Zemana 2019-04-13 08:39 - 2019-04-13 08:39 - 000000000 ____D C:\Users\Patrice\AppData\Local\Iolo Technologies 2019-04-13 08:39 - 2019-04-13 08:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Killer 2019-04-13 08:37 - 2019-04-13 08:38 - 017496568 _____ (iolo technologies, LLC) C:\Users\Patrice\Downloads\MalwareKillerSetup.exe 2019-04-09 17:37 - 2019-04-09 17:37 - 000000000 ____D C:\windows\LastGood.Tmp 2019-04-09 16:39 - 2019-04-01 21:16 - 004169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2019-04-09 16:39 - 2019-03-26 12:11 - 007079936 _____ (Microsoft Corporation) C:\windows\system32\glcndFilter.dll 2019-04-09 16:39 - 2019-03-26 11:57 - 005276160 _____ (Microsoft Corporation) C:\windows\SysWOW64\glcndFilter.dll 2019-04-09 16:39 - 2019-03-26 11:40 - 007798272 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll 2019-04-09 16:39 - 2019-03-26 11:35 - 005270528 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll 2019-04-09 16:39 - 2019-03-26 04:16 - 001311976 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll 2019-04-09 16:39 - 2019-03-26 02:14 - 025736704 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2019-04-09 16:39 - 2019-03-26 01:52 - 002902528 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2019-04-09 16:39 - 2019-03-26 01:50 - 000577024 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2019-04-09 16:39 - 2019-03-26 01:12 - 020280832 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2019-04-09 16:39 - 2019-03-26 01:08 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2019-04-09 16:39 - 2019-03-26 01:05 - 015284736 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2019-04-09 16:39 - 2019-03-26 01:00 - 004858880 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2019-04-09 16:39 - 2019-03-26 00:56 - 001040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll 2019-04-09 16:39 - 2019-03-26 00:51 - 000498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2019-04-09 16:39 - 2019-03-26 00:48 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2019-04-09 16:39 - 2019-03-26 00:48 - 001556992 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2019-04-09 16:39 - 2019-03-26 00:24 - 013682176 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2019-04-09 16:39 - 2019-03-26 00:08 - 004386304 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2019-04-09 16:39 - 2019-03-26 00:04 - 001332224 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2019-04-09 16:39 - 2019-03-20 21:29 - 002452432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2019-04-09 16:39 - 2019-03-16 00:03 - 002535664 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll 2019-04-09 16:39 - 2019-03-15 23:46 - 000805176 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll 2019-04-09 16:39 - 2019-03-15 23:36 - 001902752 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll 2019-04-09 16:39 - 2019-03-15 23:29 - 000611656 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll 2019-04-09 16:39 - 2019-03-15 22:51 - 001755136 _____ (Microsoft Corporation) C:\windows\system32\GdiPlus.dll 2019-04-09 16:39 - 2019-03-15 22:49 - 001493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\GdiPlus.dll 2019-04-09 16:39 - 2019-03-15 22:48 - 003324416 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2019-04-09 16:39 - 2019-03-15 22:47 - 003617280 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2019-04-09 16:39 - 2019-03-14 01:57 - 007368952 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe 2019-04-09 16:39 - 2019-03-14 01:56 - 001677024 _____ (Microsoft Corporation) C:\windows\system32\winload.efi 2019-04-09 16:39 - 2019-03-14 01:56 - 001537560 _____ (Microsoft Corporation) C:\windows\system32\winload.exe 2019-04-09 16:39 - 2019-03-13 15:13 - 001369096 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2019-04-09 16:39 - 2019-03-09 12:51 - 001115136 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll 2019-04-09 16:39 - 2019-03-09 12:35 - 001085952 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2019-04-09 16:39 - 2019-03-09 12:28 - 002348544 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll 2019-04-09 16:39 - 2019-03-09 12:19 - 001550848 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll 2019-04-09 16:39 - 2019-03-09 12:01 - 003547648 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll 2019-04-09 16:39 - 2019-03-09 10:20 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll 2019-04-09 16:39 - 2019-02-09 14:55 - 022373096 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2019-04-09 16:39 - 2019-02-09 14:23 - 019790664 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2019-04-09 16:38 - 2019-03-30 16:57 - 000126464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\luafv.sys 2019-04-09 16:38 - 2019-03-26 02:00 - 000035840 _____ (Microsoft Corporation) C:\windows\system32\sxssrv.dll 2019-04-09 16:38 - 2019-03-26 01:40 - 005777920 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2019-04-09 16:38 - 2019-03-26 01:40 - 000790528 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2019-04-09 16:38 - 2019-03-26 01:22 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2019-04-09 16:38 - 2019-03-26 01:15 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2019-04-09 16:38 - 2019-03-26 01:10 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2019-04-09 16:38 - 2019-03-26 01:09 - 000381440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll 2019-04-09 16:38 - 2019-03-26 01:06 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2019-04-09 16:38 - 2019-03-26 00:43 - 000663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2019-04-09 16:38 - 2019-03-26 00:36 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2019-04-09 16:38 - 2019-03-26 00:29 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2019-04-09 16:38 - 2019-03-26 00:26 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2019-04-09 16:38 - 2019-03-26 00:23 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2019-04-09 16:38 - 2019-03-26 00:22 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2019-04-09 16:38 - 2019-03-26 00:22 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2019-04-09 16:38 - 2019-03-26 00:21 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2019-04-09 16:38 - 2019-03-26 00:02 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2019-04-09 16:38 - 2019-03-15 22:39 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll 2019-04-09 16:38 - 2019-03-15 22:39 - 000046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll 2019-04-09 16:38 - 2019-03-09 13:08 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\oleprn.dll 2019-04-09 16:38 - 2019-03-09 12:47 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleprn.dll 2019-04-09 16:38 - 2019-03-09 12:43 - 003822080 _____ (Microsoft Corporation) C:\windows\system32\rdpcore.dll 2019-04-09 16:38 - 2019-03-09 12:31 - 003274752 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpcore.dll 2019-04-09 16:38 - 2019-03-09 10:20 - 000475648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxbde40.dll 2019-04-09 16:38 - 2019-03-09 10:20 - 000375808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mspbde40.dll 2019-04-09 16:38 - 2019-03-09 10:20 - 000352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrd3x40.dll 2019-04-09 16:38 - 2019-03-09 10:20 - 000340992 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll 2019-04-09 16:38 - 2019-02-24 10:43 - 001308456 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2019-04-09 16:38 - 2019-02-21 13:36 - 000059392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\npfs.sys 2019-04-09 16:38 - 2019-02-21 13:35 - 000684032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys 2019-04-09 16:38 - 2019-02-21 13:34 - 000416256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys 2019-04-09 16:38 - 2019-02-21 13:34 - 000281088 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys 2019-04-09 16:38 - 2019-02-21 12:31 - 000747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2019-04-09 16:38 - 2019-02-11 23:48 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\dab.dll 2019-04-05 20:20 - 2019-04-05 20:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-04-05 17:48 - 2019-03-29 16:07 - 000835480 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe 2019-04-05 17:48 - 2019-03-29 16:07 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-04-03 16:59 - 2019-04-03 16:59 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe 2019-04-03 16:59 - 2019-04-03 16:59 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys 2019-04-03 16:59 - 2019-04-03 16:59 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys 2019-04-03 16:59 - 2019-04-03 16:59 - 000047600 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys 2019-03-31 09:01 - 2019-03-31 09:01 - 000019896 _____ C:\Users\Patrice\Downloads\TaxStatement_2019 (1).pdf 2019-03-30 20:53 - 2019-03-30 20:53 - 000000355 _____ C:\Users\Patrice\Documents\Homegroup - Shortcut.lnk 2019-03-30 20:53 - 2019-03-30 20:53 - 000000355 _____ C:\Users\Patrice\Documents\Homegroup - Shortcut (2).lnk 2019-03-30 14:51 - 2019-03-30 14:51 - 000019896 _____ C:\Users\Patrice\Downloads\TaxStatement_2019.pdf 2019-03-29 20:18 - 2019-03-29 20:18 - 000198512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys 2019-03-29 18:39 - 2019-04-13 09:46 - 000003158 _____ C:\windows\System32\Tasks\Live Boost Process Governor 2019-03-29 18:39 - 2019-03-29 18:40 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\Phoenix360 2019-03-29 17:28 - 2019-03-29 17:28 - 000000000 ____D C:\ProgramData\Commtouch 2019-03-29 17:28 - 2019-03-29 17:28 - 000000000 ____D C:\Program Files\Common Files\Commtouch 2019-03-29 17:28 - 2018-10-15 02:49 - 002065632 ____R (Cyren, Inc.) C:\windows\system32\Drivers\ampse.sys 2019-03-29 17:28 - 2018-10-15 02:49 - 000202664 ____R (Cyren, Inc.) C:\windows\system32\Drivers\amp.sys 2019-03-29 17:24 - 2019-04-13 09:41 - 000000000 ____D C:\ProgramData\Phoenix360 2019-03-29 17:24 - 2019-04-13 08:39 - 000000000 ____D C:\windows\System32\Tasks\Phoenix360 2019-03-29 17:24 - 2019-04-13 08:39 - 000000000 ____D C:\Program Files (x86)\Phoenix360 2019-03-29 17:24 - 2019-03-29 17:24 - 000001826 _____ C:\Users\Public\Desktop\System Mechanic.lnk 2019-03-29 17:24 - 2019-03-29 17:24 - 000000000 ____D C:\Users\Patrice\AppData\Local\Phoenix360 2019-03-29 17:24 - 2019-03-29 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Mechanic 2019-03-29 17:24 - 2019-02-08 08:19 - 000082160 _____ (Raxco Software, Inc.) C:\windows\system32\Drivers\PDFsFilter.sys 2019-03-29 17:23 - 2019-04-13 08:38 - 000000000 ____D C:\Users\Patrice\AppData\Local\Downloaded Installations 2019-03-29 17:21 - 2019-03-29 17:22 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\iolo 2019-03-29 17:21 - 2019-03-29 17:21 - 000426352 _____ C:\Users\Patrice\Downloads\smpro_dm.exe 2019-03-29 16:20 - 2019-03-29 16:20 - 000000000 __SHD C:\found.001 2019-03-29 16:06 - 2019-03-29 16:06 - 000000000 __SHD C:\found.000 2019-03-27 15:43 - 2019-03-27 15:43 - 000000000 _____ C:\Users\Patrice\AppData\Local\{AF883D66-9E7C-4156-B6B9-6F6DFED173A9} 2019-03-25 16:42 - 2019-03-25 16:42 - 000002547 _____ C:\Users\Public\Desktop\TurboTax 2018.lnk 2019-03-25 16:42 - 2019-03-25 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TurboTax 2018 2019-03-25 16:04 - 2019-03-25 16:14 - 226743344 _____ C:\Users\Patrice\Downloads\TurboTax_Home__Business__State_2018_Tax_Software_PC_Download_Amazon_Exclusive.exe ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-04-20 09:28 - 2014-12-26 11:40 - 000000000 __RDO C:\Users\Patrice\OneDrive 2019-04-20 09:28 - 2014-12-26 11:33 - 000000000 ____D C:\Users\Patrice 2019-04-20 09:28 - 2014-05-22 15:50 - 000000000 ____D C:\Users\UpdatusUser 2019-04-20 09:24 - 2013-08-22 10:45 - 000000006 ____H C:\windows\Tasks\SA.DAT 2019-04-20 09:15 - 2017-01-09 21:48 - 000000926 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2019-04-19 20:19 - 2014-12-26 11:33 - 000000000 ____D C:\Users\Patrice\AppData\Local\SweetLabs App Platform 2019-04-19 16:02 - 2013-08-22 11:36 - 000000000 ___HD C:\Program Files\WindowsApps 2019-04-19 16:02 - 2013-08-22 11:36 - 000000000 ____D C:\windows\AppReadiness 2019-04-18 20:53 - 2014-12-26 20:18 - 000000000 ____D C:\Users\Patrice\Documents\Excel 2019-04-18 20:49 - 2014-12-26 11:44 - 000000000 ____D C:\Users\Patrice\AppData\Local\Deployment 2019-04-18 18:30 - 2013-08-22 11:36 - 000000000 ____D C:\windows\system32\NDF 2019-04-16 16:54 - 2013-08-22 09:25 - 000524288 ___SH C:\windows\system32\config\BBI 2019-04-15 16:04 - 2018-03-24 21:30 - 000000000 ____D C:\Users\Patrice\AppData\Local\Glance 2019-04-14 20:19 - 2018-03-21 16:29 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\DigiByte 2019-04-14 12:39 - 2014-12-26 11:39 - 000003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1407781348-2952289101-2913086708-1002 2019-04-14 12:16 - 2017-06-08 19:39 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\Exodus 2019-04-14 12:13 - 2015-09-21 17:44 - 000000000 ____D C:\Users\Patrice\AppData\Local\ElevatedDiagnostics 2019-04-14 11:02 - 2018-07-26 18:45 - 000002247 _____ C:\Users\Patrice\Desktop\Exodus.lnk 2019-04-14 11:02 - 2017-06-08 19:39 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc 2019-04-14 11:01 - 2018-09-26 15:47 - 000000000 ____D C:\Users\Patrice\AppData\Local\exodus 2019-04-13 10:50 - 2013-08-22 09:36 - 000000000 ____D C:\windows\Inf 2019-04-13 09:45 - 2013-10-07 15:23 - 000000000 ____D C:\windows\Panther 2019-04-12 17:42 - 2014-12-26 20:14 - 000000000 ____D C:\Users\Patrice\Documents\PATRICE 2019-04-12 15:46 - 2015-04-11 11:38 - 000000000 ____D C:\Users\Patrice\AppData\Local\CrashDumps 2019-04-11 16:17 - 2014-12-26 11:46 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-04-11 16:17 - 2014-12-26 11:46 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2019-04-10 15:35 - 2015-10-30 20:17 - 000003308 _____ C:\windows\System32\Tasks\SweetLabs App Platform 2019-04-09 17:23 - 2014-12-26 11:33 - 000000454 _____ C:\Users\Patrice\Downloads\Desktop.lnk 2019-04-09 17:20 - 2013-08-22 10:44 - 000414800 _____ C:\windows\system32\FNTCACHE.DAT 2019-04-09 17:06 - 2013-08-22 11:36 - 000000000 ___RD C:\windows\ToastData 2019-04-09 17:05 - 2015-01-09 19:08 - 000000000 ___SD C:\windows\system32\CompatTel 2019-04-09 17:05 - 2015-01-09 19:08 - 000000000 ____D C:\windows\system32\appraiser 2019-04-09 17:02 - 2013-08-22 11:20 - 000000000 ____D C:\windows\CbsTemp 2019-04-09 16:55 - 2015-01-07 18:39 - 000000000 ____D C:\windows\system32\MRT 2019-04-09 16:44 - 2015-01-07 18:39 - 131129288 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2019-04-07 13:39 - 2015-01-17 21:52 - 000000000 ____D C:\windows\Minidump 2019-04-05 20:20 - 2017-01-09 21:48 - 000000000 ____D C:\Program Files (x86)\Dropbox 2019-04-05 17:29 - 2014-05-22 15:50 - 000000000 ____D C:\windows\SysWOW64\NV 2019-04-05 17:29 - 2014-05-22 15:50 - 000000000 ____D C:\windows\system32\NV 2019-04-05 17:29 - 2014-05-22 15:50 - 000000000 ____D C:\ProgramData\NVIDIA 2019-04-03 19:29 - 2013-10-07 14:27 - 000866884 _____ C:\windows\system32\PerfStringBackup.INI 2019-04-01 15:26 - 2017-01-09 21:48 - 000000922 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2019-03-31 18:57 - 2014-12-26 11:44 - 000003204 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2019-03-31 18:52 - 2017-01-09 21:48 - 000003664 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore 2019-03-30 20:53 - 2015-01-14 21:01 - 000000000 ___RD C:\Users\Patrice\Dropbox 2019-03-30 17:52 - 2014-12-26 20:18 - 000000000 ____D C:\Users\Patrice\Documents\Adobe 2019-03-30 16:18 - 2014-12-26 20:17 - 000000000 ____D C:\Users\Patrice\Documents\TurboTax 2019-03-29 20:18 - 2019-03-01 11:44 - 000153328 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys 2019-03-29 18:33 - 2014-05-22 16:33 - 000000000 ____D C:\ProgramData\Temp 2019-03-29 18:00 - 2018-02-19 22:12 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LitecoinCash Core 2019-03-29 17:24 - 2014-05-22 16:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2019-03-27 17:10 - 2014-12-26 11:44 - 000003330 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2019-03-26 18:45 - 2014-12-26 11:33 - 000000000 ____D C:\Users\Patrice\AppData\Local\Packages 2019-03-25 16:41 - 2015-03-07 16:17 - 000000000 ____D C:\Users\Patrice\AppData\Roaming\Intuit 2019-03-25 16:41 - 2015-03-07 16:15 - 000000000 ____D C:\Program Files (x86)\TurboTax 2019-03-25 16:16 - 2015-03-07 16:16 - 000001254 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2019-03-23 07:47 - 2013-08-22 11:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-03-23 07:46 - 2015-02-16 09:06 - 000000000 ____D C:\Program Files\Microsoft Office 15 ==================== Files in the root of some directories ======= 2015-12-21 19:46 - 2015-12-21 19:46 - 000000017 _____ () C:\Users\Patrice\AppData\Local\resmon.resmoncfg 2019-03-27 15:43 - 2019-03-27 15:43 - 000000000 _____ () C:\Users\Patrice\AppData\Local\{AF883D66-9E7C-4156-B6B9-6F6DFED173A9} Some files in TEMP: ==================== 2019-04-09 17:24 - 2019-04-10 15:28 - 039865512 _____ () C:\Users\Patrice\AppData\Local\Temp\octF28B.tmp.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2015-11-16 18:18 ==================== End of FRST.txt ============================ Addition.txt
  10. It depends on the type of license. The lifetime licenses were always just for a single device, while some of the yearly subscription licenses are for 3 devices (in fact when Malwarebytes first went to a subscription licensing model, all of the subscription licenses were initially for 3 devices; they later changed it to allow users to purchase single device licenses for a lower price).
  11. You may be able to fix the Windows Defender issue by changing a setting in Malwarebytes. Open Malwarebytes and navigate to Settings>Application and under Windows Action Center select the option Never register Malwarebytes in the Windows Action Center then reboot your system and you should have both Malwarebytes and Windows Defender fully functional.
  12. I'm assuming you mean, Malwarebytes Browser Extension BETA --->then Settings--->then Protection---> and under Protection--->turn off "Enable advertising/tracker protection"? If that's what your saying then as this is a BETA, the next build should include an Allow List for "Enable advertising/tracker protection" and other settings options. We shouldn't have to break the extension to allow safe sites. Thanks for your suggestion but I will just do as I've started doing as in the first Post. Quick temp fix is to Turn Off "Ads/Clickbait" until I fill in the form and send, and then turn on "Ads/Clickbait" again when I'm done. Just a little easier this way as the option is in your face when you click the extension on the Extensions-Bar and doesn't compromise the Extensions full security options.
  13. Reference: I installed an cracked windows activation Piracy
  14. I'm still protected on a MB free trial period. I can wait until staff members return for some clarity. When I purchased MB Pro many moons ago, If I remember correctly, you were allowed to have it on 3 systems as long as they were your own personal home computers. I do recall a friend having MB Pro on 3 systems. When I built my current PC I installed MB on it. At that time, for a short period of around 2-3 months, it was installed on 2 systems with no issues. My laptop and newly built PC. I wiped my laptop and retired it and since then I've had it only on my Desktop PC build. Almost 3 years ago I updated my PC with a SSD and since then I've had MB installed on both drives. My SSD and HDD both on W7. HDD is rarely used and thank you to exile360 for helping me bring it back to it's former glory....Areo theme issue....and so on. Yesterday when I updated to 3.7.1 it was on my HDD. I use this as a Back up drive, storage and as a test mule for software. I thought I would test drive 3.7.1 before updating my main drive. My SSD is on 3.6.1 which is activated with full protection. I found this linked page after a search. It suggests that you can only have MB premium on one operating system. I just checked a PM with Liquid Tension from Jan/22 where he said " Lifetime licenses are typically for use on only one computer at a time." I mentioned in an earlier post he said I could have it on multiple drives on same PC. My apologizes for that. I was wrong as he never said that. Oooops.....lol. Before proceeding any further I would like clarification on this from a MB staff member or anyone else that knows for sure. Can you have a Lifetime license installed on 1 computer on 2 drives? This could be my issue. When I try to activate 3.7.1 it's prompting me to deactivate other device. This is my SSD MB 3.6.1 which is activated on same PC. https://support.malwarebytes.com/docs/DOC-1068 Still can't register my license to manage it on my newly created account on My.Malwarebytes.com. I will need some assistance with this.
  15. Thank you very much nasdaq, that was very fast I attach the files as requested. PaMal FRST.txt Addition.txt
  16. Thanks I am printing out this advice and will follow it. Will let you know what happens.
  17. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === There may be more than just delete that file. Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Let me know what problems persists. Wait for further instructions
  18. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === There may be more than just to delete that file. Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Let me know what problems persists. Wait for further instructions
  19. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Your copy of Chrome may have been compromised Remove Chrome from your Computer and reinstall a fresh copy later. If you remove the syncing of your account you must remove it before you save your bookmarks etc... Delete Your Google Chrome Browser Sync Data if you sync with other devices. <- Important ... https://forums.malwarebytes.com/topic/214325-chrome-secure-preferences-detection-always-comes-back/ Before you remove Chrome Export your Bookmarks Chrome will export your bookmarks as a HTML file, which you can then import into another browser. How To: http://ccm.net/faq/31791-how-to-backup-your-google-chrome-bookmarks Before you remove Chrome Export your Passwords How to export your saved passwords from Chrome https://betanews.com/2018/03/09/export-chrome-passwords/ Clear your Chrome cache and cookies https://support.google.com/chromebook/answer/183083?hl=en Remove Chrome using the the instructions on this page. https://support.google.com/chrome/answer/95319?hl=en Re-install Chrome and the Bookmarks. <<<>> Let me know if the problem is solved or not. ==== Some Security program will quarantine the download. Let me know whick Virus Security program you use and I may be able to help you for now or later downloads.
  20. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Let me check further. Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions
  21. I can not delete the adware in an key under folder of Chrome in the regestration editor, if I try to delete it is my access denied, if I want to change the owner the access is denied, and if I try it with the help of the registrar registry Manager to delete it, I get the error message ACCESS DENIED I want to delete the key permanently to eliminate the adware finally. The Adware cleaner is scanning the Adware but it can't remove it. I tried many programms but no one helped me, the Adware is still there. the Key Path is named: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.microsoft.browsercore
  22. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Please post the FRST.TXT and the Addition.txt logs that were created by running the Farbar program. Wait for further instructions.
  23. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === First please post the previous topic link I helped you with. I need to see you run the Farbar program is normal mode. Please post the logs for my review.
  24. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Let see what we can find. Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions
  25. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === Download the Farbar Recovery Scan Tool (FRST). Choose the 32 or 64 bit version for your system. and save it to a folder on your computer's Desktop. Double-click to run it. When the tool opens click Yes to disclaimer. Press Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. How to attach a file to your reply: In the Reply section in the bottom of the topic Click the "more reply Options" button. Attach the file. Select the "Choose a File" navigate to the location of the File. Click the file you wish to Attach. Click Attach this file. Click the Add reply button. === Please post the logs for my review. Wait for further instructions p.s. Let me know if you Sync your default browser to your other devices.
  26. Hello, Welcome to Malwarebytes. I'm nasdaq and will be helping you. If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed. === This fix will remove these files and entries in the registry. If you wan to keep that program ignore it. Please download the attached Fixlist.txt file to the same folder where the Farbar tool is running from. The location is listed in the 3rd line of the FRST.txt log you have submitted. Run FRST and click Fix only once and wait. The tool will create a log (Fixlog.txt) please post it to your reply. === Please post the Fixlog.txt and let me know what problem persists. fixlist.txt
  27. Well, "So Far", no anomalies. Will leave 'Fast Startup' off for the time being. on another salient point, that Screenshot I posted showing Windows Defender saying my IT Department had limited my access ... seems to be a documented Windows problem ... so if I disable MB four buttons, then immediately Windows Defender can be used to scan, for example, a file in the Downloads area by right-click. I just now verified that .. and also re-activated MB.
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.