PIRATAS

Thank you. But is it OK to remove all those from the registry? I mean...could they be dependant for other keys in the registry? Ok. Let me handle last few things with AdvancedSetup about my system. Regarding the uTorrent and VPNs messages, I then assume that my issues are related to the fact that, while using those apps, my connection passes through servers that are in use from those apps that have been flagged for being involved in malicious activities as both Torrenting and VPN apps are commonly used for that. Malwarebytes works then good in my system, and the only way to not being bothered by those messages or connection interrupted, is to whitelist those apps entirely, as long as I still am fully protected from malicious websites and other malicious content.

Thank you for the explanation. Now I have 2 doubts: I have legal VPNs installed in my system, one is free (UrbanVPN -- very rarely used, and only when sending/receiving files with some countries from north Europe as they are faster than my other VPN) and the other is a paid subscription (TorGuard -- used for most of worldwide connections). Those VPNs, specially TorGUard, that should be a super safe VPN, and should not use compromised IPs... OR is it like it is with uTorrent, where sometimes some IPs are from a server that is also known for hosting malicious content, meaning that the VPN it self does not have any fault, but the connection still uses those same servers that should be instead replaced with some more free from malicious content?? if I'll whitelist uTorrent in Malwarebytes, could it happen that some malware/trojan will find their way into my system? I understand that the app it self might not have any issue (like for my VPN apps), and that the issues might resede into the simple act of connecting to some servers that are known for hosting malicious content...but still, as for my VPNs, what are the risks for using a uTorrent app (with no limitation set into Malwarebytes) that connects through so many compromised IPs?? Thanks.

I have extracted a few different one from the other, from different apps and with different event details. RTP-Logs.zip

Which exactly?

Ah! Yes, I'd like to do so, if that would not harm my system. In case, please let me know if I have to make some sort of backup of the registry and if creaing a system restore point would help. Regarding my first request of help here, I repost my final question in one of my last posts up here : I still don't understand if it's OK to see all those Outbound messages while using uTorrent. Right now I am having something like 20 of them in the last minute...

For the first thing, thank you. I'll exclude that in Kaspersky and see how it goes. About the tasks, in my Windows Tasks Scheduler I don't see any of those dozens empty tasks I see in my registry!! All I se in WindowsWindows Tasks Scheduler are the non empty ones. So the only way I find possible is to delete all them manually in the registry!! But some are double as I can find same task names across some of the subfolders of TaskCache... What should I do?? That is exactly what I was saying. They didn't raised much of an eyebrow when I asked about the presence of non properly licensed software on office computers.. I asked them to solve this issue demanding proper licences for all the per-installed software they left on the computer that I bought from there office as it was supposed to be that way all along. I could have gone upstairs mentioning this to our administration, but I preferred not to make a scene and opted for a quick end with a fully licensed computer... And maybe have some spare leverage to use with them for the future, just in case ;) I'm now waiting for a call from them telling me that they are ready to connect remotely to my computer to fix this aspect. In the meantime they told me to do nothing as they would have handled it. Thank you for everything for now. I'll update you when I'll test the exclusions in Kaspersky. Please let me understand on how to act with all those empty tasks.

First of all, thank you. Then... - I'm fixing the part about the 'hosts' thing. I reported to our tech guys that those entries should not be there, and they are telling me that they will fix my license. - Bonjour is out of the way. - About CCleaner, OK. I'll ask if I can remove it or use something else for clearing my browser cache/forms/saved passwords at exit. - Chrome is OK. Now I have approximately 70 tabs opened and it's fast, and it's eating 1.3 Gb of ram. Will uninstall unused extensions tho as for lightening up. - About the Parent folders, I have moved somewhere else those stray files. Let's see how it goes. - I'll try to understand if using Kaspersky and Malwarebytes together will be an issue for me. In case, I'll focus in doing something about it. For the moment I'll keep things as is as for requirement from my job. If you have some guide to point me about trying to configure them so to live together, it would me much appreciated. - About all the NO FILEPATH tasks you mention, I have taken a look to the FRST.TXT and into registry. I have found this destination into it : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache In here I have I think dozens of empty folders. The tree folders is this : [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Maintenance] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree] Boot, Logon, Maintenance and Plain are full of dozens of totally empty folders. Boot has less, Plain has really a lot. Task is the exact copy of what you see in FRST.TXT , meaning that all that you see empty in FRST.TXT is empty also in my registry. Then Tree has everything that I see in Windows Task Scheduler plus some extra stuff related to some software (ASUS, CCleaner, Kaspersky, Mozilla, etc.) and drivers (Intel, NVidia, Realtek, etc.) If you think that it is safe for me to share my full TaskCache tree from my registry (exporting it as I've done for taking a closer look at it) please let me know. Maybe I can omit the Tree folder if you think it might be too personal. Just let me know. If you know what to do with so many empty folders in there, please do. I am searching the net and I can't find anything related to understanding if it is safe to just delete them all or just leave them there. I can't even understand if it's harmful to have so many! - At last, you reminded me about my message I see from Malwarebytes that is blocking or alerting on the uTorrent app, and that the Exclude detections in Malwarebytes for Windows guide you provided should assist me in stopping that block alert. The fact is that me asking for help here is all about understanding if : it's NOT OK that Malwarebytes advises me about those Outbounds connections with uTorrent and sometimes with TorGuard and UrbanVPN as those Outbounds connections are safe >>> meaning that I should exclude them from being intercepted by Malwarebytes following your guide OR if in my system there's something strange going on around those apps >>> meaning that it's OK that Malwarebytes advises me about those Outbounds connections as I should intervein in fixing some issues (and in case understand about the issues causing them!!) Thank again. Ps: I think our tech guys know what all this mess does, and I think they are even quite competent, but as they don't want to work that much, and that their income is safe no matter what as our company is half governmental, they opt for the easy mid-range-working-solution that still works even if it's crap. And as no one above them understand nothing about computers here, and that no one will even take them into discussion as long as everything works smoothly, they are confident in using whatever crappy solution might be useful, meaning also non properly licensed software (about which I'm working to fix this with them as this is my computer!!)

Finally I was able to post! I opened a ticket a few days ago with the Malwarebytes customer service and today they told me that they reported my issue to the Forums administrator who said my block has been removed. And yes, I also added an exclusion for this forum the Exclude detections in Malwarebytes for Windows guide you linked me. Now I don't know if it was my block or not having an exclusion in Malwarebytes for this forum that was preventing me to post here. Ps: You can delete all my messages not related to the topic matter if you like, so to have a cleaner topic. Thank you.

Well, the story is quite complicated. The computer is mine, but I have inherited (bought it) from my office when they were upgrading them, and employees could redeem them for a very low price and bring them home and use them as personal. As I was going to work from home, and they had quite nice hardware for the use that I had to do, I went for that solution, plus I ended with a computer that was already set up fine for working in remote as it had all the software required. Everything that is on here (meaning Windows and apps) were preinstalled, except for games and a few stuff that of course is my stuff. As now this is a personal computer, I can do whatever I want. Except for the required software needed for working from home with my office. Those software are Kaspersky Total Security, Malwarebytes, CCleaner and TorGuard VPN. Don't ask me why, but I can't remove them as my office wants them always running when connected to the office. I can't say what we do as for privacy policy, but there is nothing illegal. Just know that we use Torrent to transfer very large images (pictures) of several Gb each between different people and offices for study and research (medical). Before this new Malwarebytes we had the two Malwarebytes software: Malwarebytes Anti-Malware Corporate and Malwarebytes Anti-Exploit Premium, both with Kaspersky Total Security. Everything was working fine (or at least I have never encountered any issues of strange messages like these I'm asking today). If you say that Kaspersky and Malwarebytes can't work together, that is what I asked at the beginning when I started using their computers, as I have always knew that two antivirus don't usually go together. The tech department told be that they don't care and that their presence is mandatory, and that I am stuck with those software, and that everyone at the office, even those that preferred to use their personal computers, had to install them. I remember that they told me that the two software could be configured better to work together, but for what we needed, they are set good enough. Reading your post, I assume that it was far from enough. I of course asked for help to my tech department, and they told me to just ignore those messages as they were fine. Go figure why there are all those breaches in research facilities nowa days... Regarding the hosts entries, I see what do you mean, even if I don't know much about those entries. I have spoken with our tech responsible guy today, and expressed my concerns, specially as I have to work with this computer and that I have it at my home, and he is moving for fixing things. Don't know what that means, but all I know is that I have to fix any eventual issues by my self, as far as I still use those mandatory software. Meaning that I have to find out how to let them work together. Just for information, the computer I bought from them was composed of a motherboard + cpu (still in use) + shitty ram + ssd. I then upgraded ram and ssd with better ones (cloning ssd content to new ssd) and added a gpu for some gaming (personal use). Speaking about what you mentioned in your reply, I am reading on the net now that Bonjour is a service that works with Apple software. I have iTunes installed for backing up my work iPhone (given by my office), but as far as it is not needed for that, I am OK in removing it. Should I just remove it from the Apps or remove programs in Windows Settings? Will everything work as before? Will it reinstall automatically at next iTunes update? Regarding CCleaner, this is another software that is mandatory, but in the end it is only used for automatically cleaning cache and sensible content from browsers when closing them (or at least this is what I have been told and what I see that should automatically do). I expressly asked this a few time ago as I have a personal bad experience with CCleaner as in the past it had killed an old laptop of mine after a run of its integrated registry cleaning utility. I personally use it for checking for new hardware drivers, but I don't use it for upgrading them. I then go to each hardware manufacture website to download proper driver packages. I never use it for registry cleaning as I know that it can damage things up. As this is its usage, is it still necessary to uninstall? Regarding Chrome, I have a lot of extension, I know. But I don't use them all together. Most of them are disabled but still there, as I wanted to keep there what I once needed that I might need again. Do they slow down the browser even if they are deactivated? Regarding being slow, it is not slow. I have an extension to freeze not used tabs, and an extension to backup group tabs for future consultation. I always keep something like 50 tabs open and it is fine. I have two profiles, one personal and one for work, so if you see extra profiles, they must be some test I made that are now corps that can be deleted. In case, how to identify them for deletion? Regarding the Scheduled Task, I made a few, some are disabled, and some are still active, but they just run some scripts I created for popping up some messages reminding me to do some stuff before launching some apps (that will be run automatically by script instead that at Windows startup). One is for a chat app and the other one is for a sink app that syncs in between disks (work stuff as backup). I also have a script that checks for the creation of .DMP files that may occur related to my audio drivers. It is a precaution that I have as my integrated sound card has some issues with its stock drivers. On a forum I have found this solution to understand if the device was working good or now, and for far as I know it works good, as every time I upgrade its driver with a faulty one, it detects the issue popping up a message advising me about it, so for me to understand that it is better to roll back drivers. It is a trick that works. What do you mean that there could be something interfering or broken with my tasks? Here in attach my scripts. Just edit them to see its content. I have created the copying code from some good/legit Windows forums asking for help. If you think they are written wrong, please let me know. I don't know if they leave some threads or processes open that should not be like that. What are those Parent root folders? I should not have nothing there? Should I simply delete all those files? How to properly clean this system without reinstalling Windows? Reinstalling would mean bring my computer to my tech guys to configure it, as for full Windows installation that is the procedure, and I really would like to avoid that. If I can clean it, it would be enormously better. In the end you link me the Exclude detections in Malwarebytes for Windows, but I don't want to exclude important thing to not be shown if they are needed to be taken care of. Do you refer to the messages I see? Should I whitelist uTorrent and my VPN? Please let me understand. Thank you. My_Loader_Dialog_&_Checker.zip

We’re sorry but our system has detected wording in your post consistent with spam, It may be by accident, please try changing the wording and try to post again. My_Loader_Dialog_&_Checker.zip

Can't post much, I blocked that my content is spam. Wiring this post since 1h and this is so that I can write. Don't know how to write freely.

Can' post. You have PM My_Loader_Dialog_&_Checker.zip My_Loader_Dialog_&_Checker.zip

Hello there! I use uTorrent to exchange files with my office, as that is what they use to transfer enormous files with employes in smart working. I don't know if I'm having an issue with my computer and I thought I was always OK, but after having spoken with a friend about the Malwarebytes messages regarding numerous Outbound connections I was getting while using uTorrent, I thought I'd do some research, and so here I am. Making some research on the net I landed to a thread in this forum speaking about uTorrend and issues similar to mine. So I have followed the instructions in the I'm infected - What do I do now? thread, and here in attach are my generated log files. Ps: I some times get same Outbound messages from C:\Program Files\UrbanVPN\bin\urbanvpnserv.exe file also even if I'm not using the UrbanVPN app. I get an Outbound message also when trying to connect with my TorGuard VPN (that is my main VPN app, and it happens only when trying to connect) on files C:\Program Files (x86)\VPNetwork LLC\TorGuard\stunnel.exe and C:\Program Files (x86)\VPNetwork LLC\TorGuard\openvpn.exe (and this last file here must whitelisted in Malwarebytes so to use TorGuard VPN, otherwise it does not connect). Please let me know. Thank you. Addition.txt FRST.txt Malwarebytes.txt

Hi there. is this issue been solved? I have the same on last version, and only happened after having disabled protection and re-enabled again. Before toughing Malwarebytes everything was perfect! Thanks.