Jump to content

Search the Community

Showing results for tags 'Keys'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 6 results

  1. I have looked on the Malwarebytes website and see only yearly subscriptions. /I have seen other lifetime keys available for sale online. Are these sales scams?
  2. Can I delete ALL of the registers, programs, keys that the ADW cleaner found in the Scan process. Good afternoon! Tell me, can I delete ALL of the registers, programs, keys that the ADW cleaner found in the Scan process. Those. Will this harm my PERSONAL data on my computer? Will there be any addblock ad extensions in the browser? I attach the LOG of the scan result to the ADW cleaner. Thank you, I await your reply. Sincerely, New User.
  3. Hey there everybody. I apologize if this has already been answered, but I wanted to get your advice on something as I have more than one question. My computer has been popping up with the black screen displaying "taskeng.exe" very quickly, and then it goes away. It usually only does this a bit after starting up and sometimes after opening Chrome. I looked this up and some people say it's fine, others say it could be a sign of a virus/spyware. I did open up task scheduler, go to the task scheduler library, and disabled a task called "User_Feed_Synchronization" after being advised to do so on a Microsoft forum regarding taskeng.exe issues. But apparently that didn't help, because I saw it again? Today I ran a scan with Malwarebytes and 6 threats were detected. I quarantined them, but have not deleted them yet. Should I? Do you think that would help my taskeng.exe problem? Problem is, after I did this scan, the taskeng.exe popup still came after the scan's restart. I will post my results here. Do you think the taskeng.exe is a virus, or don't worry about it? To anyone who replies, thank you so much!!! -Scan Summary- Scan Type: Custom Scan Result: Completed Objects Scanned: 227556 Threats Detected: 6 Threats Quarantined: 6 Time Elapsed: 12 hr, 5 min, 0 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 3 PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, Quarantined, [478], [341071],1.0.4030 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2FA28606-DE77-4029-AF96-B231E3B8F827}, Quarantined, [478], [341071],1.0.4030 PUP.Optional.ASK, HKU\S-1-5-21-470504079-2056641531-4023931026-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}, Quarantined, [478], [341071],1.0.4030 Registry Value: 3 PUP.Optional.ASK, HKU\S-1-5-21-470504079-2056641531-4023931026-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Quarantined, [478], [341071],1.0.4030 PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Quarantined, [478], [341070],1.0.4030 PUP.Optional.ASK, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2fa28606-de77-4029-af96-b231e3b8f827}|URL, Quarantined, [478], [341070],1.0.4030 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected)
  4. Hello, I just ran a scan with malwarebytes and it detected registery keys and values. I don't know much about computers but I know you don't mess with the registery, so I'm wondering what to do? Here's the log: Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 6/24/17 Scan Time: 8:11 PM Logfile: Administrator: Yes -Software Information- Version: 3.0.6.1469 Components Version: 1.0.103 Update Package Version: 1.0.2226 License: Expired -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: DESKTOP-3LT1JOD\mikel -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 435038 Time Elapsed: 28 min, 57 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 3 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Quarantined, [639], [389016],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSLGGR.EXE, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCESERVICE.EXE, Quarantined, [639], [388717],1.0.2226 Module: 13 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Quarantined, [639], [389016],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSLGGR.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSUTILS.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSUTILS.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\X64\LZ4_X64.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\X64\LZ4_X64.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSLGGR.EXE, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\MICROSOFT.WIN32.TASKSCHEDULER.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\MICROSOFT.WIN32.TASKSCHEDULER.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCESERVICE.EXE, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSENGINE.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSENGINE.DLL, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, Quarantined, [639], [388717],1.0.2226 Registry Key: 20 PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ByteFence, Delete-on-Reboot, [639], [389016],1.0.2226 PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ByteFenceService, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rtop, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5C92B452-0C12-65D2-BD92-15526D12C6D2}, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.InstallCore, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\csastats, Delete-on-Reboot, [3], [260986],1.0.2226 PUP.Optional.ProductSetup, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\PRODUCTSETUP, Delete-on-Reboot, [15019], [242047],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ByteFence, Delete-on-Reboot, [639], [389375],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Yahoo! Powered rotar, Delete-on-Reboot, [91], [308968],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\WOW6432NODE\ByteFence, Delete-on-Reboot, [639], [388723],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9FCC66D-B31D-48EC-B9AC-E5D41EF3C699}, Delete-on-Reboot, [91], [182758],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9FCC66D-B31D-48EC-B9AC-E5D41EF3C699}, Delete-on-Reboot, [91], [182758],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{61DD0A97-5378-47EB-AECC-9C17DEBDC1D5}, Delete-on-Reboot, [91], [308967],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9212E49E-33CD-4D09-AEEE-1D2BF2DD5324}, Delete-on-Reboot, [639], [389376],1.0.2226 PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\ByteFenceService, Delete-on-Reboot, [639], [389039],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\ByteFence, Delete-on-Reboot, [639], [388723],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, Delete-on-Reboot, [639], [389038],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, Delete-on-Reboot, [639], [389038],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211D4A5-48D0-47F5-A7CD-81E861470F7F}, Delete-on-Reboot, [91], [182757],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211D4A5-48D0-47F5-A7CD-81E861470F7F}, Delete-on-Reboot, [91], [182757],1.0.2226 PUP.Optional.WinYahoo, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}, Delete-on-Reboot, [91], [182757],1.0.2226 Registry Value: 10 PUP.Optional.ProductSetup, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\PRODUCTSETUP|TB, Delete-on-Reboot, [15019], [242047],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9FCC66D-B31D-48EC-B9AC-E5D41EF3C699}|URL, Delete-on-Reboot, [91], [182758],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{B9FCC66D-B31D-48EC-B9AC-E5D41EF3C699}|URL, Delete-on-Reboot, [91], [182758],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{61DD0A97-5378-47EB-AECC-9C17DEBDC1D5}|PATH, Delete-on-Reboot, [91], [308967],1.0.2226 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{9212E49E-33CD-4D09-AEEE-1D2BF2DD5324}|PATH, Delete-on-Reboot, [639], [389376],1.0.2226 PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RTOP|IMAGEPATH, Delete-on-Reboot, [639], [390139],1.0.2226 PUP.Optional.ByteFence, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\RTOP|DISPLAYNAME, Delete-on-Reboot, [639], [388727],1.0.2226 PUP.Optional.WinYahoo, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2211d4a5-48d0-47f5-a7cd-81e861470f7f}|URL, Delete-on-Reboot, [91], [182757],1.0.2226 PUP.Optional.NotChromeRun, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GOOGLECHROMEAUTOLAUNCH_70E264FA4CB3BFC35AAA493DB4CFC546, Delete-on-Reboot, [1400], [241243],1.0.2226 PUP.Optional.NotChromeRun, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|CHROMIUM, Delete-on-Reboot, [1400], [391151],1.0.2226 Registry Data: 3 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [91], [293461],1.0.2226 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [91], [293461],1.0.2226 PUP.Optional.WinYahoo, HKU\S-1-5-21-853706437-283977567-1648297670-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|START PAGE, Replace-on-Reboot, [91], [293459],1.0.2226 Data Stream: 0 (No malicious items detected) Folder: 12 PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{81454426-0B07-CEE0-8DC1-50A21783DB6C}, Quarantined, [1196], [341897],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\bin, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Scans, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\x64, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\x86, Quarantined, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\ByteFence, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove, Quarantined, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\USERS\MIKEL\APPDATA\LOCAL\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}, Quarantined, [91], [302717],1.0.2226 PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP, Delete-on-Reboot, [639], [388718],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAMDATA\BYTEFENCE, Delete-on-Reboot, [639], [388718],1.0.2226 File: 83 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCE.EXE, Delete-on-Reboot, [639], [389016],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSLGGR.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSUTILS.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\X64\LZ4_X64.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSLGGR.EXE, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\MICROSOFT.WIN32.TASKSCHEDULER.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCESERVICE.EXE, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\RSENGINE.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\PROGRAM FILES\BYTEFENCE\BYTEFENCEGUI.DLL, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.WinYahoo, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\HOWTOREMOVE.HTML.LNK, Delete-on-Reboot, [91], [254335],1.0.2226 PUP.Optional.WinYahoo.Generic, C:\PROGRAMDATA\{81454426-0B07-CEE0-8DC1-50A21783DB6C}\SODI.TXT, Delete-on-Reboot, [1196], [341897],1.0.2226 PUP.Optional.WinYahoo.Generic, C:\ProgramData\{81454426-0B07-CEE0-8DC1-50A21783DB6C}\hdat1, Delete-on-Reboot, [1196], [341897],1.0.2226 PUP.Optional.WinYahoo.Generic, C:\ProgramData\{81454426-0B07-CEE0-8DC1-50A21783DB6C}\hdat2, Delete-on-Reboot, [1196], [341897],1.0.2226 PUP.Optional.WinYahoo.Generic, C:\ProgramData\{81454426-0B07-CEE0-8DC1-50A21783DB6C}\nisala, Delete-on-Reboot, [1196], [341897],1.0.2226 PUP.Optional.WinYahoo.Generic, C:\ProgramData\{81454426-0B07-CEE0-8DC1-50A21783DB6C}\torole, Delete-on-Reboot, [1196], [341897],1.0.2226 PUP.Optional.WinYahoo, C:\USERS\MIKEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LJ0NGDHK.DEFAULT\PREFS.JS, Removal Failed, [91], [303324],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\000003.log, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\BA.log, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\CURRENT, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\LOCK, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\LOG, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Logs\MANIFEST-000002, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\bin\inject.dll, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\bin\inject_x64.dll, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\uninstall.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rtop\uninstall.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\x64\System.Data.SQLite.dll, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\x86\lz4_x86.dll, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\x86\System.Data.SQLite.dll, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFence.exe.config, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFenceScan.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFenceScan.exe.config, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFenceService.exe.config, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFenceService.InstallLog, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\ByteFenceService.InstallState, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\EULA.txt, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\InstallUtil.InstallLog, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rsEngineHelper.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\rsEngineHelper.exe.config, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Signatures.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\SignaturesCEAList.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\SignaturesCEFList.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\SignaturesCEList.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\SignaturesPacks.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\Uninstall.exe, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\Program Files\ByteFence\WhiteList.dat, Delete-on-Reboot, [639], [388717],1.0.2226 PUP.Optional.ByteFence, C:\USERS\MIKEL\APPDATA\LOCAL\TEMP\TMPSEC6356098\BYTEFENCE-INSTALLER_3.10.0.3.EXE, Delete-on-Reboot, [639], [389016],1.0.2226 PUP.Optional.WinYahoo, C:\USERS\MIKEL\APPDATA\LOCAL\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HOWTOREMOVE\HOWTOREMOVE.HTML, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\chromium-min.jpg, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\control panel-min-min.JPG, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\down.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\ff menu.JPG, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\ff search engine-min.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\hp-min ff.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\hp-min ie.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\search engine.gif, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\setup pages.gif, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\sp-min.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\start-min.jpg, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\HowToRemove\up.png, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\cirecodat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\dodame.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\install.log, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\mesaficit, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\nedamimi, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\nonator.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\noririsa.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\soreneni, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\sotacirit.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\Sqlite3.dll, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\totesad.cfg, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\trz86E6.tmp, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\uninst.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\uninst.exe, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.WinYahoo, C:\Users\mikel\AppData\Local\{E807DE5B-CCAF-B2E3-A137-970B855F6B93}\uninstp.dat, Delete-on-Reboot, [91], [302717],1.0.2226 PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\hosts_backup, Delete-on-Reboot, [639], [388718],1.0.2226 PUP.Optional.ByteFence, C:\ProgramData\ByteFence\RTOP\uclogfile.bin, Delete-on-Reboot, [639], [388718],1.0.2226 PUP.Optional.WinYahoo, C:\WINDOWS\TASKS\YAHOO! POWERED ROTAR.JOB, Delete-on-Reboot, [91], [308966],1.0.2226 PUP.Optional.WinYahoo, C:\WINDOWS\SYSTEM32\TASKS\YAHOO! POWERED ROTAR, Delete-on-Reboot, [91], [308969],1.0.2226 PUP.Optional.ByteFence, C:\WINDOWS\SYSTEM32\TASKS\BYTEFENCE, Delete-on-Reboot, [639], [388721],1.0.2226 PUP.Optional.WinYahoo, C:\USERS\MIKEL\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LJ0NGDHK.DEFAULT\SEARCHPLUGINS\YAHOO! POWERED.XML, Delete-on-Reboot, [91], [302726],1.0.2226 Physical Sector: 0 (No malicious items detected) (end)
  5. Hi All, I'm running across an interesting set of registry keys (IEAddOn.DLL) being flagged while conducting a full system scan on a coworker's machine. Here is some information after further investigation (FYI - all machines in question are Windows 10 OS): The same keys (IEAddOn.DLL) are found on multiple machines while other machines are coming back completely clean. Some of the machines with these "infections" are freshly imaged. The keys do not delete on reboot after running a full scan. In testing, I ran a full scan while in Safe Mode without networking and the keys still did not delete. I'm not able to find any information via Google for these particular keys, hence why I'm posting here. My thoughts are that they're potentially false positives since 1. They're showing on a freshly imaged machine, 2. There is no pattern (I've got two recently imaged machines sitting next to each other with the same software - one has the "infections", one does not). Has anyone come across this before? Any information would be greatly appreciated! Thank you! -Scott Malwarebytes Anti-Malware (Corporate) 1.80.2.1012 www.malwarebytes.org Database version: main: v2016.12.05.06 rootkit: v0000.00.00.00 Windows 10 x64 NTFS Internet Explorer 11.633.10586.0 Protection: Enabled 12/9/2016 12:15:03 PM mbam-log-2016-12-09 (12-15-03).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: Objects scanned: 344670 Time elapsed: 25 minute(s), 38 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKLM\SOFTWARE\CLASSES\APPID\IEAddOn.DLL (Rogue.UnVirex) -> Delete on reboot. [9d1d3fa40c8ee74fd9817d57a65c718f] HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\IEAddOn.DLL (Rogue.UnVirex) -> Delete on reboot. [dbdfc41f5c3e1224e8726b699270a060] HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\IEAddOn.DLL (Rogue.UnVirex) -> Delete on reboot. [427808db237760d686d423b1c141c040] Folders Detected: 0 (No malicious items detected) 12_9_MBAM.txt
  6. All, I got a notification from Windows Defender that somehow I got infected with Malware-win32/Caphaw. I downloaded Malwarebytes and ran a scan, and was shown the following items, which were quarantined (please see the attached screenshot) Are these ok to delete? Thank you!
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.