Jump to content

Search the Community

Showing results for tags 'slow'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Location


Interests

Found 18 results

  1. Hello, So I just bought malwarebytes premium recently and I think it may have taken over my admin rights (I've always been the admin and now I am told I dont have access) and be slowing down my computer. It also will not open on the PC. It just says it is already running. I also cannot open any other windows or the search bar. Any help would be appreciated! Thank you! Best, Shek
  2. I have brand new DELL computer. I've been using Google Chrome without a problem. Malwarebytes keeps popping up notification that free update should be installed. After I did it, Google Chrome is running very slow. And when I tried opening a PDF file, it would not open. And I keep getting this error message now (see attachment). I tried Microsoft Edge browser and that is working very quickly. I'm not a technical guy but can someone help me?
  3. Little preface here, I am currently using Brave Browser, not Chrome - posting here since it also uses the Chrome extensions. I've had similar issues on Opera before but seemingly not on Firefox. I understand if you are going to say that unless i'm using Chrome or Firefox you can't guarantee anything, but I'd like to put this out there so that future performance can improve on alternative browsers like Brave, Vivaldi, Opera etc. Issue: Extreme slow loading of websites that haven't at least been cached/visited recently. For example, clicking the link to take me to the Browser Guard section of the Malwarebytes forums took 79 seconds to load. Ok, I was counting in my head, not with a timer but when the loading time is +1 minute, a couple seconds either side don't really matter. With the Browser Guard disabled all loads quickly. Occasionally Brave will inform me that Browser Guard has stopped working or ran into an issue, and I can opt to restart it. On fiber optic internet here and while not the fastest in the world, it does a reasonable job. Any other information I can provide that would help you identify issues?
  4. Since the new update my computer have come slower than usual. Before update and restart. I programmed in Visual Studio Version 16.5.0 Preview 2.0. Now when I start the tool it take like 1 minute, then later when I code everything freeze and crash. This wasn't before this new update.
  5. This is a follow up to the thread in the Windows Support Forum (please see link embedded below). I can not get to the Malwarebytes Gui, so I do not have a threat log to attach and we were not able to get a log file (mbst-grab-results.zip) from the support tool. FRST has been run and I have the FRST.txt and Addition.txt files attached. Please note that FRST locks up at the "Scanning Other Areas..." Step My at Addition.txt FRST.txt
  6. Hello, I'm working on my parent's computer. Thought I could do a couple of scans to help them. Laptop was running slow, had .dll error popups all the time, computer/printer both had trouble with going offline, found privacy settings all messed up. I'm infected - What do I do now? By AdvancedSetup, January 9, 2009 in Windows Malware Removal Help & Support So, I just read the post (above) which states to not use file cleaners with .dll issues. Hope I haven't made this too complicated. Here is what I've done today: Ran CC Cleaner, Avast anti-virus, Malwarebytes, AdwCleaner and Farbar recovery tool. That's when I searched for help on the .dll popups that are still showing. Results from the Farbar recover tool are below. You help is very appreciated!! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019 Ran by RogerandCarolyn (administrator) on LAPTOP (SAMSUNG ELECTRONICS CO., LTD. 300E4C/300E5C/300E7C) (05-01-2020 17:39:47) Running from C:\Users\RogerandCarolyn\Downloads Loaded Profiles: UpdatusUser & RogerandCarolyn & Administrator (Available Profiles: UpdatusUser & RogerandCarolyn & Administrator) Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: English (United States) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe (Creative Home) [File not signed] C:\Program Files (x86)\Creative Home\Hallmark Print Studio\Planner\PLNRnote.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP ENVY 4510 series\Bin\ScanToPCActivationApp.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\RogerandCarolyn\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242200 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-915191271-1565821320-4066514102-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [HP ENVY 4510 series (NET)] => C:\Program Files\HP\HP ENVY 4510 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2019-01-15] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end - (the data entry has 102 more characters). HKU\S-1-5-21-915191271-1565821320-4066514102-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-915191271-1565821320-4066514102-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-18] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-06-09] ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-05-29] ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Planner Reminder.lnk [2017-09-09] ShortcutTarget: Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Print Studio\Planner\PLNRnote.exe (Creative Home) [File not signed] FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0229FE54-7F8A-4BC6-8537-3DA5534C0EE6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1873288 2019-09-19] (AVAST Software s.r.o. -> AVAST Software) Task: {09F2290E-D290-4D75-968A-A01D57EC7484} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-08-28] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {169A8CEA-644B-4105-8DC0-8912C1B116B9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1444144 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {20AC35B9-11EA-4A35-84C2-513D4DE19148} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {2F3E51CA-AC61-4F19-B47B-8B6BD8E9007E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {54674A86-B0C3-46F4-A94E-8F34D4E18DDB} - System32\Tasks\Microsoft\Windows\rempl\shell-usoscan => C:\Program Files\rempl\remsh.exe Task: {54F80910-2D15-44F1-B969-89D3021B16C1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {62FEA6D2-E391-48D0-B4FB-8C8B131ECBB8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {73FDB1F2-1D92-442C-BB66-78A83C324646} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {7706032A-1383-4805-A3AE-E982C4F0FDED} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe [1390472 2019-10-23] (AVAST Software s.r.o. -> AVAST Software) Task: {77442580-C398-4990-9B8C-2C290E12D2A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {82094149-3D9B-4666-BAB6-9CECBAEF5B92} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.) Task: {8D7F7842-6FD8-4608-9824-A15C770F3697} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {A3DE6797-CD46-4EDB-94F5-D8639455F33E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {BF96A4F6-DAB9-4E14-9069-1049D93CF99E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {C009E4B1-C0A2-4E49-BF0F-9FFDFCE44373} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [1659000 2019-07-25] (AVAST Software s.r.o. -> AVAST Software) Task: {D4511157-15F2-40FF-AF0E-F0CDD3D20B9E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems) Task: {D60D7324-82FF-4B34-B28F-FCED0F591001} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) Task: {E69ECF15-7D26-4E30-945F-D56A5A286DF7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-15] (Microsoft Corporation -> Microsoft Corporation) Task: {E8D9ACB5-F922-4BB3-9DBC-BA142B750476} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-11] (Google Inc -> Google Inc.) Task: {FCBBCA1C-EFA4-4C13-9F73-2042BB2B1042} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-11] (Google Inc -> Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{66474192-536a-496c-b883-07f40842719c}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{bffff08d-c055-465c-aa62-134bdd9f70fe}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-915191271-1565821320-4066514102-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKU\S-1-5-21-915191271-1565821320-4066514102-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://inebraska.com/ HKU\S-1-5-21-915191271-1565821320-4066514102-500\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm HKU\S-1-5-21-915191271-1565821320-4066514102-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH -> Eyeo GmbH) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-15] (Google LLC -> Google LLC) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR StartupUrls: Default -> "hxxps://outlook.live.com/owa/?path=/mail/inbox/rp","hxxps://www.facebook.com/","hxxps://www.facebook.com/melissa.dorpinghaus.1/media_set?set=a.10205317837064033.1073741840.1791145513&type=3" CHR DefaultSearchURL: Default -> hxxps://www.searchsecurepro.co/search.php?type=search&id=MTI4NzU&q={searchTerms} CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://auto.searchsecurepro.co/autocomplete.js?omni=true&appId=MTI4NzU&q={searchTerms} CHR Notifications: Default -> hxxps://justforchill.com; hxxps://search.hgetrecipes.com; hxxps://www.facebook.com; hxxps://www.yumrecipefinder.com CHR Profile: C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default [2020-01-05] CHR Extension: (Slides) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Web) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\amhckedkghbciendefbknenmokkgcnfa [2019-11-28] CHR Extension: (Docs) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Drive) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-11] CHR Extension: (YouTube) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-11] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-22] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-12-25] CHR Extension: (Sheets) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Docs Offline) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Avast Online Security) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-21] CHR Extension: (CouponViewer Add-On) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpabcakadbfmhiinljgodpkdeolfchlo [2019-10-01] CHR Extension: (Classic Blue) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdifmgkofhcnndinbbdbaplplnmdalnc [2019-08-04] CHR Extension: (Chrome Web Store Payments) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04] CHR Extension: (Gmail) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01] CHR Extension: (Chrome Media Router) - C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-13] CHR Profile: C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-05] CHR Profile: C:\Users\RogerandCarolyn\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-05] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6259592 2019-12-20] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [417536 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [10287216 2019-07-25] (AVAST Software s.r.o. -> AVAST Software) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [129752 2016-11-11] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2020-01-05] (Malwarebytes Inc -> Malwarebytes) R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [6828424 2019-10-23] (AVAST Software s.r.o. -> AVAST Software) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2019-12-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2019-12-23] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [161544 2019-11-05] (AVAST Software s.r.o. -> AVAST Software) R1 aswNetSec; C:\WINDOWS\System32\drivers\aswNetSec.sys [552848 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-04] (AVAST Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-01-20] (AVAST Software s.r.o. -> The OpenVPN Project) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software) R3 athr; C:\WINDOWS\System32\drivers\athwnx.sys [4233728 2019-03-18] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.) R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [41024 2015-09-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [216544 2020-01-05] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [278344 2020-01-05] (Malwarebytes Inc -> Malwarebytes) R3 RadioHIDMini; C:\WINDOWS\System32\drivers\RadioHIDMini.sys [23408 2012-07-30] (Samsung Electronics CO., LTD. -> Windows (R) Win 7 DDK provider) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [711968 2019-06-04] (Realtek Semiconductor Corp. -> Realtek ) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2019-12-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2019-12-23] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2019-12-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-05 17:29 - 2020-01-05 17:29 - 002272256 _____ (Farbar) C:\Users\RogerandCarolyn\Downloads\FRST64 (1).exe 2020-01-05 17:26 - 2020-01-05 17:26 - 000000000 ___HD C:\OneDriveTemp 2020-01-05 17:22 - 2020-01-05 17:22 - 000278344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2020-01-05 17:22 - 2020-01-05 17:22 - 000216544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2020-01-05 17:02 - 2020-01-05 17:04 - 008237744 _____ (Malwarebytes) C:\Users\RogerandCarolyn\Downloads\adwcleaner_8.0.1.exe 2020-01-05 16:53 - 2020-01-05 16:53 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\cache 2020-01-05 16:48 - 2020-01-05 16:48 - 001883976 _____ (Malwarebytes) C:\Users\RogerandCarolyn\Downloads\MBSetup.exe 2020-01-04 08:26 - 2020-01-04 08:26 - 000080475 _____ C:\Users\RogerandCarolyn\Documents\Merry Christmas and Happy 2020.pdf 2019-12-16 05:24 - 2019-12-16 05:24 - 000093629 _____ C:\Users\RogerandCarolyn\Downloads\Pics.zip 2019-12-15 17:16 - 2019-12-15 17:16 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2019-12-15 17:16 - 2019-12-15 17:16 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2019-12-15 17:15 - 2019-12-15 17:15 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys 2019-12-15 17:15 - 2019-12-15 17:15 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll 2019-12-15 17:15 - 2019-12-15 17:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2019-12-15 17:14 - 2019-12-15 17:14 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2019-12-15 17:14 - 2019-12-15 17:14 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe 2019-12-15 17:14 - 2019-12-15 17:14 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys 2019-12-15 17:14 - 2019-12-15 17:14 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe 2019-12-15 17:14 - 2019-12-15 17:14 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll 2019-12-15 17:14 - 2019-12-15 17:14 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-01-05 17:41 - 2019-10-28 11:54 - 000026134 _____ C:\Users\RogerandCarolyn\Downloads\FRST.txt 2020-01-05 17:40 - 2019-10-28 11:53 - 000000000 ____D C:\FRST 2020-01-05 17:33 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-05 17:27 - 2018-06-27 12:01 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\AVAST Software 2020-01-05 17:26 - 2016-02-06 15:02 - 000000000 ___RD C:\Users\RogerandCarolyn\OneDrive 2020-01-05 17:24 - 2019-11-11 06:57 - 000000000 ____D C:\Users\UpdatusUser 2020-01-05 17:24 - 2019-11-11 06:57 - 000000000 ____D C:\Users\Administrator 2020-01-05 17:22 - 2019-11-11 07:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-01-05 17:21 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2020-01-05 17:19 - 2015-03-29 17:30 - 000000000 ____D C:\Users\RogerandCarolyn\Desktop\PC Fixes (Julie) 2020-01-05 17:07 - 2014-10-16 18:41 - 000000000 ____D C:\AdwCleaner 2020-01-05 17:01 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-01-05 16:51 - 2019-08-04 16:15 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2020-01-05 16:51 - 2019-08-04 16:15 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk 2020-01-05 16:50 - 2019-08-04 16:15 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2020-01-05 16:50 - 2019-08-04 16:15 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2020-01-05 16:48 - 2018-01-30 07:50 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\Packages 2020-01-05 16:09 - 2019-08-04 17:24 - 000000000 ____D C:\Users\RogerandCarolyn\Documents\Computer Maintenance 2020-01-05 16:08 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF 2020-01-05 15:56 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-01-04 08:30 - 2018-08-04 12:54 - 000000000 ____D C:\Users\RogerandCarolyn\Documents\Outlook Files 2019-12-31 06:08 - 2019-11-11 07:25 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2019-12-29 09:51 - 2019-11-11 07:26 - 000002858 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-915191271-1565821320-4066514102-1002 2019-12-29 09:51 - 2019-11-11 07:25 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2019-12-29 09:51 - 2019-11-11 07:25 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-29 09:51 - 2019-11-11 07:25 - 000003194 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-12-29 09:51 - 2019-11-11 07:25 - 000003124 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-29 09:51 - 2019-11-11 07:25 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2019-12-29 09:51 - 2019-11-11 07:25 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2019-12-29 09:39 - 2019-11-11 06:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-23 06:17 - 2017-04-05 13:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2019-12-23 06:13 - 2018-04-04 03:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2019-12-21 05:42 - 2019-11-11 06:57 - 000000000 ____D C:\Users\RogerandCarolyn 2019-12-18 06:53 - 2017-02-11 12:01 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-12-17 09:41 - 2018-08-04 12:54 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\F8CC88CE-444A-405B-B5DC-FF6B9FD95DFF.aplzod 2019-12-17 07:50 - 2017-03-26 01:09 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\ElevatedDiagnostics 2019-12-17 07:12 - 2018-02-10 14:05 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\PlaceholderTileLogoFolder 2019-12-15 17:41 - 2019-10-28 11:44 - 000000000 ___DC C:\WINDOWS\Panther 2019-12-15 17:41 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-12-15 17:41 - 2018-06-27 13:34 - 000000000 ____D C:\Users\RogerandCarolyn\AppData\Local\CrashDumps 2019-12-15 17:39 - 2019-11-11 07:09 - 000840852 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-15 17:36 - 2013-01-16 19:24 - 000000000 __RHD C:\Users\Public\AccountPictures 2019-12-15 17:35 - 2016-03-18 08:43 - 000000000 ___RD C:\Users\RogerandCarolyn\3D Objects 2019-12-15 17:32 - 2019-11-11 06:47 - 000537440 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2019-12-15 17:29 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources 2019-12-15 17:29 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences 2019-12-15 17:29 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-12-15 17:28 - 2017-04-05 16:08 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-12-15 17:24 - 2017-04-05 16:07 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-12-15 17:23 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-12-15 16:14 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\NDF 2019-12-15 16:07 - 2017-02-11 14:22 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2019-12-15 15:20 - 2019-11-11 07:25 - 000004294 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update ==================== Files in the root of some directories ======== 2018-06-27 13:06 - 2018-06-27 13:06 - 000007628 _____ () C:\Users\RogerandCarolyn\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) ==================== End of FRST.txt ======================== ------------------------------------------------------------------------------------------------------------------------------------------------------ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2019 Ran by RogerandCarolyn (05-01-2020 17:43:32) Running from C:\Users\RogerandCarolyn\Downloads Windows 10 Home Version 1903 18362.535 (X64) (2019-11-11 13:27:27) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-915191271-1565821320-4066514102-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-915191271-1565821320-4066514102-503 - Limited - Disabled) Guest (S-1-5-21-915191271-1565821320-4066514102-501 - Limited - Disabled) RogerandCarolyn (S-1-5-21-915191271-1565821320-4066514102-1002 - Administrator - Enabled) => C:\Users\RogerandCarolyn UpdatusUser (S-1-5-21-915191271-1565821320-4066514102-1001 - Limited - Enabled) => C:\Users\UpdatusUser WDAGUtilityAccount (S-1-5-21-915191271-1565821320-4066514102-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{F6FCA281-09CC-4753-990C-937B93A52C94}) (Version: 1.6 - Eyeo GmbH) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\{52B66F1A-E977-41EE-8359-3C4040BE72F5}) (Version: 12.2.8.198 - Adobe Systems, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 19.1.7734 - AVAST Software) Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 5.2.429 - AVAST Software) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) ELAN Touchpad driver X64 15.7.9.2_WHQL (HKLM\...\Elantech) (Version: 15.7.9.2 - ELAN Microelectronic Corp.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Hallmark Print Studio (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.1.10 - Creative Home) HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP) HP ENVY 4510 series Basic Device Software (HKLM\...\{2B054C3F-C753-47D8-A5CA-D92AC5D455EB}) (Version: 40.11.1122.1796 - HP Inc.) HP ENVY 4510 series Help (HKLM-x32\...\{CB5C9CB2-B471-42CC-93E6-D0E15021D5C2}) (Version: 36.0.0 - Hewlett Packard) HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP) iCloud (HKLM\...\{05D97028-FD26-4A3D-BADC-D1CA2E9F1214}) (Version: 7.10.0.9 - Apple Inc.) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Java 8 Update 161 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180161F0}) (Version: 8.0.1610.12 - Oracle Corporation) Java 8 Update 172 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180172F0}) (Version: 8.0.1720.11 - Oracle Corporation) Java 8 Update 201 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180201F0}) (Version: 8.0.2010.9 - Oracle Corporation) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-915191271-1565821320-4066514102-1002\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden Packages: ========= Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.18.0_neutral__d55gg7py3s0m0 [2019-10-23] (eyeo GmbH) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.623.0_x64__v10z8vjag6ke6 [2019-11-18] (HP Inc.) Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-06] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad] MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-12-16] (Microsoft Corporation) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-10-22] (Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2019-01-15] (Apple Inc. -> Apple Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\RogerandCarolyn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d7a253f58d8885b1\Adblock Plus - free ad blocker.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cfhdojbkjhnklbpkdaibdccddilifddb ==================== Loaded Modules (Whitelisted) ============= 2018-06-09 11:07 - 2016-09-12 14:53 - 048936448 _____ () [File not signed] C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll 2019-03-24 06:24 - 2018-09-05 20:32 - 002095104 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\AVAST Software\SecureLine\libcrypto-1_1.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-02-03 19:25 - 2019-01-04 12:06 - 000000833 _____ C:\WINDOWS\system32\drivers\etc\hosts 2017-11-24 07:57 - 2017-11-24 08:02 - 000000436 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-915191271-1565821320-4066514102-1001\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-915191271-1565821320-4066514102-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\RogerandCarolyn\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\win7 ltblue 1920x1200.jpg HKU\S-1-5-21-915191271-1565821320-4066514102-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{B85FB4F1-652C-4F51-BC88-906444C1B106}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2FC7D647-01ED-459A-99CD-232F4B8092B4}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{0E52EBE8-CF58-4ECB-96EA-BF3FB3C8B2CA}] => (Allow) C:\Program Files\AVAST Software\SecureLine\VpnUpdate.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{A74FB5AF-1697-42E8-A9B4-72FAF368CC69}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F39B3152-559E-41A2-A457-7D30288BE67C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{32B9E7A8-A7D4-4694-9261-43B1291FAFC2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{5CDCF021-BE3C-40E3-AF16-5122300471E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C1268FE7-A3B6-41FF-8D8D-124CBFBE9A8C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{DC9ABA8A-8F06-4868-8519-4C114298CCE7}] => (Allow) C:\Program Files\HP\HP ENVY 4510 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{40D6534E-5B8C-4E5B-87D0-65840E8C371E}] => (Allow) LPort=5357 FirewallRules: [{D26D81C3-C41C-40CA-B327-8281965DC3B2}] => (Allow) C:\Program Files\HP\HP ENVY 4510 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{EAB14282-B89B-4BFD-9BCF-96B0DDCCDE8A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 13-12-2019 09:32:41 Scheduled Checkpoint 15-12-2019 16:46:43 Removed HP Dropbox Plugin 23-12-2019 07:38:11 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (01/05/2020 05:43:36 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3504,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2020 05:27:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AUDIODG.EXE, version: 10.0.18362.449, time stamp: 0xd42474b6 Faulting module name: RltkAPO64.dll, version: 11.0.6000.434, time stamp: 0x5588e2ea Exception code: 0xc0000005 Fault offset: 0x000000000019f64b Faulting process id: 0xaf0 Faulting application start time: 0x01d5c41f03424ae8 Faulting application path: C:\WINDOWS\system32\AUDIODG.EXE Faulting module path: C:\WINDOWS\system32\RltkAPO64.dll Report Id: 28891c56-6d86-4ebd-9068-7f20283dbe3d Faulting package full name: Faulting package-relative application ID: Error: (01/05/2020 05:10:19 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (5172,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2020 05:01:11 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (8912,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (01/05/2020 04:25:31 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY) Description: The required buffer size is greater than the buffer size passed to the Collect function of the "C:\Windows\System32\perfts.dll" Extensible Counter DLL for the "LSM" service. The given buffer size was 28144 and the required size was 33408. Error: (01/05/2020 04:00:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.18362.1, time stamp: 0xceb8cbe1 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000409 Fault offset: 0x0000000000000204 Faulting process id: 0x23a4 Faulting application start time: 0x01d5c4137559b351 Faulting application path: C:\Windows\System32\MicrosoftEdgeCP.exe Faulting module path: unknown Report Id: cbf7c28b-843a-460d-83f9-418cab5a1f61 Faulting package full name: Microsoft.MicrosoftEdge_44.18362.449.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (01/05/2020 03:41:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Laptop.local already in use; will try Laptop-2.local instead Error: (01/05/2020 03:41:51 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 Laptop.local. AAAA FE80:0000:0000:0000:6C2D:A807:C972:C9D0 System errors: ============= Error: (01/05/2020 05:28:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240017: Security Intelligence Update for Windows Defender Antivirus - KB2267602 (Version 1.307.1778.0). Error: (01/05/2020 05:21:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/05/2020 05:21:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/05/2020 05:21:19 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1115" attempting to start the service wuauserv with arguments "Unavailable" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error: (01/05/2020 05:21:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Update Orchestrator Service service hung on starting. Error: (01/05/2020 05:21:02 PM) (Source: DCOM) (EventID: 10010) (User: Laptop) Description: The server {8ED5875F-5DC0-11E4-B843-005056C00008} did not register with DCOM within the required timeout. Error: (01/05/2020 05:21:02 PM) (Source: DCOM) (EventID: 10010) (User: Laptop) Description: The server {8ED58760-5DC0-11E4-8336-005056C00008} did not register with DCOM within the required timeout. Error: (01/05/2020 05:12:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the CleanupPSvc service. Windows Defender: =================================== Date: 2020-01-02 08:22:42.325 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {7F0F726A-B4E5-46A6-AA8E-B02A0F6B94FA} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-12-29 07:25:15.491 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.307.1352.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16600.7 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2020-01-05 17:39:00.384 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:39:00.378 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:38:57.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:38:57.235 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:33:39.132 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:33:39.061 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:33:37.417 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\aswhook.dll that did not meet the Microsoft signing level requirements. Date: 2020-01-05 17:33:37.410 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\AVAST Software\Avast\snxhk.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Phoenix Technologies Ltd. P09RAP 11/01/2013 Motherboard: SAMSUNG ELECTRONICS CO., LTD. NP300E5C-A06US Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Percentage of memory in use: 64% Total physical RAM: 3795.54 MB Available physical RAM: 1333.53 MB Total Virtual: 5011.54 MB Available Virtual: 2547.33 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:272.54 GB) (Free:227.84 GB) NTFS \\?\Volume{d56f1b01-047a-4f3c-9a45-8a1882843cc6}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS \\?\Volume{8e1dffc5-821a-4ebc-bcc5-4ba3091fc763}\ () (Fixed) (Total:0.49 GB) (Free:0.03 GB) NTFS \\?\Volume{51cb7d1c-3d4c-4c1b-b9f0-972755c35fe9}\ (SAMSUNG_REC2) (Fixed) (Total:23.15 GB) (Free:1.1 GB) NTFS \\?\Volume{347b6fb9-62bc-4bd7-4173-636c65706975}\ (SAMSUNG_REC) (Fixed) (Total:1 GB) (Free:0.27 GB) FAT32 \\?\Volume{d68c5adc-790b-48a8-8648-2585bfbbb17e}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: 467FC636) Partition: GPT. ==================== End of Addition.txt =======================
  7. Running Malwarebytes Premium 4.04 on Windows 10 Pro (64 bit - 10.0.17763.914) and I can not get the Malwarebytes GUI to display. The trayicon is present and selecting "open Malwarebytes" does not open the GUI but the trayicon option changes to "Hide Malwarebytes". In addition to not being able to open the GUI, everything is incredibly slow (can take minutes to load a webpage that normally takes less than a second).
  8. I experienced a dramatic slow down of my Windows 10 PC about 5 months ago, and I did everything I could think of to figure out what the problem was - deleted all extraneous programs, etc., etc. I would hate to know the hours I wasted, and I admit that I'm far from a techie. My computer was running at about 5% of its normal speed, and it was so dramatic that I was looking at new machines. Then Malwarebytes made an update about 11-25-19, and magically my problem disappeared. I was very happy, but also a little angry that Malwarebytes let this bug go on for so long. I am running Malwarebytes Premium, and it will be the first thing I disable the next time if the problem ever recurs. I couldn't have been the only one living with this conflict, and I think Malwarebytes owes it to it customers to avoid such extended problems in the future. 😖
  9. Hi, I installed the Malwarebytes Browser Extension into the Brave Browser (Chrome-based) as an alternative to the Kaspersky extension as the latter only supports Chrome and Firefox. Yours is an excellent product that more than fills the gap so well done! That said, it often runs really, really slowly in Brave and the difference in page load time is 10-30 seconds depending on whether or not the extension is disabled (turning it off in its own settings page makes no difference): - On 17 July, I ran a ping test and it initially doubled ping time, slowed downloads by 15% and uploads by 10%, compared to running the same test immediately after with the extension disabled. - On 31 July I did some online banking and enabled the extension but pages took 30 seconds to load with a message in the bottom corner saying that the browser was waiting for Malwarebytes. - Today it is adding 10 seconds to download times. In the attached video you can see me enable the extension and go to Sky.com - about a 10 second delay. I then disable the extension and go to another national broadcaster (itv.com) and it connects almost instantly. I'd love you to get this fixed as it will give you a real advantage over Kaspersky and plug a security gap in the otherwise brilliant Brave browser. Brave Malwarebytes.mp4
  10. Hello, as described on the "I'm infected" topic (https://forums.malwarebytes.com/topic/9573-im-infected-what-do-i-do-now/) I did all the indications, I now need help to know what to do please. The laptop has been very slow for a long time but I want to clear everything now, basically when I make an analysis with malwarebytes or kaspersky antivirus or any softwares of this kind it doesn't find anything, but I see it: the pc is very very slow and isn't too old, on top of that it has great components (nvidia 740m, intel core i7 etc...) that's why after doing some research on the subject I think it's a rootkit. Using hitman pro too, on a random automatic daily analysis it has managed to found a threat, that I couldn't delete, that neither malwarebytes nor kaspersky found afterwards. Please help, the files asked for in the topic should be uploaded, thank you for your attention I hope the problem can be solved, thank you again. Addition.txt FRST.txt Malwarebytes.txt
  11. Hi comrades, My laptop is running real slow, occasionally shuts down like the power supply turned off, I tried running some virus/malware tools but a pop up came saying failed to update, or could not load! I used to try stream free sports on websites that probably infected my laptop. i'm a novice - please instruct what do i need to do to get help analyse my computer for virus, malware and processes slowing me down Thanks
  12. My Desktop suddenly lags for some reason I don't know. Other programs are not affected, just when I'm at the desktop screen, photoshop is also affected for some reason but its the only program I know as to date that is affected. Addition.txt FRST.txt Malwarebytes Scan Report.txt
  13. I see a lot of posts about Malwarebytes 3 causing Windows 7 to become unresponsive. I want to join those reporting this problem on Windows 10 as well. In recent months, I noticed my laptop feeling sluggish, occasionally becoming unresponsive for > 10 seconds. I blamed Windows and soldiered on. In December 2018, Chrome suddenly became unusable with every control and website freezing for 20 seconds or more before finally responding. I went through recommended troubleshooting steps all the way up to complete reset/reinstall. Nothing helped. Edge and Firefox were usually responsive, but not entirely free of this issue. Checked system performance/resources, network speed, etc. No obvious issues found. Then, I tried turning off Malwarebytes Real Time Protection. Not only Chrome, but all apps and Windows 10 itself immediately become snappy and responsive again. After more testing, I discovered Malware protection is the problem layer. I can leave all other Real-Time protection layers on and have excellent response time as long as Malware protection remains off. Until recent months, I had all Real-Time protection layers on since version 3 was released with little or no significant sluggishness. Freezing was evident in multiple apps. I noticed it first in apps such as Chrome, Firefox and Clatter because I use them a lot. Chrome was by far the worst, with all websites and app controls being consistently unresponsive for long periods. Surprisingly, even though it's frequently used and my default browser, Edge was least impacted by this issue (after being the problem child in previous years). Information below is probably included in the logs, but I'm adding it here so others can easily see/compare to their own configurations: This PC is not running any other malware solutions other than Windows Defender and Malwarebytes. Malwarebytes Premium version: 3.6.1.2711; component package: 1.0.508; update package: 1.0.8698 Windows 10 1809 (build 17763.195) Device: HP Spectre x360 i7, 16GB RAM, storage: 476 GB SSD (286 GB free) Chrome version 71.0.3578.98 (64-bit) mbst-grab-results.zip
  14. Im seeing a slight, but noticable, delay on opening folders. It feels like around a ~100ms delay, it's not much granted, but it's enough to make windows explorer feel slightly sluggish and to be honest this should not happen with a program like Malwarebytes in my opinion. Upon quitting Malwarebytes the folders clearly again opens without the delay. I should mention that the delay feels exactly the same on my HDD as it does on my SSD, opening folders on my SSD when Malwarebytes is active has the same delay. Also another thing I noticed is that folders that I have set as excluded has the exact same delay, which is surprising I think. What is causing this? And more importantly: how to fix it?
  15. For some reason while malwarebytes is running, the cpu usage is constantly spiking to up to 30% while the computer is idle. I decided to record it: https://www.youtube.com/watch?v=W94otr2F_qs Can someone please explain to me what Malwarebytes is doing in the background and why it's causing "System" to have so much cpu usage rather than the actual MB service process?
  16. Good afternoon, lately my internet connection started being really slow so I thought it could be caused by a malware, then I decided to install and run Malwarebytes on my PC since Windows Defender didn't help me at all. This problem only occurs temporally, then my connection works normally for a few hours, so I don't think it's about hardware. Malwarebytes found many threats which I've already deleted, but I'll post its scan log anyway. It solved an issue that made the Google website be slow, but my internet is still failing a lot. Of course, I've been talking to my internet provider company, but they found no issues, and my speed should be 300 Mb/s as it's shown by the speed tests but it's clearly not. Furthermore this is not happening to any other devices connected via Wi-Fi. At this point I'm totally lost, so I'd be grateful if you could help me. Thank you very much. (FRST, Addition and Malwarebytes logs are attached) FRST.txt Addition.txt malwarebytesLog.txt
  17. After purchasing Malwarebytes, I noticed my java development environment (playframework) recompile time on code change double from 10s to 20s, despite the dev directory being completely excluded. My morning ritual is now to startup my computer and quit Malwarebytes. This link seems to suggest it is the self-protection module that causes the slowdown. I assume it is the java process that is causing the issue but I don't want to exclude java because I assume java could be unsafe and should be monitored as long as it is not called from my dev directory. (Note that there is another issue here that appears to be a similar issue that support may want to handle at the same time.) How do I have malwarebytes on safely without impact to java compile time under a completely whitelisted directory?
  18. Hi, I believe I was recently infected by a virus of some sort. Since a few days ago, my laptop (Microsoft Surface Pro 4) has been playing up: 1. A lot of the time, it will be running on 80-100% CPU and the laptop will be extremely hot and the fan will be very loud. When I check to see what it is that's using up the CPU it is mostly 'svchost.exe' in a folder called SysWOW64. 2. The laptop has become very slow as well and it will take a long time to open folders, etc. 3. Sometimes the laptop will crash and a blue screen will appear saying 'CRITICAL_PROCESS_DIED' and it will restart 4. I have malwarebytes installed, and when I start up the computer a lot of the time a box will pop up in the bottom right corner saying that a website has been blocked even though I haven't even opened the internet yet. The domain is 'de-mi-nis-ner.info' which seems dodgy. Please help, I don't know what to do. I have scanned it many times with Windows defender and Malwarebytes and they have both said there are no viruses. Thanks in advance!
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.