Jump to content
MadDemon64

Malwarebytes just removed IOBit Driver Booster from my computer. I never installed IOBit.

Recommended Posts

As the title says, Malwarebytes just detected something called IOBit Driver Booster on my computer, something I never installed.  I have no idea how it got there but Malwarebytes detected it.

Should I be concerned?

Share this post


Link to post
Share on other sites

Hi MadDemon :)

Do you have any IObit program on your system? Also, most of IObit programs have been known to be bundled in some installers (and are therefore considered PUPs), so it might be how it ended up on your system.

Share this post


Link to post
Share on other sites
1 minute ago, Aura said:

Hi MadDemon :)

Do you have any IObit program on your system? Also, most of IObit programs have been known to be bundled in some installers (and are therefore considered PUPs), so it might be how it ended up on your system.

I only see IObit in the Windows folder with the folder DisabledTasks (which is empty) and the ProgrmData folder with an "Install" configuration setting.

Wait a second...all of these were put on my computer on September 10th...

I think I might have been a little hasty.  I'm going to double check this, but I think my computer was in the shop on the 10th.

I think this might just be a false alarm and it was installed on my computer because my technician had to reinstall all my drivers (computer wouldn't start, restore, or reset).

I am 99% certain this is a false alarm.

Share this post


Link to post
Share on other sites

The PUP detection isn't a false alarm, because Driver Booster really is a PUP. It isn't a dangerous threat, though it isn't something you want to keep installed as it's useless and can be bothering at time.

Also, this is just my opinion as a technician myself, but if your shop really uses these kind of programs to install drivers, I suggest you to start looking for another shop with more competent technicians :) 

Share this post


Link to post
Share on other sites

It could have been pushed with a bundled installer, that's the most plausible case.

Share this post


Link to post
Share on other sites
Just now, Aura said:

It could have been pushed with a bundled installer, that's the most plausible case.

I haven't installed anything recently, just general updates.  Since the folder says it was installed on September 10th, is that to be believed, and why is Malwarebytes only picking it up now?

Share this post


Link to post
Share on other sites

Malwarebytes recently took a more agressive stance on PUPs, and so certain products that weren't flagged before now are because of these changes. For more information, you can check out the thread below.

https://forums.malwarebytes.org/topic/189093-new-criteria-for-detecting-potentially-unwanted-products-pups

Maybe the folder was last modified on September 10th, but created before?

Share this post


Link to post
Share on other sites
4 minutes ago, Aura said:

Malwarebytes recently took a more agressive stance on PUPs, and so certain products that weren't flagged before now are because of these changes. For more information, you can check out the thread below.

https://forums.malwarebytes.org/topic/189093-new-criteria-for-detecting-potentially-unwanted-products-pups

Maybe the folder was last modified on September 10th, but created before?

No, my file explorer says that it was last modified today (when Malwarebytes detected and quarantined all of IOBit's stuff) and it was created on September 10.  Same for the installer configuration settings: created on September 10.

I'm currently running every scanner I have on my computer (Malwarebytes, Norton, and Hitmanpro) to make sure it's no longer there.

Edited by MadDemon64

Share this post


Link to post
Share on other sites

Alright, let us know how it goes :)

Share this post


Link to post
Share on other sites

Hello!

It is not just a false positive?

Detection, 19/10/2016 08:53, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\ChangeIcon.exe, Quarentena, [957d9308841665d16857db3ac342b54b]
Detection, 19/10/2016 08:53, Edson, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\AUpdate.exe, Quarentena, [aa68f0ab801a0531cdf2d3426b9ae917]
Detection, 19/10/2016 08:53, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\DRIVER BOOSTER\4.0.4\ScanDisp.exe, Quarentena, [a86a2873d4c6c2744f709085669fc33d]
Detection, 19/10/2016 08:53, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe, Quarantine Failed, 5, Acesso negado.  , [888a782304961f173b84928363a25ba5]
Detection, 19/10/2016 08:53, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe, Quarantine Failed, 5, Acesso negado.  , [888a782304961f173b84928363a25ba5]
Detection, 19/10/2016 08:54, Edson, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\FaultFixes.exe, Quarentena, [bf5379225a40cb6b67589a7b08fd8e72]
Detection, 19/10/2016 08:54, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\Driver Booster\4.0.4\DriverBooster.exe, Quarentena, [888a782304961f173b84928363a25ba5]
Detection, 19/10/2016 08:54, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, c:\program files (x86)\iobit\driver booster\4.0.4\driverbooster.exe, Quarantine Failed, 2, O sistema não pode encontrar o arquivo especificado.  , [888a782304961f173b84928363a25ba5]
Detection, 19/10/2016 08:55, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, c:\program files (x86)\iobit\driver booster\4.0.4\driverbooster.exe, Quarantine Failed, 2, O sistema não pode encontrar o arquivo especificado.  , [888a782304961f173b84928363a25ba5]
Detection, 19/10/2016 08:55, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DRIVER BOOSTER 4\DRIVER BOOSTER 4.LNK, Quarentena, [91816b305b3fc5712a9b10056c99e31d]
Detection, 19/10/2016 08:55, SYSTEM, DESKTOP-JTVQ5EM, Protection, Proteção contra malware, Arquivo, PUP.Optional.DriverBooster, C:\Program Files (x86)\IObit\DRIVER BOOSTER\4.0.4\unins000.exe, Quarentena, [9d757328653554e201be47ce15f0ce32]

Serial 

 

Share this post


Link to post
Share on other sites

It isn't a false positive, no. Let's see if you have more IObit stuff installed.

3Al62Pm.pngMiniToolBox

  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • List Installed Programs;
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

Share this post


Link to post
Share on other sites
13 minutes ago, Aura said:

It isn't a false positive, no. Let's see if you have more IObit stuff installed.

3Al62Pm.pngMiniToolBox

  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • List Installed Programs;
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

 

 

 LOG Mini ToolBox as requested

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Edson (administrator) on 19-10-2016 at 13:01:48
Running from "C:\Users\Edson\Área de Trabalho"
Microsoft Windows 10 Pro  (X64)
Model: p6540br Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************

=========================== Installed Programs ============================

. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
µTorrent 3.4.9 (HKLM-x32\...\µTorrentPro 3.4.9 Build 42606) (Version:  - )
Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 23 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 23.0.0.185 - Adobe Systems Incorporated)
AIDA64 Extreme v5.75 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.75 - FinalWire Ltd.)
Assistente de Atualização do Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17350 - Microsoft Corporation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.5.62.6296 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.23 - Piriform)
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.4601.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver Booster 4.0 (HKLM-x32\...\Driver Booster_is1) (Version: 4.0.4 - IObit)
Driver Easy 5.1.2 (HKLM\...\DriverEasy_is1) (Version: 5.1.2 - Easeware)
DriverMax 8 (HKLM-x32\...\DMX5_is1) (Version: 8.28.0.484 - Innovative Solutions)
ESET Smart Security (HKLM\...\{E284C39D-879D-4DC9-BAC9-742DC9A0277D}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
Galeria de Fotos (HKLM-x32\...\{9EE1AE8B-4872-41CA-8C9A-C33D899523E0}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.59 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HP Officejet Pro 8600 Ajuda (HKLM-x32\...\{4795BA34-DD3D-448A-A602-AD221F9B281B}) (Version: 28.0.0 - Hewlett Packard)
HP Officejet Pro 8600 Estudo de aprimoramento de produtos (HKLM\...\{EBFC3B3E-0328-44DD-AD9F-77E46A81EC0C}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Software básico do dispositivo (HKLM\...\{B7218FC4-74AB-46B0-9D44-FFDCEE3535E2}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Kaspersky Cleaner (HKLM-x32\...\{7DDC11A1-C25C-4090-AC3F-0330955593BA}) (Version: 1.0.1.150 - Kaspersky Lab)
Kaspersky Software Updater Beta (HKLM-x32\...\{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{94C8D443-1D07-4E6D-A9EB-FDBA45A839D8}) (Version: 1.5.2.228 - Kaspersky Lab)
K-Lite Mega Codec Pack 12.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.4.4 - KLCP)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Anti-Ransomware version 0.9.17.661 (HKLM\...\{6CA75021-FBB0-41A5-B95C-FC1C9E0421F0}_is1) (Version: 0.9.17.661 - Malwarebytes)
MegaDownloader 1.7 (HKLM\...\{C12C2297-65A4-4E64-9AE1-29F0D947FDA0}}_is1) (Version: 1.7 - AppsForMega.info)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Movie Maker (HKLM-x32\...\{C05F4139-CB6B-4272-A0BF-861FEB667F27}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 49.0.1 (x64 pt-BR) (HKLM\...\Mozilla Firefox 49.0.1 (x64 pt-BR)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
Mozilla Thunderbird 45.4.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Thunderbird 45.4.0 (x86 pt-BR)) (Version: 45.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero 2016 (HKLM-x32\...\{4297E807-5633-466A-8AC0-5AC48D310471}) (Version: 17.0.02000 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
PC Camera (0022.2009.1125.1004) (HKLM-x32\...\{B2920232-19DA-44FC-835F-68E427EAE2CE}) (Version: 10.22.09 - PixArt)
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.8.311.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7954 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.)
RSDLite (HKLM-x32\...\{494CAE58-BBC3-4782-B59F-02F163E4A32B}) (Version: 6.2.4 - Motorola)
Secunia PSI (3.0.0.11005) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.101 - Skype Technologies S.A.)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version:  - )
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Telegram Desktop version 0.10.11 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.10.11 - Telegram Messenger LLP)
UltraISO Premium V9.65 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PRJPRO_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version:  - Microsoft)
Update for Skype for Business 2016 (KB3115087) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{C48D0508-2A21-42EA-8BC9-D387768F54F4}) (Version:  - Microsoft)
Vivaldi (HKLM-x32\...\Vivaldi) (Version: 1.5.638.3 - Vivaldi)
WhatsApp (HKCU\...\WhatsApp) (Version: 0.2.1880 - WhatsApp)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

**** End of log ****

Serial

Share this post


Link to post
Share on other sites
16 minutes ago, Aura said:

It isn't a false positive, no. Let's see if you have more IObit stuff installed.

3Al62Pm.pngMiniToolBox

  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • List Installed Programs;
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

 

Wait him, me, or both?  So far nothing has shown up in Malwarebytes, Hitmanpro, or ADWCleaner.  I'm currently running Norton.

Share this post


Link to post
Share on other sites
3 minutes ago, MadDemon64 said:

Wait him, me, or both?  So far nothing has shown up in Malwarebytes, Hitmanpro, or ADWCleaner.  I'm currently running Norton.

 

I will wait for a definition. Should I remove the Driver Booster?

Share this post


Link to post
Share on other sites

@Serial, it shows that you have Driver Booster 4.0 installed as program, so you can uninstall it.

@MadDemon64, I just noticed that Serial posted in the thread and I mistaken it for you, sorry about that.

Share this post


Link to post
Share on other sites
Just now, Aura said:

@Serial, it shows that you have Driver Booster 4.0 installed as program, so you can uninstall it.

@MadDemon64, I just noticed that Serial posted in the thread and I mistaken it for you, sorry about that.

So only he needs to install MiniToolBox?

Share this post


Link to post
Share on other sites

my IObit programs have been added to my Malwarebytes quarantine. Is there an issue with IObit? or is it safe to keep the programs?

Share this post


Link to post
Share on other sites
1 minute ago, smv1973 said:

my IObit programs have been added to my Malwarebytes quarantine. Is there an issue with IObit? or is it safe to keep the programs?

That's something I'm wondering too.  They're PUPs (Potentially unwanted programs), but they aren't viruses or malware?  It's kinda confusing to me.

Share this post


Link to post
Share on other sites

The IObit detections aren't false positives from Malwarebytes. Please see the thread I linked above. For more information on PUPs, you can check out the link below.

https://www.malwarebytes.com/pup/

@MadDemon64: MiniToolBox is a standalone executable, you don't need to install it. Simply execute it and run it.

Edit: Malwarebytes Gets Tougher on PUPs.

https://forums.malwarebytes.org/topic/189093-new-criteria-for-detecting-potentially-unwanted-products-pups/

If you wish to keep your IObit products, you can add them to Malwarebytes' exclusion list. Though personally, I consider their product quite useless and potentially harmful. PC Boosters, Driver Updaters, etc. are NOT needed on a computer and they won't help you with anything.

Edited by Aura

Share this post


Link to post
Share on other sites
2 minutes ago, Aura said:

The IObit detections aren't false positives from Malwarebytes. Please see the thread I linked above. For more information on PUPs, you can check out the link below.

https://www.malwarebytes.com/pup/

@MadDemon64: MiniToolBox is a standalone executable, you don't need to install it. Simply execute it and run it.

Edit: Malwarebytes Gets Tougher on PUPs.

https://forums.malwarebytes.org/topic/189093-new-criteria-for-detecting-potentially-unwanted-products-pups/

 

No, I mean you were only talking to Serial regarding MiniToolBox and not me.  So far Norton has only picked up tracking cookies, ADWcleaner and Malwarebytes came up empty, and HitmanPro detected tracking cookies.  No PUPs, especially IOBit PUPs, have been detected so far (but we will see after Norton is finished).  I'm just wondering if the MiniToolBox will be necessary for me given how there seems to be a high probability that the problem has been solved if the scans are to be believed.

Share this post


Link to post
Share on other sites

You can read MiniToolBox if you want so I can check whether or not you have more IObit program installed. Though if you proceeded to remove Malwarebytes detections, the issue has already been solved.

Share this post


Link to post
Share on other sites
2 minutes ago, Aura said:

You can read MiniToolBox if you want so I can check whether or not you have more IObit program installed. Though if you proceeded to remove Malwarebytes detections, the issue has already been solved.

Does quarantine count as removed detections, or do I need to delete them from quarantine?

Share this post


Link to post
Share on other sites

Quarantine removes the detection (threat) by moving the file/folder and/or key/entry in the quarantine section of Malwarebytes. If you want, you can delete the content of the quarantine after.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.