Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

password protected files cant scan - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

my bitdefeder scan came up with 281 password protected files

they were all to do with freeware movie converter which i have paid version so could do without losing it

logs

thanks

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2020
Ran by chris (administrator) on DESKTOP-NRT0SVH (Dell Inc. OptiPlex 760) (14-04-2020 17:13:19)
Running from C:\Users\chris\OneDrive\Desktop
Loaded Profiles: chris (Available Profiles: chris)
Platform: Windows 10 Pro Version 1909 18363.720 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Audials AG -> ) C:\Program Files (x86)\Audials\Audials 2020\AudialsNotifier.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\downloader.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\chris\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [451928 2020-02-18] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2020\AudialsNotifier.exe [2200280 2020-02-03] (Audials AG -> )
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\MountPoints2: {a52ad130-6acb-11ea-8b0f-00e9170059fc} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-08] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {19352892-A217-48AB-ABF8-61C93F774CC5} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [525632 2020-01-27] (Bitdefender SRL -> Bitdefender)
Task: {2CADAEF4-8744-4EF1-B886-0BFDBA07A6E5} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [490808 2019-11-27] (Bitdefender SRL -> Bitdefender)
Task: {AF83ECB7-0E57-47C9-B3C9-53539222547D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {C4350642-580F-4981-9095-CEEFD2885749} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-20] (Google Inc -> Google Inc.)
Task: {D084F21C-AAA7-419C-A34E-0F0DA3B5BA38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-20] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 canonicalizer.ucsuri.tcs
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b9419986-6e14-4053-b6d2-40d2cb967ec7}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-3746604060-3463744706-3131182942-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-02-27] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-03-02] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi [2016-07-26] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
CHR Profile: C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default [2020-04-14]
CHR Notifications: Default -> hxxps://plus.betway.com; hxxps://videoconverter.wondershare.com
CHR Extension: (Slides) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-20]
CHR Extension: (Docs) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-20]
CHR Extension: (Google Drive) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-20]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-03-21]
CHR Extension: (YouTube) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-20]
CHR Extension: (Send to Kindle for Google Chrome) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2020-02-18]
CHR Extension: (Sheets) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-20]
CHR Extension: (Bitdefender Wallet) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-04-08]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [3401600 2020-02-17] (AnchorFree Inc -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [465424 2020-02-18] (Bitdefender SRL -> Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [119368 2019-12-06] (Bitdefender SRL -> Bitdefender)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-13] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1329240 2020-01-15] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2019-12-16] (AnchorFree Inc -> The OpenVPN Project)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-09-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739264 2019-07-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2020-03-20] (Digiarty, Inc. -> Digiarty Software, Inc.)
R3 e1kexpress; C:\WINDOWS\system32\DRIVERS\e1k63x64.sys [498032 2013-02-20] (Intel Corporation -> Intel Corporation)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564136 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-07-04] (Bitdefender SRL -> Bitdefender)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-02-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-14] (Malwarebytes Inc -> Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-01] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-14 15:24 - 2020-04-14 15:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-14 15:22 - 2020-04-14 15:22 - 000448512 _____ (OldTimer Tools) C:\Users\chris\Downloads\TFC.exe
2020-04-14 11:56 - 2020-04-14 11:56 - 008196784 _____ (Malwarebytes) C:\Users\chris\Downloads\adwcleaner_8.0.4 (1).exe
2020-04-14 11:56 - 2020-04-14 11:56 - 001965536 _____ (Malwarebytes) C:\Users\chris\Downloads\MBSetup (2).exe
2020-04-06 10:52 - 2020-04-06 10:52 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-05 15:42 - 2020-04-05 15:42 - 008196784 _____ (Malwarebytes) C:\Users\chris\Downloads\adwcleaner_8.0.4.exe
2020-04-05 15:36 - 2020-04-05 15:36 - 014566496 _____ (ESET spol. s r.o.) C:\Users\chris\Downloads\esetonlinescanner.exe
2020-04-05 15:33 - 2020-04-05 15:33 - 000000000 ____D C:\ProgramData\dbg
2020-04-05 15:32 - 2020-04-05 15:32 - 000161528 _____ C:\ProgramData\vpn.1586097140.bdinstall.v2.bin
2020-04-05 15:32 - 2020-04-05 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2020-04-05 15:32 - 2019-12-16 13:49 - 000048624 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aftap0901.sys
2020-04-05 15:29 - 2020-04-05 15:29 - 000823464 _____ C:\ProgramData\cl.1586096711.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000138640 _____ C:\ProgramData\dm.1586096985.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000102260 _____ C:\ProgramData\cl.kit.1586096705.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000003420 _____ C:\WINDOWS\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2020-04-05 15:27 - 2020-04-05 15:32 - 000002195 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2020-04-05 15:27 - 2020-04-05 15:32 - 000002195 _____ C:\ProgramData\Desktop\Bitdefender VPN.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000002342 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000002342 _____ C:\ProgramData\Desktop\Bitdefender.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2020-04-05 15:27 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2020-04-05 15:26 - 2020-01-17 03:03 - 000046056 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2020-04-05 15:26 - 2019-11-18 20:08 - 000564136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-04-05 15:26 - 2019-09-23 09:43 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-04-05 15:26 - 2019-07-29 16:32 - 000739264 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-04-05 15:26 - 2018-04-27 08:45 - 000096448 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2020-04-05 15:25 - 2020-04-05 16:31 - 000000000 ____D C:\ProgramData\Bitdefender
2020-04-05 15:25 - 2020-04-05 15:29 - 000000000 ____D C:\Users\chris\AppData\Roaming\Bitdefender
2020-04-05 15:25 - 2020-04-05 15:25 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-04-05 15:25 - 2020-04-05 15:25 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2020-04-05 15:25 - 2019-07-04 12:15 - 000196392 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2020-04-05 15:25 - 2019-01-14 17:25 - 000610640 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2020-04-05 15:25 - 2018-11-28 06:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2020-04-05 15:23 - 2020-04-05 15:29 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-04-05 15:23 - 2020-04-05 15:23 - 000113636 _____ C:\ProgramData\agent.1586096585.bdinstall.v2.bin
2020-04-05 15:22 - 2020-04-05 15:22 - 012422992 _____ C:\Users\chris\Downloads\bitdefender_windows_e29ebc86-9bd6-40d0-8f62-c511d7d28d82.exe
2020-03-22 22:56 - 2020-03-22 23:07 - 835703352 _____ C:\Users\chris\Downloads\1990.mp4
2020-03-21 16:04 - 2020-03-21 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-03-21 16:04 - 2020-03-21 16:04 - 000001397 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-03-21 16:04 - 2020-03-21 16:04 - 000001397 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-03-21 16:04 - 2020-03-21 16:04 - 000000000 ____D C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2020-03-21 16:03 - 2020-03-21 16:03 - 001012056 _____ (Mixbyte Inc. ) C:\Users\chris\Downloads\FreemakeVideoConverterSetup_95796aec-0b65-1392-1eb0-bba3ba966322 (2).exe
2020-03-21 02:55 - 2020-03-21 02:55 - 014562400 _____ (ESET spol. s r.o.) C:\Users\chris\Downloads\esetonlinescanner_enu (2).exe
2020-03-21 01:22 - 2020-03-21 05:49 - 000000000 ____D C:\Users\chris\AppData\Roaming\HandBrake
2020-03-21 01:21 - 2020-03-21 16:02 - 000000000 ____D C:\Program Files\HandBrake
2020-03-21 01:18 - 2020-03-21 01:18 - 000000000 ____D C:\Users\chris\AppData\Roaming\10692
2020-03-21 01:14 - 2020-03-21 01:14 - 000000171 _____ C:\Users\chris\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-03-21 01:14 - 2020-03-21 01:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-03-21 01:13 - 2020-03-21 01:15 - 000000000 ____D C:\Users\chris\OneDrive\Documents\DVDFabCommon
2020-03-21 01:12 - 2020-03-21 01:14 - 000000000 ____D C:\Users\chris\OneDrive\Documents\DVDFab11
2020-03-20 19:43 - 2020-03-20 19:44 - 000000000 ____D C:\Users\chris\AppData\Roaming\Subtitle Edit
2020-03-20 19:43 - 2020-03-20 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2020-03-20 19:43 - 2020-03-20 19:43 - 000000000 ____D C:\Program Files\Subtitle Edit
2020-03-20 18:19 - 2020-03-20 20:16 - 000000000 ____D C:\Users\chris\OneDrive\Documents\Wondershare DVD Creator
2020-03-20 17:53 - 2020-03-21 01:52 - 000000000 ____D C:\Users\chris\OneDrive\Documents\Wondershare Filmora 9
2020-03-20 17:11 - 2020-03-20 17:11 - 000000000 ____D C:\Users\chris\AppData\Roaming\AVS4YOU
2020-03-20 17:09 - 2020-03-20 19:53 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2020-03-20 17:09 - 2020-03-20 17:11 - 000000000 ____D C:\ProgramData\AVS4YOU
2020-03-20 17:09 - 2012-03-23 19:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2020-03-20 09:58 - 2020-03-20 09:58 - 000000000 ____D C:\Users\chris\AppData\Local\FreemakeVideoConverter
2020-03-20 09:57 - 2020-03-21 16:04 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-03-20 09:57 - 2020-03-20 09:58 - 000000000 ____D C:\ProgramData\Freemake
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-14 17:14 - 2019-01-30 20:33 - 000000000 ____D C:\FRST
2020-04-14 17:08 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-14 17:06 - 2019-12-21 19:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-14 17:06 - 2019-12-21 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-14 16:13 - 2019-12-21 19:52 - 000776292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-14 16:13 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-14 15:23 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-14 11:12 - 2019-07-01 22:03 - 000000000 ____D C:\Users\chris\AppData\Local\D3DSCache
2020-04-14 11:10 - 2019-12-21 19:43 - 000000000 ____D C:\Users\chris
2020-04-13 22:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-13 22:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-13 21:46 - 2019-03-21 21:25 - 000000000 ____D C:\Users\chris\AppData\Roaming\vlc
2020-04-13 21:45 - 2019-03-21 21:26 - 000000000 ____D C:\Users\chris\AppData\Roaming\dvdcss
2020-04-13 21:40 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-04-08 08:04 - 2019-03-20 21:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-08 08:04 - 2019-03-20 21:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-08 08:04 - 2019-03-20 21:24 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-06 10:52 - 2020-01-31 23:15 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-05 15:32 - 2020-01-01 09:13 - 000000000 ____D C:\Program Files\Bitdefender
2020-04-05 15:17 - 2019-06-05 02:03 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-05 15:12 - 2019-12-21 19:36 - 000313464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-21 16:04 - 2020-01-20 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-03-21 16:04 - 2020-01-20 00:21 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-03-21 03:04 - 2019-12-21 19:57 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 03:04 - 2019-12-21 19:57 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-21 01:53 - 2019-07-11 18:10 - 000099384 _____ C:\Users\chris\AppData\Roaming\inst.exe
2020-03-21 01:53 - 2019-07-11 18:10 - 000082816 _____ (VSO Software) C:\Users\chris\AppData\Roaming\pcouffin.sys
2020-03-21 01:53 - 2019-07-11 18:10 - 000007859 _____ C:\Users\chris\AppData\Roaming\pcouffin.cat
2020-03-21 01:53 - 2019-07-11 18:10 - 000000000 ____D C:\Users\chris\AppData\Roaming\VSO
2020-03-21 01:53 - 2019-07-11 18:10 - 000000000 ____D C:\Program Files (x86)\VSO
2020-03-21 01:53 - 2019-01-30 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2020-03-21 01:12 - 2017-12-18 18:05 - 000000000 ___RD C:\Users\chris\OneDrive
2020-03-20 23:29 - 2019-11-23 05:12 - 000000000 ____D C:\Users\chris\OneDrive\Documents\ConvertXToDVD
2020-03-20 23:28 - 2019-11-23 05:13 - 000000000 ____D C:\Users\chris\OneDrive\Documents\ConvertXtoDVD_Resources
2020-03-20 19:53 - 2020-01-20 00:31 - 000000000 ____D C:\Users\chris\AppData\Roaming\DVDVideoSoft
2020-03-20 17:54 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-20 10:01 - 2019-07-01 21:47 - 000276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2020-03-18 15:49 - 2019-12-21 19:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 15:49 - 2019-06-13 19:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 15:39 - 2019-12-21 19:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3746604060-3463744706-3131182942-1001
2020-03-18 15:39 - 2019-12-21 19:43 - 000002367 _____ C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2020-03-21 01:14 - 2020-03-21 01:14 - 000000171 _____ () C:\Users\chris\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-07-11 18:10 - 2020-03-21 01:53 - 000099384 _____ () C:\Users\chris\AppData\Roaming\inst.exe
2019-07-11 18:10 - 2020-03-21 01:53 - 000007859 _____ () C:\Users\chris\AppData\Roaming\pcouffin.cat
2019-07-11 18:10 - 2020-03-21 01:53 - 000001167 _____ () C:\Users\chris\AppData\Roaming\pcouffin.inf
2019-07-11 18:10 - 2020-03-21 01:53 - 000000055 _____ () C:\Users\chris\AppData\Roaming\pcouffin.log
2019-07-11 18:10 - 2020-03-21 01:53 - 000082816 _____ (VSO Software) C:\Users\chris\AppData\Roaming\pcouffin.sys
2019-12-14 00:37 - 2019-12-14 00:37 - 000004608 _____ () C:\Users\chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2020
Ran by chris (14-04-2020 17:17:01)
Running from C:\Users\chris\OneDrive\Desktop
Windows 10 Pro Version 1909 18363.720 (X64) (2019-12-21 18:58:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3746604060-3463744706-3131182942-500 - Administrator - Disabled)
chris (S-1-5-21-3746604060-3463744706-3131182942-1001 - Administrator - Enabled) => C:\Users\chris
DefaultAccount (S-1-5-21-3746604060-3463744706-3131182942-503 - Limited - Disabled)
Guest (S-1-5-21-3746604060-3463744706-3131182942-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3746604060-3463744706-3131182942-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Audials 2020 (HKLM-x32\...\{31199640-4E69-487D-8F83-9F0943DD8F8E}) (Version: 20.2.12.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.161 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.14.86 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.16.95 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.702 - Bitdefender)
calibre 64bit (HKLM\...\{2E30EF94-3222-47C1-BFEA-112D0FCF2D07}) (Version: 4.10.1 - Kovid Goyal)
eBook Converter Bundle 3.19.918.425 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.19.918.425 - eBook Converter Team)
Freemake Video Converter version 4.1.11 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.11 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
InPlay IPTV (HKLM-x32\...\{BCF20ECF-4CFE-4128-B7DB-9EE219C40888}) (Version: 4.4.10 - Cobain ltd)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MP4 Player 3 (HKLM-x32\...\MP4 Player_is1) (Version:  - Tomabo)
Subtitle Edit 3.5.14 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.14.1 - Nikse)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinX DVD Copy Pro 3.9.1 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)
WinX DVD Ripper Platinum 8.8.0 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Bing in Space -> C:\Program Files\WindowsApps\Microsoft.BinginSpace_1.0.0.0_neutral__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-28] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-20] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-30] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.8.1.0_x64__nfy108tqq3p12 [2020-04-13] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ISOWINDOWMENU] -> {3A05F453-60CA-4311-9DA3-FE348CB76056} => C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu64.dll [2013-11-19] (Digiarty, Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll -> No File
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-03 16:57 - 2020-02-03 16:57 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_chrono-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000050688 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_date_time-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000644096 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_regex-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_system-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000093696 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_thread-vc140-mt-1_59.dll
2020-01-20 00:21 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-01-20 00:21 - 2017-09-12 11:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 010160640 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\b6ae466d7a9463f817980613f71e155c\AudialsComponents.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000111616 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\e019123296ef8e746a7a24b96ba0efdc\CrashHandlerNET.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000187904 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\5c659220332b151a3b247309c0a4fbdc\fastJSON.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000453120 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\82d5c25a1cfe3562275f096954e2de27\ManagedInterfaces.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 001970688 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\164c5430295d8ce7e2edab8e789688d7\RSControls.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000792064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\931ed88d7360ac65038d67d08d6c162a\Utils.ni.dll
2020-03-05 17:19 - 2020-03-05 17:19 - 034278400 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsGUI\9525eda8d94a7c4296d22f7cff737210\AudialsGUI.ni.dll
2020-03-05 17:19 - 2020-03-05 17:19 - 001319424 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsKernel\e117754bc05f1024b13a75ec94db9ad7\AudialsKernel.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000146432 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BaseServices\aec401f8c37c00b11840e46580697194\BaseServices.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000100864 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BaseServicesNet\10003beee14370dd20b620dd86d15197\BaseServicesNet.ni.dll
2020-03-05 17:17 - 2020-03-05 17:17 - 000658432 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\c523139c758a4a140419589cf95ea2b4\log4net.ni.dll
2019-07-12 17:52 - 2015-07-21 14:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll
2019-07-12 17:52 - 2015-07-21 14:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll
2020-01-20 00:21 - 2017-09-12 11:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-20 21:11 - 2020-04-14 17:06 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 canonicalizer.ucsuri.tcs
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chris\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG-20190831-WA0031.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5946C04A-2190-4C88-9DD2-F5E56C695828}] => (Allow) C:\Program Files (x86)\Audials\Audials 2020\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{21139847-1E76-490F-A9A7-AE87C8E83550}] => (Allow) LPort=12972
FirewallRules: [{FA48B68F-623F-4F75-9072-F7F964989972}] => (Allow) LPort=14714
FirewallRules: [{745E10AB-3CB6-4830-8DFD-8127562CAE35}] => (Allow) LPort=31931
FirewallRules: [{EA4E67C9-FBDF-4B41-B543-9E15269AAA12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Player\MP4Downloader.exe] => Enabled:MP4 Downloader
==================== Restore Points =========================
21-03-2020 17:06:13 Windows Update
31-03-2020 04:30:13 Scheduled Checkpoint
08-04-2020 12:51:23 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2020 05:01:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 03:31:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 03:01:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7312,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 01:15:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5492,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 01:05:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Bitdefender Antivirus status to SECURITY_PRODUCT_STATE_SNOOZED.
Error: (04/14/2020 12:07:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3480,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 11:38:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3236,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 11:21:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5804,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (04/14/2020 05:06:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:44:18 on ‎14/‎04/‎2020 was unexpected.
Error: (04/14/2020 03:23:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NRT0SVH)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (04/14/2020 03:22:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 01:04:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NRT0SVH)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (04/14/2020 11:57:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Vpn Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Freemake Improver service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Product Agent Service service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
===================================
Date: 2020-01-01 08:04:19.546
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.2588.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
CodeIntegrity:
===================================
Date: 2020-02-15 19:12:13.868
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-15 19:12:13.816
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-15 19:08:11.295
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:08.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:03.366
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:03.199
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:07:32.722
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:07:24.582
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info =========================== 
BIOS: Dell Inc. A16 08/06/2013
Motherboard: Dell Inc. 0D517D
Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8027.61 MB
Available physical RAM: 3992.55 MB
Total Virtual: 9307.61 MB
Available Virtual: 5030.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:929.67 GB) (Free:788.82 GB) NTFS
Drive d: (DVD_VIDEO) (CDROM) (Total:4.11 GB) (Free:0 GB) UDF
\\?\Volume{95574d95-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
\\?\Volume{95574d95-0000-0000-0000-608ae8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{95574d95-0000-0000-0000-40abe8000000}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 95574D95)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=929.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=525 MB) - (Type=27)
Partition 4: (Not Active) - (Size=857 MB) - (Type=27)
==================== End of Addition.txt =======================



https://ift.tt/3ciZc2N

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US