Featured Post

Best places to buy Kaspersky Anti-Virus in 2020 - Android Central

Image
Best places to buy Kaspersky Anti-Virus in 2020 - Android CentralBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralAntivirus Software Market Pin-Point Analyses of Industry Competition Dynamics to Offer You a Competitive Edge - 3rd Watch NewsAntivirus Software Market Research with Covid-19 after Effects - Apsters NewsAntivirus Software Market Scope by Trends, Opportunities to Expand Significantly by 2026 - Jewish Life NewsBest places to buy Kaspersky Anti-Virus in 2020 - Android CentralPosted: 28 Apr 2020 12:00 AM PDTKaspersky Anti-Virus is one of the best computer protection programs around, and has been thoroughly tested by several third-party labs and in our own in-house tests, too. The best place to purchase a copy of Kaspersky Anti-Virus is from Kaspersky itself. However, you can often find deals through other vendors. The trick is finding a trustworthy one, so you don't accidentally purchase and download malware instead of a legitimate copy of Kaspersky. Here a…

PC pressing tab by itself - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

PC pressing tab by itself - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer


PC pressing tab by itself - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 13 Apr 2020 06:19 PM PDT

Hey all
So ive had this issue where my PC just continuously presses the tab key and nothing i do will stop it. ive unplugged both my keyboard and mouse to see if they were causing any issues, uninstalled the drivers for both of them, updated windows, tried a clean boot sequence and even turned off the pc and let it sit for a couple minutes before switching it back on. ive already ran a scan with Malwarebytes and no threats have been detected. this issue is very random as it happened a few weeks a go for a couple minutes, stopped for around 2-3 weeks and just suddenly come back and wont go. i would appreciate it if anyone could help me with this problem (could possibly be some sort of keypress malware) - anyway i was thinking of downloading rkill, adwcleaner, tdss killer and even jrt to see if any unwanted exes could be stopped and then be found with MBAM.

update 1: ok so somewhat found a temporary fix to this. in my device manager it was showing that i had drivers for 5 keyboards, so i uninstalled them one by one until i found the one causing the problem. it removed the problem, but now i am unable to use my keyboard and if i restart my pc, the problem is back.

Edited by farhaz9, Today, 08:27 AM.

password protected files cant scan - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 14 Apr 2020 09:19 AM PDT

my bitdefeder scan came up with 281 password protected files

they were all to do with freeware movie converter which i have paid version so could do without losing it

logs

thanks

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-04-2020
Ran by chris (administrator) on DESKTOP-NRT0SVH (Dell Inc. OptiPlex 760) (14-04-2020 17:13:19)
Running from C:\Users\chris\OneDrive\Desktop
Loaded Profiles: chris (Available Profiles: chris)
Platform: Windows 10 Pro Version 1909 18363.720 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Audials AG -> ) C:\Program Files (x86)\Audials\Audials 2020\AudialsNotifier.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe <3>
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\downloader.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <19>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\chris\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12624.20368.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mixbyte Inc -> Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [451928 2020-02-18] (Bitdefender SRL -> Bitdefender)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 2020\AudialsNotifier.exe [2200280 2020-02-03] (Audials AG -> )
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\MountPoints2: {a52ad130-6acb-11ea-8b0f-00e9170059fc} - "E:\HiSuiteDownLoader.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-08] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {19352892-A217-48AB-ABF8-61C93F774CC5} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [525632 2020-01-27] (Bitdefender SRL -> Bitdefender)
Task: {2CADAEF4-8744-4EF1-B886-0BFDBA07A6E5} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [490808 2019-11-27] (Bitdefender SRL -> Bitdefender)
Task: {AF83ECB7-0E57-47C9-B3C9-53539222547D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {C4350642-580F-4981-9095-CEEFD2885749} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-20] (Google Inc -> Google Inc.)
Task: {D084F21C-AAA7-419C-A34E-0F0DA3B5BA38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-20] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: 127.0.0.1 canonicalizer.ucsuri.tcs
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{b9419986-6e14-4053-b6d2-40d2cb967ec7}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-3746604060-3463744706-3131182942-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Trackers Blocking -> {159ff5d5-55f1-4d2f-b706-767a55f77abb} -> C:\Program Files\Bitdefender\Bitdefender Security\antispam32\bdtbie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2020-01-27] (Bitdefender SRL -> Bitdefender)
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi [2020-02-27] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/wallet/updates.json ]
FF HKLM\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF Extension: (Bitdefender Anti-tracker) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi [2020-03-02] [UpdateUrl:hxxps://download.bitdefender.com/windows/desktop/connect/antitracker/updates.json ]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2020-03-02] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{8B1E27AE-119E-456b-B22E-08C61FACB097}] - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi
FF Extension: (MP4 Downloader Extension) - C:\Program Files (x86)\Tomabo\MP4 Player\MP4D_FF.xpi [2016-07-26] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff.xpi
FF HKLM-x32\...\Firefox\Extensions: [bdtbe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbef.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
CHR Profile: C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default [2020-04-14]
CHR Notifications: Default -> hxxps://plus.betway.com; hxxps://videoconverter.wondershare.com
CHR Extension: (Slides) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-20]
CHR Extension: (Docs) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-20]
CHR Extension: (Google Drive) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-20]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-03-21]
CHR Extension: (YouTube) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-20]
CHR Extension: (Send to Kindle for Google Chrome) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdjpilhipecahhcilnafpblkieebhea [2020-02-18]
CHR Extension: (Sheets) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-20]
CHR Extension: (Bitdefender Wallet) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2020-04-05]
CHR Extension: (Google Docs Offline) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-04-08]
CHR Extension: (Bitdefender Anti-tracker) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\khndhdhbebhaddchcgnalcjlaekbbeof [2020-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-05]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl]
CHR HKLM-x32\...\Chrome\Extension: [khndhdhbebhaddchcgnalcjlaekbbeof]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [3401600 2020-02-17] (AnchorFree Inc -> AnchorFree Inc.)
R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195344 2018-03-22] (Bitdefender SRL -> Bitdefender)
R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [465424 2020-02-18] (Bitdefender SRL -> Bitdefender)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [119368 2019-12-06] (Bitdefender SRL -> Bitdefender)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-03-17] (Mixbyte Inc -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-13] (Malwarebytes Inc -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1329240 2020-01-15] (Bitdefender SRL -> Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [151656 2020-01-27] (Bitdefender SRL -> Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\bdservicehost.exe [803576 2020-01-27] (Bitdefender SRL -> Bitdefender)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-01] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2019-12-16] (AnchorFree Inc -> The OpenVPN Project)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-09-23] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739264 2019-07-29] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-03-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R0 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [46056 2020-01-17] (Bitdefender SRL -> © Bitdefender SRL)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (Bitdefender SRL -> BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DigiartyVirtualCDBus; C:\WINDOWS\System32\drivers\DigiartyVirtualCDBus.sys [276256 2020-03-20] (Digiarty, Inc. -> Digiarty Software, Inc.)
R3 e1kexpress; C:\WINDOWS\system32\DRIVERS\e1k63x64.sys [498032 2013-02-20] (Intel Corporation -> Intel Corporation)
R0 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564136 2019-11-18] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [188384 2018-11-28] (Bitdefender SRL -> BitDefender LLC)
R2 Ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [196392 2019-07-04] (Bitdefender SRL -> Bitdefender)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-06] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [226448 2020-02-11] (Malwarebytes Inc -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-02-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-04-14] (Malwarebytes Inc -> Malwarebytes)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2019-03-19] (Microsoft Windows -> MediaTek Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [44976 2018-09-07] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [610640 2019-01-14] (Bitdefender SRL -> Bitdefender)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-01] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-01] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-14 15:24 - 2020-04-14 15:24 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-04-14 15:22 - 2020-04-14 15:22 - 000448512 _____ (OldTimer Tools) C:\Users\chris\Downloads\TFC.exe
2020-04-14 11:56 - 2020-04-14 11:56 - 008196784 _____ (Malwarebytes) C:\Users\chris\Downloads\adwcleaner_8.0.4 (1).exe
2020-04-14 11:56 - 2020-04-14 11:56 - 001965536 _____ (Malwarebytes) C:\Users\chris\Downloads\MBSetup (2).exe
2020-04-06 10:52 - 2020-04-06 10:52 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-04-05 15:42 - 2020-04-05 15:42 - 008196784 _____ (Malwarebytes) C:\Users\chris\Downloads\adwcleaner_8.0.4.exe
2020-04-05 15:36 - 2020-04-05 15:36 - 014566496 _____ (ESET spol. s r.o.) C:\Users\chris\Downloads\esetonlinescanner.exe
2020-04-05 15:33 - 2020-04-05 15:33 - 000000000 ____D C:\ProgramData\dbg
2020-04-05 15:32 - 2020-04-05 15:32 - 000161528 _____ C:\ProgramData\vpn.1586097140.bdinstall.v2.bin
2020-04-05 15:32 - 2020-04-05 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender VPN
2020-04-05 15:32 - 2019-12-16 13:49 - 000048624 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aftap0901.sys
2020-04-05 15:29 - 2020-04-05 15:29 - 000823464 _____ C:\ProgramData\cl.1586096711.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000138640 _____ C:\ProgramData\dm.1586096985.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000102260 _____ C:\ProgramData\cl.kit.1586096705.bdinstall.v2.bin
2020-04-05 15:29 - 2020-04-05 15:29 - 000003420 _____ C:\WINDOWS\system32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2020-04-05 15:27 - 2020-04-05 15:32 - 000002195 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2020-04-05 15:27 - 2020-04-05 15:32 - 000002195 _____ C:\ProgramData\Desktop\Bitdefender VPN.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000002342 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000002342 _____ C:\ProgramData\Desktop\Bitdefender.lnk
2020-04-05 15:27 - 2020-04-05 15:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2020-04-05 15:27 - 2019-03-21 01:12 - 000022960 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys
2020-04-05 15:26 - 2020-01-17 03:03 - 000046056 _____ (© Bitdefender SRL) C:\WINDOWS\system32\Drivers\bdprivmon.sys
2020-04-05 15:26 - 2019-11-18 20:08 - 000564136 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2020-04-05 15:26 - 2019-09-23 09:43 - 001693368 _____ (Bitdefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\atc.sys
2020-04-05 15:26 - 2019-07-29 16:32 - 000739264 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bddci.sys
2020-04-05 15:26 - 2018-04-27 08:45 - 000096448 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys
2020-04-05 15:25 - 2020-04-05 16:31 - 000000000 ____D C:\ProgramData\Bitdefender
2020-04-05 15:25 - 2020-04-05 15:29 - 000000000 ____D C:\Users\chris\AppData\Roaming\Bitdefender
2020-04-05 15:25 - 2020-04-05 15:25 - 000003802 _____ C:\WINDOWS\system32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2020-04-05 15:25 - 2020-04-05 15:25 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2020-04-05 15:25 - 2019-07-04 12:15 - 000196392 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2020-04-05 15:25 - 2019-01-14 17:25 - 000610640 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\trufos.sys
2020-04-05 15:25 - 2018-11-28 06:45 - 000188384 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys
2020-04-05 15:23 - 2020-04-05 15:29 - 000000000 ____D C:\Program Files\Bitdefender Agent
2020-04-05 15:23 - 2020-04-05 15:23 - 000113636 _____ C:\ProgramData\agent.1586096585.bdinstall.v2.bin
2020-04-05 15:22 - 2020-04-05 15:22 - 012422992 _____ C:\Users\chris\Downloads\bitdefender_windows_e29ebc86-9bd6-40d0-8f62-c511d7d28d82.exe
2020-03-22 22:56 - 2020-03-22 23:07 - 835703352 _____ C:\Users\chris\Downloads\1990.mp4
2020-03-21 16:04 - 2020-03-21 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2020-03-21 16:04 - 2020-03-21 16:04 - 000001397 _____ C:\Users\Public\Desktop\Freemake Video Converter.lnk
2020-03-21 16:04 - 2020-03-21 16:04 - 000001397 _____ C:\ProgramData\Desktop\Freemake Video Converter.lnk
2020-03-21 16:04 - 2020-03-21 16:04 - 000000000 ____D C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2020-03-21 16:03 - 2020-03-21 16:03 - 001012056 _____ (Mixbyte Inc. ) C:\Users\chris\Downloads\FreemakeVideoConverterSetup_95796aec-0b65-1392-1eb0-bba3ba966322 (2).exe
2020-03-21 02:55 - 2020-03-21 02:55 - 014562400 _____ (ESET spol. s r.o.) C:\Users\chris\Downloads\esetonlinescanner_enu (2).exe
2020-03-21 01:22 - 2020-03-21 05:49 - 000000000 ____D C:\Users\chris\AppData\Roaming\HandBrake
2020-03-21 01:21 - 2020-03-21 16:02 - 000000000 ____D C:\Program Files\HandBrake
2020-03-21 01:18 - 2020-03-21 01:18 - 000000000 ____D C:\Users\chris\AppData\Roaming\10692
2020-03-21 01:14 - 2020-03-21 01:14 - 000000171 _____ C:\Users\chris\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-03-21 01:14 - 2020-03-21 01:14 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-03-21 01:13 - 2020-03-21 01:15 - 000000000 ____D C:\Users\chris\OneDrive\Documents\DVDFabCommon
2020-03-21 01:12 - 2020-03-21 01:14 - 000000000 ____D C:\Users\chris\OneDrive\Documents\DVDFab11
2020-03-20 19:43 - 2020-03-20 19:44 - 000000000 ____D C:\Users\chris\AppData\Roaming\Subtitle Edit
2020-03-20 19:43 - 2020-03-20 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subtitle Edit
2020-03-20 19:43 - 2020-03-20 19:43 - 000000000 ____D C:\Program Files\Subtitle Edit
2020-03-20 18:19 - 2020-03-20 20:16 - 000000000 ____D C:\Users\chris\OneDrive\Documents\Wondershare DVD Creator
2020-03-20 17:53 - 2020-03-21 01:52 - 000000000 ____D C:\Users\chris\OneDrive\Documents\Wondershare Filmora 9
2020-03-20 17:11 - 2020-03-20 17:11 - 000000000 ____D C:\Users\chris\AppData\Roaming\AVS4YOU
2020-03-20 17:09 - 2020-03-20 19:53 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2020-03-20 17:09 - 2020-03-20 17:11 - 000000000 ____D C:\ProgramData\AVS4YOU
2020-03-20 17:09 - 2012-03-23 19:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2020-03-20 09:58 - 2020-03-20 09:58 - 000000000 ____D C:\Users\chris\AppData\Local\FreemakeVideoConverter
2020-03-20 09:57 - 2020-03-21 16:04 - 000000000 ____D C:\Program Files (x86)\Freemake
2020-03-20 09:57 - 2020-03-20 09:58 - 000000000 ____D C:\ProgramData\Freemake
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-04-14 17:14 - 2019-01-30 20:33 - 000000000 ____D C:\FRST
2020-04-14 17:08 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-04-14 17:06 - 2019-12-21 19:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-04-14 17:06 - 2019-12-21 19:36 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-04-14 16:13 - 2019-12-21 19:52 - 000776292 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-14 16:13 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-14 15:23 - 2019-03-19 05:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-04-14 11:12 - 2019-07-01 22:03 - 000000000 ____D C:\Users\chris\AppData\Local\D3DSCache
2020-04-14 11:10 - 2019-12-21 19:43 - 000000000 ____D C:\Users\chris
2020-04-13 22:13 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-04-13 22:13 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-04-13 21:46 - 2019-03-21 21:25 - 000000000 ____D C:\Users\chris\AppData\Roaming\vlc
2020-04-13 21:45 - 2019-03-21 21:26 - 000000000 ____D C:\Users\chris\AppData\Roaming\dvdcss
2020-04-13 21:40 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-04-08 08:04 - 2019-03-20 21:24 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-08 08:04 - 2019-03-20 21:24 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-08 08:04 - 2019-03-20 21:24 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-06 10:52 - 2020-01-31 23:15 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-05 15:32 - 2020-01-01 09:13 - 000000000 ____D C:\Program Files\Bitdefender
2020-04-05 15:17 - 2019-06-05 02:03 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-04-05 15:12 - 2019-12-21 19:36 - 000313464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-21 16:04 - 2020-01-20 00:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2020-03-21 16:04 - 2020-01-20 00:21 - 000000000 ____D C:\Program Files (x86)\Wondershare
2020-03-21 03:04 - 2019-12-21 19:57 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 03:04 - 2019-12-21 19:57 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-21 01:53 - 2019-07-11 18:10 - 000099384 _____ C:\Users\chris\AppData\Roaming\inst.exe
2020-03-21 01:53 - 2019-07-11 18:10 - 000082816 _____ (VSO Software) C:\Users\chris\AppData\Roaming\pcouffin.sys
2020-03-21 01:53 - 2019-07-11 18:10 - 000007859 _____ C:\Users\chris\AppData\Roaming\pcouffin.cat
2020-03-21 01:53 - 2019-07-11 18:10 - 000000000 ____D C:\Users\chris\AppData\Roaming\VSO
2020-03-21 01:53 - 2019-07-11 18:10 - 000000000 ____D C:\Program Files (x86)\VSO
2020-03-21 01:53 - 2019-01-30 01:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VSO
2020-03-21 01:12 - 2017-12-18 18:05 - 000000000 ___RD C:\Users\chris\OneDrive
2020-03-20 23:29 - 2019-11-23 05:12 - 000000000 ____D C:\Users\chris\OneDrive\Documents\ConvertXToDVD
2020-03-20 23:28 - 2019-11-23 05:13 - 000000000 ____D C:\Users\chris\OneDrive\Documents\ConvertXtoDVD_Resources
2020-03-20 19:53 - 2020-01-20 00:31 - 000000000 ____D C:\Users\chris\AppData\Roaming\DVDVideoSoft
2020-03-20 17:54 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-03-20 10:01 - 2019-07-01 21:47 - 000276256 _____ (Digiarty Software, Inc.) C:\WINDOWS\system32\Drivers\DigiartyVirtualCDBus.sys
2020-03-18 15:49 - 2019-12-21 19:57 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 15:49 - 2019-06-13 19:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 15:39 - 2019-12-21 19:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3746604060-3463744706-3131182942-1001
2020-03-18 15:39 - 2019-12-21 19:43 - 000002367 _____ C:\Users\chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories ========
2020-03-21 01:14 - 2020-03-21 01:14 - 000000171 _____ () C:\Users\chris\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2019-07-11 18:10 - 2020-03-21 01:53 - 000099384 _____ () C:\Users\chris\AppData\Roaming\inst.exe
2019-07-11 18:10 - 2020-03-21 01:53 - 000007859 _____ () C:\Users\chris\AppData\Roaming\pcouffin.cat
2019-07-11 18:10 - 2020-03-21 01:53 - 000001167 _____ () C:\Users\chris\AppData\Roaming\pcouffin.inf
2019-07-11 18:10 - 2020-03-21 01:53 - 000000055 _____ () C:\Users\chris\AppData\Roaming\pcouffin.log
2019-07-11 18:10 - 2020-03-21 01:53 - 000082816 _____ (VSO Software) C:\Users\chris\AppData\Roaming\pcouffin.sys
2019-12-14 00:37 - 2019-12-14 00:37 - 000004608 _____ () C:\Users\chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2020
Ran by chris (14-04-2020 17:17:01)
Running from C:\Users\chris\OneDrive\Desktop
Windows 10 Pro Version 1909 18363.720 (X64) (2019-12-21 18:58:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3746604060-3463744706-3131182942-500 - Administrator - Disabled)
chris (S-1-5-21-3746604060-3463744706-3131182942-1001 - Administrator - Enabled) => C:\Users\chris
DefaultAccount (S-1-5-21-3746604060-3463744706-3131182942-503 - Limited - Disabled)
Guest (S-1-5-21-3746604060-3463744706-3131182942-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3746604060-3463744706-3131182942-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
FW: Bitdefender Firewall (Disabled) {362C5A58-E860-6396-9204-BEEEF20CA463}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Audials 2020 (HKLM-x32\...\{31199640-4E69-487D-8F83-9F0943DD8F8E}) (Version: 20.2.12.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 24.0.1.161 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 24.0.14.86 - Bitdefender)
Bitdefender Total Security (HKLM\...\Bitdefender) (Version: 24.0.16.95 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 24.0.4.702 - Bitdefender)
calibre 64bit (HKLM\...\{2E30EF94-3222-47C1-BFEA-112D0FCF2D07}) (Version: 4.10.1 - Kovid Goyal)
eBook Converter Bundle 3.19.918.425 (HKLM-x32\...\{74173236-3507-49A7-A0FC-1BDABF0A9338}_is1) (Version: 3.19.918.425 - eBook Converter Team)
Freemake Video Converter version 4.1.11 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.11 - Mixbyte Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.163 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
InPlay IPTV (HKLM-x32\...\{BCF20ECF-4CFE-4128-B7DB-9EE219C40888}) (Version: 4.4.10 - Cobain ltd)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
MP4 Player 3 (HKLM-x32\...\MP4 Player_is1) (Version:  - Tomabo)
Subtitle Edit 3.5.14 (HKLM\...\SubtitleEdit_is1) (Version: 3.5.14.1 - Nikse)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinX DVD Copy Pro 3.9.1 (HKLM\...\WinX DVD Copy Pro_is1) (Version:  - Digiarty Software,Inc.)
WinX DVD Ripper Platinum 8.8.0 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Bing in Space -> C:\Program Files\WindowsApps\Microsoft.BinginSpace_1.0.0.0_neutral__8wekyb3d8bbwe [2019-07-30] (Microsoft Corporation)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.1.4081.0_x64__rz1tebttyb220 [2020-01-28] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-20] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-20] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-30] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.8.1.0_x64__nfy108tqq3p12 [2020-04-13] (Thumbmunkeys Ltd) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [ISOWINDOWMENU] -> {3A05F453-60CA-4311-9DA3-FE348CB76056} => C:\Program Files\Digiarty\WinX_DVD_Copy_Pro\IsoWindowMenu64.dll [2013-11-19] (Digiarty, Inc. -> TODO: <Company name>)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll -> No File
ContextMenuHandlers1: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers1: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-01-31] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Tomabo.MP4Converter] -> {67A979E9-C5A6-4C0F-B0B7-FB516406FA9E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll [2015-07-21] (Tomabo) [File not signed]
ContextMenuHandlers6: [Tomabo.MP4Player] -> {DA4F8B8B-91CF-43AD-BB0B-B52BF770DA3E} => C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll [2015-07-21] (Tomabo) [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-02-03 16:57 - 2020-02-03 16:57 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_chrono-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000050688 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_date_time-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000644096 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_regex-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000019456 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_system-vc140-mt-1_59.dll
2020-02-03 16:57 - 2020-02-03 16:57 - 000093696 _____ () [File not signed] C:\Program Files (x86)\Audials\Audials 2020\boost_thread-vc140-mt-1_59.dll
2020-01-20 00:21 - 2016-07-21 11:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2020-01-20 00:21 - 2017-09-12 11:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 010160640 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\b6ae466d7a9463f817980613f71e155c\AudialsComponents.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000111616 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\e019123296ef8e746a7a24b96ba0efdc\CrashHandlerNET.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000187904 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\5c659220332b151a3b247309c0a4fbdc\fastJSON.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000453120 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\82d5c25a1cfe3562275f096954e2de27\ManagedInterfaces.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 001970688 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\RSControls\164c5430295d8ce7e2edab8e789688d7\RSControls.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000792064 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\931ed88d7360ac65038d67d08d6c162a\Utils.ni.dll
2020-03-05 17:19 - 2020-03-05 17:19 - 034278400 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsGUI\9525eda8d94a7c4296d22f7cff737210\AudialsGUI.ni.dll
2020-03-05 17:19 - 2020-03-05 17:19 - 001319424 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsKernel\e117754bc05f1024b13a75ec94db9ad7\AudialsKernel.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000146432 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BaseServices\aec401f8c37c00b11840e46580697194\BaseServices.ni.dll
2020-03-05 17:18 - 2020-03-05 17:18 - 000100864 _____ (Audials AG) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BaseServicesNet\10003beee14370dd20b620dd86d15197\BaseServicesNet.ni.dll
2020-03-05 17:17 - 2020-03-05 17:17 - 000658432 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\c523139c758a4a140419589cf95ea2b4\log4net.ni.dll
2019-07-12 17:52 - 2015-07-21 14:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4C_WS.dll
2019-07-12 17:52 - 2015-07-21 14:50 - 000055296 _____ (Tomabo) [File not signed] C:\Program Files (x86)\Tomabo\MP4 Player\MP4P_WS.dll
2020-01-20 00:21 - 2017-09-12 11:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-20 21:11 - 2020-04-14 17:06 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 canonicalizer.ucsuri.tcs
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3746604060-3463744706-3131182942-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\chris\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG-20190831-WA0031.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{5946C04A-2190-4C88-9DD2-F5E56C695828}] => (Allow) C:\Program Files (x86)\Audials\Audials 2020\Audials.exe (Audials AG -> Audials AG)
FirewallRules: [{21139847-1E76-490F-A9A7-AE87C8E83550}] => (Allow) LPort=12972
FirewallRules: [{FA48B68F-623F-4F75-9072-F7F964989972}] => (Allow) LPort=14714
FirewallRules: [{745E10AB-3CB6-4830-8DFD-8127562CAE35}] => (Allow) LPort=31931
FirewallRules: [{EA4E67C9-FBDF-4B41-B543-9E15269AAA12}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Tomabo\MP4 Player\MP4Downloader.exe] => Enabled:MP4 Downloader
==================== Restore Points =========================
21-03-2020 17:06:13 Windows Update
31-03-2020 04:30:13 Scheduled Checkpoint
08-04-2020 12:51:23 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
Name: PCI Serial Port
Description: PCI Serial Port
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/14/2020 05:01:32 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10792,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 03:31:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5556,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 03:01:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7312,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 01:15:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5492,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 01:05:04 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating Bitdefender Antivirus status to SECURITY_PRODUCT_STATE_SNOOZED.
Error: (04/14/2020 12:07:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3480,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 11:38:03 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3236,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (04/14/2020 11:21:34 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5804,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (04/14/2020 05:06:47 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 16:44:18 on ‎14/‎04/‎2020 was unexpected.
Error: (04/14/2020 03:23:24 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NRT0SVH)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (04/14/2020 03:22:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 01:04:58 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-NRT0SVH)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.
Error: (04/14/2020 11:57:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Vpn Service service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Freemake Improver service terminated unexpectedly. It has done this 1 time(s).
Error: (04/14/2020 11:57:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bitdefender Product Agent Service service terminated unexpectedly. It has done this 1 time(s).
Windows Defender:
===================================
Date: 2020-01-01 08:04:19.546
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.305.2588.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16500.1
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
CodeIntegrity:
===================================
Date: 2020-02-15 19:12:13.868
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-15 19:12:13.816
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2020-02-15 19:08:11.295
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:08.228
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:03.366
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:08:03.199
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:07:32.722
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2020-02-15 19:07:24.582
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info =========================== 
BIOS: Dell Inc. A16 08/06/2013
Motherboard: Dell Inc. 0D517D
Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 50%
Total physical RAM: 8027.61 MB
Available physical RAM: 3992.55 MB
Total Virtual: 9307.61 MB
Available Virtual: 5030.64 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:929.67 GB) (Free:788.82 GB) NTFS
Drive d: (DVD_VIDEO) (CDROM) (Total:4.11 GB) (Free:0 GB) UDF
\\?\Volume{95574d95-0000-0000-0000-100000000000}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.17 GB) NTFS
\\?\Volume{95574d95-0000-0000-0000-608ae8000000}\ () (Fixed) (Total:0.51 GB) (Free:0.08 GB) NTFS
\\?\Volume{95574d95-0000-0000-0000-40abe8000000}\ () (Fixed) (Total:0.84 GB) (Free:0.34 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 95574D95)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=929.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=525 MB) - (Type=27)
Partition 4: (Not Active) - (Size=857 MB) - (Type=27)
==================== End of Addition.txt =======================

This is the worst situation I&#039;ve ever been - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Posted: 14 Apr 2020 07:10 AM PDT

Hello,

I dont really know where to start so I'll give few things that I made and what's happend.

Probably I've got infected by KMS (malware?) and system probably is being totally messed up. Something things messed up in registry. I dont really know what to do

What I can't:

I cant open malware bytes. Tried got Info about "cant open anti-rootkit"

I pulled out internet cable, now when I pull it back internet doesn't work

I cant plug my phone so I can transfer my registry

I cant install zemana antimalware 

There's info in a lot of places that access denied

Tried connect computers by LAN didnt work 

What I have that could help:

I can open services

I've got full registry from about 2 weeks ago 

I can open system log 

I can upload a photo of 

in registry I can see strange and suspicious names that doesn't seem like they belong there

I didnt reboot my computer since this 

I've got RSIT but I've never opened this 

If it's needed I can attach photos

Edited by reyknd, Today, 09:10 AM.

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US