Solved Hey i think i have a virus or malware

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

Reckless995

PCHF Member
PCHF Member
Jun 3, 2018
18
0
39
Hey the other day my net went down for 2 days i got it back up saturday but all my eternet prperties were wiped out it says i need to install protocal and enable it so i dunno what to do to get rid of the infection i tried doing scans and what not plz help btw iam on Windows 10...
 

gus

PCHF Administrator
Administrator
Security Team
PCHF Donator
Malware Teacher
Jul 19, 2016
4,373
1,835
pchelpforum.net
HelloReckless995 and welcome to PCHF:)
My Name is Gus and I'll be helping you. Before we start can I ask you to read these instructions carefully and if possible print them out for use as we go through the cleaning process. Depending on what tools are in use you may not have access to these instructions.

  • If you are unsure of any request as we progress PLEASE ASK, and remember as we proceed that there is no such thing as a silly question.
  • Please let me know if you are receiving help at another forum on this issue so I can close this thread?
  • At the right hand top of your first post please click on the"Watch thread" marker so you will receive an immediate alert when I reply.
  • Please do not run any tools other than the ones we ask you to, some can be very dangerous and actually make things worse.
  • Should any tools we ask you to use give you a security warning you can safely allow them to run, they have all been proven safe.
  • Download any requested tools and make sure to run them from the desktop, unless specifically instructed otherwise.
  • Please do not install any other software whilst we cleanup, this can complicate the process, making cleaning impossible.
  • With malware it can be impossible to determine the outcome, and whilst we will work to a positive result we strongly recommend you backup all your personal files and folders before we begin.
  • As we proceed with disinfecting it may appear as if your computer is back to normal, but please stay with me till I give you the all clear. In return I will do the same for you.
  • Do remember the fixes used to clean your machine are meant for your computer only, and the use on another computer may cause serious damage to that machine.
  • When your machine has been cleaned we will remove all the tools used, and also give you some tips to keep your computer clean and safe in the future.
  • Finally, please allow me a little time to analyse any logs I request from you, I know you want your computer cleaned yesterday but please remember we are all volunteers here and we do have a life that sometimes takes us away from computers. If your thread gets closed due to no response from you you can PM me or a staff member and have it reopened. Should you not hear from me within 48 hours please PM me.
  • That's the last of the fine print so lets get under way:)

We need a log from Farbar Recovery Scan Tool (FRST) to examine your system.

Please download the FRST 32 bit or FRST 64bit version to suit your operating system. It is important FRST is downloaded to your desktop.

If you are unsure if your operating system is 32 or 64 Bit please go HERE.

Once downloaded right click the FRST desktop icon and select "Run as administrator" from the menu"



If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.



  1. Accept the default whitelist options,
  2. If the additions.txt options box is not checked please select it.
  3. Then select "Scan"


Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.



Please COPY and PASTE the contents of these two files in your next post.

Please go HERE and download AdwCleaner to your Desktop. Once downloaded right click the new icon and select Run as Administrator from the context menu to open the program. It will open at the Dashboard tab and no further changes to the program are necessary at this stage.

Click the Scan Now button.



Allow AdwCleaner to start scanning and depending on the amount of data on your PC it may take some time. At the conclusion of the scan any content considered unnecessary will be displayed in the Scan Results box. Ensure all items are selected for removal and click "Clean & Repair"



After selecting "Clean & Repair" another dialogue box may appear asking to restart now or later. If so choose "Clean & Restart Now"



Once the PC has restarted if AdwCleaner does not restart then open it again and click "Log Files" tab on the left. All log files will be listed. If you have used the program previously you may have several logs to select from so double click the most recent "Clean" log and it will open a notepad file on your Desktop.

Please COPY and PASTE the contents of that file in your next post:)

So your next post should contain the pasted contents of
FRST.txt
Addition.txt
and the adwCleaner file.
 

Reckless995

PCHF Member
PCHF Member
Jun 3, 2018
18
0
39
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03.06.2018
Ran by Terry (03-06-2018 23:45:01)
Running from C:\Users\Terry\Downloads\Programs
Windows 10 Pro Version 1709 16299.248 (X64) (2017-12-15 17:07:40)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1394603120-2580528642-3254825011-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1394603120-2580528642-3254825011-503 - Limited - Disabled)
Guest (S-1-5-21-1394603120-2580528642-3254825011-501 - Limited - Enabled)
Terry (S-1-5-21-1394603120-2580528642-3254825011-1001 - Administrator - Enabled) => C:\Users\Terry
WDAGUtilityAccount (S-1-5-21-1394603120-2580528642-3254825011-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: AVG Antivirus (Enabled) {FD3E91FB-7C15-3254-D603-FC5F31625538}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.113 - Adobe Systems Incorporated)
Advanced SystemCare Ultimate 11 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 11.1.0 - IObit)
AVG Internet Security (HKLM-x32\...\AVG Antivirus) (Version: 18.4.3056 - AVG Technologies)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.10.67 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 22.0.19.242 - Bitdefender)
cb0t3 (HKLM-x32\...\{5E8F31E7-F56A-41E0-9EEC-770205AD7151}) (Version: 3.37 - oobe) Hidden
cb0t3 (HKLM-x32\...\cb0t3 3.37) (Version: 3.37 - oobe)
Complete Internet Repair 5.1.0.3895 (HKLM\...\Complete Internet Repair_is1) (Version: 5.1.0.3895 - Rizonesoft)
Disk SpeedUp 5.0.1.61 (HKLM-x32\...\Disk SpeedUp) (Version: 5.0.1.61 - Glarysoft Ltd)
Driver Booster 5 (HKLM-x32\...\Driver Booster_is1) (Version: 5.4.0 - IObit)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.294 - SurfRight B.V.)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 7.3.0.13 - IObit)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JRiver Media Center 24 (64-bit) (HKLM\...\Media Center 24 (64-bit)) (Version: 24 - JRiver, Inc.)
Malware Hunter 1.58.0.638 (HKLM-x32\...\Malware Hunter) (Version: 1.58.0.638 - Glarysoft Ltd)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-1394603120-2580528642-3254825011-1001\...\OneDriveSetup.exe) (Version: 18.091.0506.0003 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 ENU (HKLM\...\{8424B163-D1E0-48B7-88A2-C7A61767B3D7}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 61.0 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0 (x64 en-US)) (Version: 61.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Mp3tag v2.87a (HKLM-x32\...\Mp3tag) (Version: 2.87a - Florian Heidenreich)
MusicBee 3.1 (HKLM-x32\...\MusicBee) (Version: 3.1 - Steven Mayall)
Opera Stable 53.0.2907.68 (HKLM-x32\...\Opera 53.0.2907.68) (Version: 53.0.2907.68 - Opera Software)
qBittorrent 4.1.1 (HKLM-x32\...\qBittorrent) (Version: 4.1.1 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8264 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.2.1 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.2.1 - VS Revo Group, Ltd.)
RogueKiller version 12.12.19.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.19.0 - Adlice Software)
Smart Defrag 6 (HKLM-x32\...\Smart Defrag_is1) (Version: 6.0.0 - IObit)
Spotify (HKU\S-1-5-21-1394603120-2580528642-3254825011-1001\...\Spotify) (Version: 1.0.80.474.gef6b503e - Spotify AB)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.0.19 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Vivaldi (HKU\S-1-5-21-1394603120-2580528642-3254825011-1001\...\Vivaldi) (Version: 1.16.1195.3 - Vivaldi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22314 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2018-05-12] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-06-02] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich)
ContextMenuHandlers1: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [Advanced SystemCare] -> {2803063F-4B8D-4dc6-8874-D1802487FE2D} => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASCExtMenu_64.dll [2017-11-06] (IObit)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-03-29] (Florian Heidenreich)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShA64.dll [2018-06-02] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2018-03-02] (Glarysoft Ltd)
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll [2018-01-25] (IObit)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2016-12-15] (VS Revo Group)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\WINDOWS\System32\IObitSmartDefragExtension.dll [2016-03-25] (IObit)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {074F44BD-37E4-4202-8F07-CB1C6AD928F3} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
Task: {109C4AB1-556B-4FE6-A581-396E43DF4738} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> No File <==== ATTENTION
Task: {42C5540B-73A8-44E1-90AB-2F1BEB0FD19F} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> No File <==== ATTENTION
Task: {43C27A1B-7BD7-462B-86AC-99624072622F} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2018-05-02] (IObit)
Task: {4BFA5346-7A87-4303-BD55-8AB0D3ECB32E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-15] (Google Inc.)
Task: {4E62D3AD-6B24-43BF-B52F-296BCBDD18C0} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {5038195E-C106-4BE9-9E96-057D51225039} - System32\Tasks\Opera scheduled Autoupdate 1513729164 => C:\Program Files\Opera\launcher.exe [2018-05-23] (Opera Software)
Task: {54D80D21-585C-40F6-BD6A-FE8B4DDCF8BC} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> No File <==== ATTENTION
Task: {5B3AE678-934F-42B0-81D7-8F96400E632D} - System32\Tasks\Opera scheduled Autoupdate 1518898257 => C:\Program Files\Opera beta\launcher.exe
Task: {72F919BC-C4C1-40EF-B992-B0F798B95029} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-05-12] (Adobe Systems Incorporated)
Task: {854A4943-C376-447A-9B5B-A5F4B32CB3A0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {8589656E-F587-440C-B697-F9175F15ED4A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {8939E23F-E4B8-4B7F-B9C2-60B26156249E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {9945F099-08E2-421A-9E8D-7B1312E8EBF4} - System32\Tasks\Driver Booster SkipUAC (Terry) => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\DriverBooster.exe
Task: {A0907357-B0D4-44B7-A378-FD10B45237C8} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> No File <==== ATTENTION
Task: {A1652CE5-3830-4333-8BCC-D063976CB137} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {A3A53A30-C5F3-4351-BE2F-2223EF094077} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {B5717FA1-9C90-4852-BAFB-656071012F68} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\5.1.0\Scheduler.exe
Task: {B82B31DA-006F-4E5D-B595-A7E25B58C26E} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> No File <==== ATTENTION
Task: {C05310DA-F37C-409D-811A-C2586D3A7CC0} - \Microsoft\Windows\Setup\Notifier -> No File <==== ATTENTION
Task: {C5FD7412-D7EC-4E6B-8E9D-41864F7F0E49} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {D2EB3815-806F-4978-9CB5-DD68CEEE1600} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2018-05-09] (IObit)
Task: {D5AF2E03-7F09-426E-A9C2-8C7215C92F66} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2018-05-07] (IObit)
Task: {E8757D13-1261-4A89-875D-71E9CB38B8BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-05-15] (Google Inc.)
Task: {EA1C5BE4-8257-4462-A742-04A1765B0FB1} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> No File <==== ATTENTION
Task: {EDDB3E9C-6211-4572-A6D3-0501B5B44F86} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_161_pepper.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player NPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_Plugin.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_113_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Antivirus Emergency Update.job => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
Task: C:\WINDOWS\Tasks\Bitdefender Restart Notification for Update.job => C:\Program Files\Bitdefender\Bitdefender Security\bdrestartnotify.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Booster Scheduler.job => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\Scheduler.exe
Task: C:\WINDOWS\Tasks\Driver Booster SkipUAC (Terry).job => C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\WINDOWS\Tasks\GMHSkipUAC.job => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
Task: C:\WINDOWS\Tasks\Opera scheduled Autoupdate 1524979614.job => C:\Program Files\Opera\launcher.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_AutoAnalyze.job => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_Startup.job => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe
Task: C:\WINDOWS\Tasks\SmartDefrag_Update.job => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe
Task: C:\WINDOWS\Tasks\Tweaking.com - Windows Repair Tray Icon.job => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)Tweaking.com - Windows Repair)Created By Tweaking.com
Task: C:\WINDOWS\Tasks\Update for Yandex Browser.job => C:\Users\Terry\AppData\Local\Yandex\YandexBrowser\Application\browser.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{8F66B63B-D4F8-4E42-A79A-BB85E7AB3B7C}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\Yandex Browser system update.job => C:\Program Files (x86)\Yandex\YandexBrowser\18.3.1.1232\service_update.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-29 10:41 - 2017-09-29 10:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-05 19:05 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-02-14 01:56 - 2018-02-10 01:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-14 01:56 - 2018-02-10 01:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-15 00:17 - 2018-05-11 10:35 - 001583616 _____ () C:\Program Files\J River\Media Center 24\Plugins\in_mp3.dll
2018-05-15 00:17 - 2018-05-11 10:33 - 000856064 _____ () C:\Program Files\J River\Media Center 24\Plugins\in_flac.dll
2018-06-02 18:55 - 2018-06-02 18:55 - 000481008 _____ () c:\program files\avg\antivirus\streamback.dll
2018-02-09 21:53 - 2017-05-22 12:16 - 000442144 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2018-02-09 21:53 - 2017-05-22 12:16 - 000210720 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2018-02-09 21:53 - 2017-05-22 12:16 - 000059680 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2018-06-03 15:13 - 2016-08-18 18:43 - 000442144 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl
2018-06-03 15:13 - 2016-08-18 18:43 - 000210720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl
2018-06-03 15:13 - 2016-08-18 18:43 - 000059680 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl
2018-02-09 21:53 - 2018-01-25 18:02 - 000899856 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\webres.dll
2018-02-09 21:53 - 2018-01-25 18:01 - 000631568 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\ProductStatistics.dll
2018-02-09 21:53 - 2017-05-22 12:16 - 000524064 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\sqlite3.dll
2018-06-02 19:04 - 2018-06-02 19:04 - 067127976 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2018-05-18 04:22 - 2018-05-18 04:22 - 000086992 _____ () C:\Program Files (x86)\Glarysoft\Malware Hunter\zlib1.dll
2018-05-18 04:21 - 2018-05-18 04:21 - 000985040 _____ () C:\Program Files (x86)\Glarysoft\Malware Hunter\Libcodecs.dll
2018-05-18 04:22 - 2018-05-18 04:22 - 000336336 _____ () C:\Program Files (x86)\Glarysoft\Malware Hunter\Cloudscan\sqlite3.dll
2015-04-24 01:10 - 2015-04-24 01:10 - 001102424 _____ () C:\Program Files (x86)\cb0t3\avcodec-53.dll
2015-04-24 01:10 - 2015-04-24 01:10 - 000126040 _____ () C:\Program Files (x86)\cb0t3\avutil-51.dll
2015-04-24 01:10 - 2015-04-24 01:10 - 000193624 _____ () C:\Program Files (x86)\cb0t3\avformat-53.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\4DE7D36A.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\4DE7D36A.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\camsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\lfsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\semgrsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TokenBroker => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-06-01 23:11 - 2018-06-01 23:11 - 000000836 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1394603120-2580528642-3254825011-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Terry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7C9214FB-31E6-407E-9D2A-40054374403C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B7B9F439-FB2B-44B1-B413-BF0C09BD22CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{78B2D224-AEB6-4C2A-A617-8C3A1099C08D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{780F7754-434A-4DD2-84C5-90BA6E24424D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{58B2AEE7-6D3B-4ECE-9A7E-94DEEAD8DA22}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5278779F-5DC0-4FD8-A39F-C5310CE5424A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3B15B9A9-FD84-4D5E-B0DA-04EBBC4A202C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{08FCD8AD-45E0-46B7-90EA-4E8037FE7BCD}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{D3A31CF3-52A6-49A1-BBD6-5368B3E1A6BE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
FirewallRules: [{48D51D30-06F4-484D-897E-4CD6B19113C1}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DriverBooster.exe
FirewallRules: [{427A1181-32FF-4315-A2E8-F21B92D9A04B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DBDownloader.exe
FirewallRules: [{2B79F827-0A70-4C3C-B652-3B54AFE6C853}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\DBDownloader.exe
FirewallRules: [{205BE5B9-B5E1-4090-9C40-1AEA616A2A54}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\AutoUpdate.exe
FirewallRules: [{043EA265-C870-4845-BD4F-DB46BF5D8B1B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\5.4.0\AutoUpdate.exe
FirewallRules: [{28668566-FFB0-4165-931A-E3CC64102F7F}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe
FirewallRules: [{EF36B481-68C5-45AA-A52C-6C113ACDFE4F}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe

==================== Restore Points =========================

03-06-2018 15:25:58 Windows Modules Installer

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2018 11:46:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:46:34Z. Error Code: 0x80041315.

Error: (06/03/2018 11:46:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:46:04Z. Error Code: 0x80041315.

Error: (06/03/2018 11:45:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:45:34Z. Error Code: 0x80041315.

Error: (06/03/2018 11:45:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:45:04Z. Error Code: 0x80041315.

Error: (06/03/2018 11:44:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:44:34Z. Error Code: 0x80041315.

Error: (06/03/2018 11:44:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:44:04Z. Error Code: 0x80041315.

Error: (06/03/2018 11:43:34 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:43:34Z. Error Code: 0x80041315.

Error: (06/03/2018 11:43:04 PM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2118-05-11T02:43:04Z. Error Code: 0x80041315.


System errors:
=============
Error: (06/03/2018 07:15:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Sync Host_3b95c service terminated with the following error:
There are no more endpoints available from the endpoint mapper.

Error: (06/03/2018 07:15:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
Unspecified error

Error: (06/03/2018 07:14:41 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-O4KTB12)
Description: The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout.

Error: (06/03/2018 07:12:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
Unspecified error

Error: (06/03/2018 07:10:32 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/03/2018 07:08:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error:
Unspecified error

Error: (06/03/2018 07:04:18 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/03/2018 03:13:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The cpuz143 service failed to start due to the following error:
The system cannot find the file specified.


Windows Defender:
===================================
Date: 2018-06-02 13:48:46.640
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.1915.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-02 13:48:46.639
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-02 13:48:46.630
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.1915.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-02 13:48:46.630
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.1915.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2018-06-02 13:48:46.629
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.263.1915.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

CodeIntegrity:
===================================

Date: 2018-06-01 22:40:42.296
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 19:56:39.001
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 14:48:36.521
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 11:12:55.637
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 10:53:20.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 00:18:09.193
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-06-01 00:06:11.083
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-05-31 23:59:42.749
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 645 Processor
Percentage of memory in use: 91%
Total physical RAM: 5887.28 MB
Available physical RAM: 476.89 MB
Total Virtual: 8092.7 MB
Available Virtual: 1295.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:930.19 GB) (Free:845.73 GB) NTFS

\\?\Volume{0003ba39-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{0003ba39-0000-0000-0000-70abe8000000}\ () (Fixed) (Total:0 GB) (Free:0 GB)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0003BA39)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)
 

gus

PCHF Administrator
Administrator
Security Team
PCHF Donator
Malware Teacher
Jul 19, 2016
4,373
1,835
pchelpforum.net
The instructions given said to run from the desktop, please do so from now on.

The log file produced should be frst.txt, not frst.exe file

Also need AdwCleaner log please

Just looking quickly at your submitted log
Could you please remove Qbitorrent which may be the reason malware may be lurking on your PC. Bittorrents share more than you may realize.

Also recommend removing anything Iobit on your machine, suggest you use Revo to uninstall
Advanced system care
Driver Booster====Only get drivers from your hardware manufacturer
Iobit uninstaller
Smart Defrag

Recommend removing Malware Hunter as well.

Please let me know re removing the software above?
 
Last edited:

gus

PCHF Administrator
Administrator
Security Team
PCHF Donator
Malware Teacher
Jul 19, 2016
4,373
1,835
pchelpforum.net
Shall mark it solved, thank you for letting us know.
 
Status
Not open for further replies.