BitDefender Threat scanner error

Page 3 of 5 FirstFirst 12345 LastLast

  1. Posts : 135
    Windows 7 Home Premium 64bit
    Thread Starter
       #21

    just restarted and it did pop-up again about the bitdefender threat scanner error

    now what i am completely puzzled now
      My Computer


  2. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #22

    alexhob123 said:
    Bitdefender is not even installed on my laptop so what do I do now

    What if I delete the file will that fix it I just deleted it

    Or should I reinstall it again or what torchwood
    Hi alexhob123,

    I have a feeling that BitDefender is either hiding or the program was uninstalled and a driver left behind that is running at startup. To find out for sure I would appreciate if you followed the instructions below:

    Down Farbar Recovery Scan Tool to your desktop from one of the links below. You can follow the instructions in this link to change the download location for IE, Chrome, Firefox and Opera, depending on which ever browser you use. If you need more detailed instructions on how to change the default download location, just let me know which browser you prefer to use.

    For x64 bit systems download Farbar Recovery Scan Tool x64.


    • Right click on the FRST.exe and choose Run as administrator.
    • When the tool opens click Yes to disclaimer.
    • Under Optional Scan make sure there is a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
    • Press Scan button.
    • Please attach both logs in your next reply.



    Please attach the following 2 logs:

    FRST.txt
    Addition.txt


    Thank you,
    Donna :)
      My Computer


  3. Posts : 135
    Windows 7 Home Premium 64bit
    Thread Starter
       #23

    Okay I will give it a try the message didn't pop up when I shut down my laptop but should I do this just in case
      My Computer


  4. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #24

    Hi alexhob123,

    Yes. Please do. I would rather be safe than sorry.

    :)
      My Computer


  5. Posts : 135
    Windows 7 Home Premium 64bit
    Thread Starter
       #25

    okay here are results DonnaB
    BitDefender Threat scanner error Attached Files
      My Computer


  6. Posts : 135
    Windows 7 Home Premium 64bit
    Thread Starter
       #26

    I will be back on tomorrow dude hope to hear from you then
      My Computer


  7. Posts : 20,583
    Win-7-Pro64bit 7-H-Prem-64bit
       #27

    Hi,
    I don't know any "dudes" named Donna :)
      My Computer


  8. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #28

    alexhob123 said:
    I will be back on tomorrow dude hope to hear from you then
    ThrashZone said:
    Hi,
    I don't know any "dudes" named Donna :)
    I prefer dudette, myself.

    You have a bunch of plugins in Chrome that show No File. They can be removed by refreshing Google Chrome plugins cache as follows...


    • Type chrome://plugins into the address bar
    • Switch the status of the offending plugin to Disable, then back to Enable



    I saw nothing that is associated with BitDefender, though there is a need for some clean up here of orphaned files, tasks, etc. Please do as follows and let me know if you still get the error popup about on reboot. I am hoping a good cleaning of the temp folders will remove the file that is causing the error popup. The fix script is quite long so please make sure to copy everything in the script list. :)

    NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on any other machine may cause damage to your operating system


    • Open notepad (Start orb > type notepad into Start Search > chose notepad from list.
    • Please copy the entire contents of the code box below.
      (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    • Save it to the same directory as frst.exe (or frst64.exe) as fixlist.txt.

      Code:
      CreateRestorePoint:
      CloseProcesses:
      HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.com/ww.special-uninstallation-feedback-app?lic=SUFOUEctN1NBSVItTlVRVTItQTRFRkItSFBZU04tVg"&"inst=NzYtOTQ3MDM0NTcyLUZMMTArMS1TVVArMS1ERFQrMC1ERDEwRisxLVNUMTBGQVBQKzEtRjE (the data entry has 199 more characters).
      Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
      HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> 
      HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> 
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [HideSCAVolume] 0
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [HideSCAPower] 0
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [HideSCANetwork] 0
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [HideSCAHealth] 0
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [NoSaveSettings] 0
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
      HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: E - E:\Setup.now.exe
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: F - F:\Autorun.exe
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: G - G:\Launcher\LAUNCHER.EXE
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: {02567a19-5ed3-11e5-9df0-705ab6d00da5} - H:\Launcher.exe
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: {0e5eb27a-52e6-11e4-9904-705ab6d00da5} - E:\Setup.now.exe
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: {122b71fd-3747-11e4-bc9d-705ab6d00da5} - E:\Setup.now.exe
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: {122b7203-3747-11e4-bc9d-705ab6d00da5} - G:\Launcher\LAUNCHER.EXE
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\...\MountPoints2: {6a42d840-dba4-11e0-8875-806e6f6e6963} - G:\SETUP.EXE
      ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll No File
      ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll No File
      GroupPolicyScripts-x32\User: Restriction <======= ATTENTION
      HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      HKU\S-1-5-21-9838473-2416347081-955692511-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
      SearchScopes: HKU\.DEFAULT -> {2F0149B9-28EA-40B4-9523-541F101B026C} URL = hxxp://www.scanquery.com/?prt=SCANQUERY145&keywords={searchTerms}
      SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
      CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
      CHR HKLM\...\Chrome\Extension: [Yontoo Layers] - C:\Users\Alex\AppData\Local\Temp\Yontoo Layers <not found>
      CHR HKU\S-1-5-21-9838473-2416347081-955692511-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [Yontoo Layers] - C:\Users\Alex\AppData\Local\Temp\YontooLayers.crx <not found>
      CHR HKLM-x32\...\Chrome\Extension: [dnnajmlhehgnkclpdlggknanmcplloej] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx <not found>
      CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <not found>
      CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <no Path/update_url>
      S2 IAANTMON; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [X]
      S2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [X]
      S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [X]
      S3 OWSTimer; "C:\Program Files (x86)\Microsoft Office\Office\OWSTIMER.EXE" [X]
      S3 cpuz135; \??\C:\Program Files (x86)\CPUID\PC Wizard 2012\pcwiz_x64.sys [X]
      S3 cpuz137; \??\C:\Program Files (x86)\CPUID\PC Wizard 2013\pcwiz_x64.sys [X]
      S3 MFE_RR; \??\C:\Users\Alex\AppData\Local\Temp\mfe_rr.sys [X]
      S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
      S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
      S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
      S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
      C:\Users\Alex\AppData\Local\Temp\LEGOLOTR.exe
      C:\Users\Alex\AppData\Local\Temp\libeay32.dll
      C:\Users\Alex\AppData\Local\Temp\msvcr120.dll
      C:\Users\Alex\AppData\Local\Temp\sqlite3.dll
      CustomCLSID: HKU\S-1-5-21-9838473-2416347081-955692511-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
      CustomCLSID: HKU\S-1-5-21-9838473-2416347081-955692511-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Alex\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
      Task: {35BA54F1-9222-4473-BFA2-7D0AF2018164} - System32\Tasks\{8CEBFBC1-3B87-466C-9D53-1A7C3325425A} => pcalua.exe -a C:\Users\Alex\AppData\Local\Temp\{30D756A7-0D8B-44E5-ADED-5EEDF8A2EBE5}\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox" <==== ATTENTION
      Task: {4A9810FA-9640-4BE8-A079-C24B1505CE58} - System32\Tasks\Origin => C:\Windows\system32\config\systemprofile\AppData\Roaming\Origin\update.vbe <==== ATTENTION
      Task: {AB4807A8-F8BF-4845-ADEC-199388A757F2} - System32\Tasks\RegAce Scheduled Scan - Alex => C:\Program Files (x86)\RegAce System Suite\RegAce.exe
      Task: {B51EFE95-6CDE-4AF5-8405-33FE6845C581} - System32\Tasks\{7BC60DBC-67CD-4CC9-A45E-C6583CFF292E} => pcalua.exe -a C:\Users\Alex\AppData\Local\Temp\{5210E0CE-3F01-4A19-8AB1-9F1EF0594C0A}\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox" <==== ATTENTION
      Task: {ECC8D5E2-353A-4BAF-9CE0-A2729214AC47} - System32\Tasks\4575 => Wscript.exe C:\Users\Alex\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
      Task: C:\Windows\Tasks\RegAce Scheduled Scan - Alex.job => C:\Program Files (x86)\RegAce System Suite\RegAce.exe
      AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 [124]
      AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [278]
      AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D [124]
      AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]
      MSCONFIG\startupreg: AVG_TRAY => C:\Program Files (x86)\AVG\AVG10\avgtray.exe
      EmptyTemp:
    • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
    • The tool will make a log (Fixlog.txt) which you will find where you saved FRST. Please attach to your next reply.


    Next:

    • Right click on the FRST.exe and choose Run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Under Optional Scan place a checkmark in the box for Addition.txt to ensure it creates that 2nd log.
    • Press Scan button.
    • Please attach both logs in your next reply along with the Fixlog.txt.
      My Computer


  9. Posts : 135
    Windows 7 Home Premium 64bit
    Thread Starter
       #29

    here is the results

    Hope this is correct when you are on next time

    I just restarted via system restore and the message still keeps popping up so that didn't work either why however I will be removing BT Virus Protect soon because we are going on to virgin media and we won't be able to use it anymore so should i use BitDefender when we change to Virgin Media
    BitDefender Threat scanner error Attached Files
    Last edited by alexhob123; 28 Sep 2016 at 15:52.
      My Computer


  10. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #30

    Ok. Dudette is back online.

    And yep! That is correct. What do you mean by you "just restarted via system restore"?

    This very strange. Have you ever had BitDefender installed on this computer? Let's run the uninstall tool for BitDefender and see if that helps.

    You can find it >> here <<

    I see that BT Virus Protect had teamed up with McAfee. From my understanding, when you install BT Virus Protect it actually installs McAfee(see steps 3 and 4 in BT link).

    Not sure I like what I found here about BT/McAfee.

    To make the BT Virus Protect installation process as easy as possible, it will automatically detect and remove many existing software security packages (after asking for your permission).
    The appropriate way to change AV software is to use the previous AV's uninstaller to make sure all residual files have been removed. I usually then instruct the user to run the uninstall tool that was designed for that purpose to ensure ALL residual files have been remove that could cause conflict. I don't see how BT/McAfee could completely detect all the files from a previously installed program so they can be removed.

    I am not sure which AV suite Virgin offers, though whatever they offer you do not have to use it. Maybe one of the members here who has Virign can provide some insight on that. Personally, I have never been a big fan of AV's that were offered by any internet provider, at least not since my aging mother was scammed into believing it was "included" in the package she got and they never told her that she was actually paying $5.99 a month for.

    You can use BitDefender if you like. I am a big Avast fan myself. If you do choose to go with BitDefender, still use the uninstall tool I linked you to above. I want to see if that will remove whatever is making that popup appear. Otherwise, I am going to have you perform a search for that file and see if we can annihilate the bugger.

    You can delete the FRST/Addition.txt logs off your desktop if you like. There should be copies saved in the path below which will be removed when I have you uninstall the tool with a special removal tool I use once we get this error popup sorted out.

    C:\FRST\Logs
      My Computer


 
Page 3 of 5 FirstFirst 12345 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 08:37.
Find Us