Jump to content

Recommended Posts

Hi,

The setting to Star immediately or on demand is set for each application.

I see a number of errors associated with Bitdefender in your Addition.txt log.

That is why I asked that your remove it see  my post in No. 24.

Restart the computer when done.

Do not reinstall it just yet.

Run the Farbar program and post fresh logs.

I need to see if the new logs will show that Windows defender and your Firewall are enabled.

 

 

Link to post
Share on other sites

I can't seem to get rid of Bitdefender. I used their Uninstaller and ran Farbar again and the logs continue to claim that bitdefender is my AV. I see that others have encountered this issue with no clear answer on what course of action to take. Please advise!! I can continue to try to resolve this removal issue on my own but I'd rather wait for direction from you. 

Logs attached. 

Thank you. 

1578870861182_Addition.txt 1578870858714_FRST.txt

Link to post
Share on other sites

Hi,

Download and run this tool.

Please download the free version of Revo Uninstaller Portable from here and save the compressed file to your computer's Desktop.

  • Double-click the compressed file RevoUninstaller_Portable and extract the files within it (it will be created a folder with the same name);
  • Within that folder, right-click the file RevoUPort and select Run as administrator to open the tool;
  • Click Yes to accept the UAC security warning that may appear;
  • Click OK to accept the License Agreement and Copyright;
  • Select 'The Program to Remove' and click Uninstall. Follow the instructions to complete the removal process;
  • In 'Search Mode' set it to 'Advanced' and click on the Scan button. The tool will search for leftovers;
  • Click on Select All and then on Delete and then Yes to delete the selected items;
    Note: You may have to repeat this step to delete all the leftovers (Registry items, files and folders);
  • Click the Finish button and restart the computer to complete the removal process.


<<<>>>

Let me know what problem persists.


 

.

Link to post
Share on other sites

Hi,

Lets see what we can find in the Registry.
I can then give you a fix to remove it.

Run the Farbar program .exe as an Administrator.

In the Search text area, copy and paste the following:
Bitdefender
Once done, click on the Search Registry button and wait for FRST to finish the search
On completion, a log will open in Notepad. Copy and paste its content in your next reply
====

Link to post
Share on other sites
 
Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by skizz (16-01-2020 21:16:39)
Running from C:\FRST FarBar
Boot Mode: Normal

================== Search Registry: "Bitdefender" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D19631EE-4E47-4BA9-BA2E-C5FF909E2C61}\1.0\0\win32]
""="C:\Program Files\Bitdefender Agent\DiscoveryComp.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D19631EE-4E47-4BA9-BA2E-C5FF909E2C61}\1.0\HELPDIR]
""="C:\Program Files\Bitdefender Agent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AMSI\Options]
"DisplayName"="Bitdefender AMSI Provider"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppLaunch]
"Bitdefender.AntivirusFree"="2"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"Bitdefender.AntivirusFree"="30"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"="1"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"Bitdefender.AntivirusFree"="3"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Bitdefender.AntivirusFree]
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Bitdefender.AntivirusFree]
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\supporttool.exe"="0x5341435001000000000000000700000028000000B0DA13001097140001000000000000000000000A73220000631F6E6F0EDED4010000000000000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\bdagent.exe"="0x5341435001000000000000000700000028000000184518001BD4180001000000000000000000000A73220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000100000001000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Agent\installer\installer.exe"="0x534143500100000000000000070000002800000060EB0C006CAB0D0003000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000012170000000000000200000002000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"="0x5341435001000000000000000700000028000000F8D31500D38E160003000000000000000000000A00210000631F6E6F0EDED4010000000000000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"P:\11. Downloads\Bitdefender_2019_Uninstall_Tool.exe"="0x53414350010000000000000007000000280000002018AC004CA6AC0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000FD3E0000000000000100000001000000"

====== End of Search ======
 
 
 

 

Link to post
Share on other sites

Copy all the text IN THECODE BOX below to notepad. Save it as fixme.reg to your desktop.
Be sure the "Save as" type is set to "all files" Once you have saved Right click the .reg file and allow it to merge with the registry.
 

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D19631EE-4E47-4BA9-BA2E-C5FF909E2C61}\1.0\0\win32]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D19631EE-4E47-4BA9-BA2E-C5FF909E2C61}\1.0\HELPDIR]
""=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\AMSI\Options]
"DisplayName"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppLaunch]
"Bitdefender.AntivirusFree"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"Bitdefender.AntivirusFree"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"Bitdefender.AntivirusFree"=-
[-HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Notifications\Settings\Bitdefender.AntivirusFree]
[-HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\PushNotifications\Backup\Bitdefender.AntivirusFree]
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\supporttool.exe"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\bdagent.exe"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Agent\installer\installer.exe"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"=-
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"P:\11. Downloads\Bitdefender_2019_Uninstall_Tool.exe"=-

Restart the computer when completed.

You can delete the fixme.reg file when done.

===

If you need Bitdefender install it.


 

Link to post
Share on other sites

Failed. Please see below and attached. This was after registry update and reboot. 

 

 

Farbar Recovery Scan Tool (x64) Version: 15-01-2020
Ran by skizz (17-01-2020 22:27:26)
Running from C:\FRST FarBar
Boot Mode: Normal

================== Search Registry: "Bitdefender" ===========

[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"{6D809377-6AF0-444B-8957-A3773F02200E}\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"="1"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\supporttool.exe"="0x5341435001000000000000000700000028000000B0DA13001097140001000000000000000000000A73220000631F6E6F0EDED4010000000000000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\bdagent.exe"="0x5341435001000000000000000700000028000000184518001BD4180001000000000000000000000A73220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000100000001000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Agent\installer\installer.exe"="0x534143500100000000000000070000002800000060EB0C006CAB0D0003000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000012170000000000000200000002000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\Bitdefender Antivirus Free\kitinstaller\bpinstaller.exe"="0x5341435001000000000000000700000028000000F8D31500D38E160003000000000000000000000A00210000631F6E6F0EDED4010000000000000000"
[HKEY_USERS\S-1-5-21-1673900302-2435382068-390420314-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"P:\11. Downloads\Bitdefender_2019_Uninstall_Tool.exe"="0x53414350010000000000000007000000280000002018AC004CA6AC0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000FD3E0000000000000100000001000000"

====== End of Search ======

1579329063820_FRST.txt 1579329064731_Addition.txt

Link to post
Share on other sites

I backed up my registry (export) and then I executed the fix you shared in #34 (fixme.reg). I received a report that the registry was updated successfully. I then rebooted.

 

I ran Farbar and also did a registry search and it appears that no changes were made. I shared the logs in my previous post. I will try again but I'm afraid that I will have the same results. 

 

Please advise. I will report back with outcome of a 2nd attempt to update the registry. Thank you. 

Link to post
Share on other sites

I don't understand what changes you introduced in the fix from post #34. What were you hoping to achieve with the registry updates? Was I intended to take any other actions after those reg changes were made? 

Should I attempt to Uninstall Bitdefender again? Or attempt to Install again? 

Link to post
Share on other sites

Hi,

Hi,

Was Chrome Synced with other devices and did you reset it as suggested in post no. 10?

If not please do it now.
===

Lets remove all entries found in your logs.

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 

start
	CreateRestorePoint:
CloseProcesses:
	(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\bdagent.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe
Task: {7D62088E-324C-4D84-99D0-A0A03D56116B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender)
S3 AtcHost; C:\Program Files\Bitdefender Antivirus Free\atchost.exe [1475272 2019-10-25] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 bdredline; C:\Program Files\Bitdefender Antivirus Free\bdredline.exe [2500144 2019-05-28] (Bitdefender SRL -> Bitdefender)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender)
R2 updatesrv; C:\Program Files\Bitdefender Antivirus Free\updatesrv.exe [238376 2019-11-27] (Bitdefender SRL -> Bitdefender)
R2 vsserv; C:\Program Files\Bitdefender Antivirus Free\vsserv.exe [288312 2019-12-20] (Bitdefender SRL -> Bitdefender)
R2 vsservppl; C:\Program Files\Bitdefender Antivirus Free\vsservppl.exe [238376 2019-11-27] (Bitdefender SRL -> Bitdefender)
R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1693368 2019-10-25] (Bitdefender SRL -> Bitdefender S.R.L. Bucharest, ROMANIA)
R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [739024 2019-11-27] (Bitdefender SRL -> Bitdefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [22960 2019-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Bitdefender)
R3 edrsensor; C:\WINDOWS\System32\DRIVERS\edrsensor.sys [309144 2019-11-27] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [564136 2019-11-27] (Bitdefender SRL -> BitDefender S.R.L. Bucharest, ROMANIA)
R0 gzflt; C:\WINDOWS\System32\drivers\gzflt.sys [188384 2019-04-25] (Bitdefender SRL -> BitDefender LLC)
R2 trufos; C:\WINDOWS\System32\drivers\trufos.sys [637112 2019-10-25] (Bitdefender SRL -> Bitdefender)
	Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.12.41 - Bitdefender)
	C:\Program Files\Bitdefender Agent
C:\Program Files\Bitdefender Antivirus Free
C:\WINDOWS\System32\DRIVERS\atc.sys
C:\WINDOWS\system32\DRIVERS\bddci.sys
C:\WINDOWS\System32\drivers\bdelam.sys
C:\WINDOWS\System32\DRIVERS\edrsensor.sys
C:\WINDOWS\System32\DRIVERS\gemma.sys
C:\WINDOWS\System32\drivers\gzflt.sys
C:\WINDOWS\System32\drivers\trufos.sys
	Reboot:
End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Restart the computer one more time.

Do not reinstall the application at this time.

How is the computer running  now.

Link to post
Share on other sites
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
  • 1 month later...
  • 2 weeks later...
  • Root Admin

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Thanks

 

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.