Jump to content

FoundMarbles

Members
  • Posts

    7
  • Joined

  • Last visited

Posts posted by FoundMarbles

  1. Hi Aura, Here is the resulting file:

    MiniToolBox by Farbar  Version: 17-06-2016
    Ran by owner (administrator) on 28-11-2017 at 21:43:03
    Running from "C:\Users\owner\Desktop"
    Microsoft Windows 10 Home  (X64)
    Model: Inspiron 3668 Manufacturer: Dell Inc.
    Boot Mode: Normal
    ***************************************************************************

    ========================= Event log errors: ===============================

    Application errors:
    ==================
    Error: (11/24/2017 07:50:25 PM) (Source: Application Error) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
    Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
    Exception code: 0xc0000005
    Fault offset: 0x0000000000070b94
    Faulting process ID: 0x10b0
    Faulting application start time: 0xmbamservice.exe0
    Faulting application path: mbamservice.exe1
    Faulting module path: mbamservice.exe2
    Report ID: mbamservice.exe3
    Faulting package full name: mbamservice.exe4
    Faulting package-relative application ID: mbamservice.exe5

    Error: (11/23/2017 11:04:00 PM) (Source: Application Error) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
    Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
    Exception code: 0xc0000005
    Fault offset: 0x0000000000070b94
    Faulting process ID: 0x119c
    Faulting application start time: 0xmbamservice.exe0
    Faulting application path: mbamservice.exe1
    Faulting module path: mbamservice.exe2
    Report ID: mbamservice.exe3
    Faulting package full name: mbamservice.exe4
    Faulting package-relative application ID: mbamservice.exe5

    Error: (11/23/2017 05:06:50 PM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
    .


    Operation:
       Executing Asynchronous Operation

    Context:
       Current State: DoSnapshotSet

    Error: (11/23/2017 05:06:42 PM) (Source: .NET Runtime) (User: )
    Description: Application: PostInstall.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
       at System.IO.Path.CheckInvalidPathChars(System.String, Boolean)
       at System.IO.Path.Combine(System.String, System.String)
       at utilities.UserCredConfig.PerformConfig(Boolean, System.String)
       at PostInstall.Program.Main(System.String[])

    Error: (11/23/2017 05:06:40 PM) (Source: PostOnce.exe) (User: )
    Description: [1] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
       at System.Xml.XmlTextReaderImpl.Throw(Exception e)
       at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
       at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
       at System.Xml.XmlDocument.Load(XmlReader reader)
       at System.Xml.XmlDocument.Load(String filename)
       at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#

    Error: (11/21/2017 04:43:14 PM) (Source: Application Error) (User: )
    Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
    Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
    Exception code: 0xc0000005
    Fault offset: 0x0000000000070b94
    Faulting process ID: 0xed8
    Faulting application start time: 0xmbamservice.exe0
    Faulting application path: mbamservice.exe1
    Faulting module path: mbamservice.exe2
    Report ID: mbamservice.exe3
    Faulting package full name: mbamservice.exe4
    Faulting package-relative application ID: mbamservice.exe5

    Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
    Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

    Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
    Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

    Error: (11/21/2017 08:25:43 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
    Description: [4] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
       at System.Xml.XmlTextReaderImpl.Throw(Exception e)
       at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
       at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
       at System.Xml.XmlDocument.Load(XmlReader reader)
       at System.Xml.XmlDocument.Load(String filename)
       at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#

    Error: (11/21/2017 08:20:44 AM) (Source: VSS) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
    .


    Operation:
       Executing Asynchronous Operation

    Context:
       Current State: DoSnapshotSet


    System errors:
    =============
    Error: (11/28/2017 11:50:48 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (11/28/2017 11:50:48 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (11/26/2017 04:47:14 PM) (Source: DCOM) (User: DESKTOP-4KNLURF)
    Description: application-specificLocalActivation{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}DESKTOP-4KNLURFownerS-1-5-21-151752392-1570635984-2468627807-1001LocalHost (Using LRPC)Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbweS-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518

    Error: (11/24/2017 07:51:05 PM) (Source: Service Control Manager) (User: )
    Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s).

    Error: (11/24/2017 10:01:32 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (11/24/2017 10:01:32 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (11/24/2017 10:00:55 AM) (Source: Service Control Manager) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the NvStreamNetworkSvc service to connect.

    Error: (11/24/2017 10:00:50 AM) (Source: Service Control Manager) (User: )
    Description: The CldFlt service failed to start due to the following error:
    %%50 = The request is not supported.


    Error: (11/23/2017 11:05:47 PM) (Source: Service Control Manager) (User: )
    Description: The Malwarebytes Service service terminated unexpectedly. It has done this 2 time(s).

    Error: (11/23/2017 10:06:26 AM) (Source: DCOM) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    Microsoft Office Sessions:
    =========================
    Error: (11/24/2017 07:50:25 PM) (Source: Application Error)(User: )
    Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b9410b001d36535069a1b35C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll8285f52b-a104-4818-8cb1-a92a3d4b33a9

    Error: (11/23/2017 11:04:00 PM) (Source: Application Error)(User: )
    Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b94119c01d363a94e2dd4a0C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll3e5bea73-d712-464a-918d-23bbdc592612

    Error: (11/23/2017 05:06:50 PM) (Source: VSS)(User: )
    Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.


    Operation:
       Executing Asynchronous Operation

    Context:
       Current State: DoSnapshotSet

    Error: (11/23/2017 05:06:42 PM) (Source: .NET Runtime)(User: )
    Description: Application: PostInstall.exe
    Framework Version: v4.0.30319
    Description: The process was terminated due to an unhandled exception.
    Exception Info: System.ArgumentException
       at System.IO.Path.CheckInvalidPathChars(System.String, Boolean)
       at System.IO.Path.Combine(System.String, System.String)
       at utilities.UserCredConfig.PerformConfig(Boolean, System.String)
       at PostInstall.Program.Main(System.String[])

    Error: (11/23/2017 05:06:40 PM) (Source: PostOnce.exe)(User: )
    Description: [1] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
       at System.Xml.XmlTextReaderImpl.Throw(Exception e)
       at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
       at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
       at System.Xml.XmlDocument.Load(XmlReader reader)
       at System.Xml.XmlDocument.Load(String filename)
       at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#

    Error: (11/21/2017 04:43:14 PM) (Source: Application Error)(User: )
    Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b94ed801d362cbe0336e62C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll1c5516a8-fe5a-4968-83f6-cd4f66c6fe13

    Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
    Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

    Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
    Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#

    Error: (11/21/2017 08:25:43 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
    Description: [4] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
       at System.Xml.XmlTextReaderImpl.Throw(Exception e)
       at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
       at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
       at System.Xml.XmlDocument.Load(XmlReader reader)
       at System.Xml.XmlDocument.Load(String filename)
       at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#

    Error: (11/21/2017 08:20:44 AM) (Source: VSS)(User: )
    Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.


    Operation:
       Executing Asynchronous Operation

    Context:
       Current State: DoSnapshotSet


    CodeIntegrity Errors:
    ===================================
      Date: 2017-11-20 10:55:17.827
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-20 10:54:45.022
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-20 10:54:44.915
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-20 09:50:26.892
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-20 09:49:55.824
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

      Date: 2017-11-20 09:49:55.634
      Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


    =========================== Installed Programs ============================

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
    Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
    Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.66 - NVIDIA Corporation) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
    CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
    Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
    Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
    Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
    Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
    Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
    Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
    Dell SupportAssist Remediation (HKLM\...\{EEB1E6AD-5E5E-46C0-B60C-BF208CE755A3}) (Version: 3.1.1.3834 - Dell Inc.) Hidden
    Dell SupportAssist Remediation (HKLM-x32\...\{61737d36-07ae-47a4-a2f5-3f2979f77e50}) (Version: 3.1.1.3834 - Dell Inc.)
    Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
    Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
    Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
    Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
    Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
    Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
    DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.72 - PC-Doctor, Inc.) Hidden
    EPSON Artisan 830 Series Printer Uninstall (HKLM\...\EPSON Artisan 830 Series) (Version:  - SEIKO EPSON Corporation)
    Epson Easy Photo Print 2 (HKLM-x32\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
    Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
    Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
    Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
    Epson Stylus Photo R2000 Printer Uninstall (HKLM\...\Epson Stylus Photo R2000) (Version:  - SEIKO EPSON Corporation)
    Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.1.1028 - Intel Corporation)
    Intel(R) Ready Mode Technology (HKLM\...\{E7173746-C254-4F4E-ACCB-D6BD55E76EFE}) (Version: 1.1.70.527 - Intel Corporation)
    Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
    Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9134.0 - Waves Audio Ltd.) Hidden
    Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8625.2127 - Microsoft Corporation)
    Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
    Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
    Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
    NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
    NVIDIA 3D Vision Driver 382.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.66 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
    NVIDIA Graphics Driver 382.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.66 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
    Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
    proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
    Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
    Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros)
    Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version:  - )
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.10.714.2016 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
    Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
    The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.104.1020 - Electronic Arts Inc.)
    Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

    **** End of log ****

  2. Aura, Thank You! Yes, It has been a while since I posted that question and you are the first response I have had. As noted in the question, I'm just wondering if any OR all of those Dell  programs are require. (Dumb me,  Dell Update is an obvious keeper!)  The product is registered already and the all those support bits have prove hard to navigate or useless. I just phone them instead.

  3. We seem to have 4 VERY persistent infections. Mind Spark, Ask.com & others. No amount of cleaning gets rid of the problems! Please Help!

    After reinstalling Malwarebytes and scanning, it cleaned 327 items. Ran AdwCleaner it removed a bunch of threats. This morning 2 were right back so I ran AdwCleaner again and Hitmman pro after that and then 4 items were back. I am near my wits end!! The Hitman pro log is copied below.

    	HitmanPro 3.7.15.281
    	www.hitmanpro.com
    
    	   Computer name . . . . : ACER-PC
    	   Windows . . . . . . . : 10.0.0.14393.X64/4
    	   User name . . . . . . : acer-PC\acer
    	   UAC . . . . . . . . . : Enabled
    	   License . . . . . . . : Free
    
    	   Scan date . . . . . . : 2017-03-29 15:34:42
    	   Scan mode . . . . . . : Normal
    	   Scan duration . . . . : 10m 13s
    	   Disk access mode  . . : Direct disk access (SRB)
    	   Cloud . . . . . . . . : Internet
    	   Reboot  . . . . . . . : No
    
    	   Threats . . . . . . . : 0
    	   Traces  . . . . . . . : 4
    
    	   Objects scanned . . . : 2,076,381
    	   Files scanned . . . . : 66,173
    	   Remnants scanned  . . : 421,941 files / 1,588,267 keys
    
    	Suspicious files ____________________________________________________________
    
    	   C:\WINDOWS\SysWOW64\ASock32.OCX
    	      Size . . . . . . . : 62,384 bytes
    	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
    	      Entropy  . . . . . : 5.7
    	      SHA-256  . . . . . : 5DB604CEEE5C4502F7FB4DB77CDBBA70F0783AF3A92389749040167384ECDC9F
    	      Product  . . . . . : ASOCKET
    	      Publisher  . . . . : Mabry Software, Inc.
    	      Description  . . . : Mabry ASocket Control
    	      Version  . . . . . : 5.00.012
    	      Copyright  . . . . : Copyright © 1996-1998 by Zane Thomas
    	      RSA Key Size . . . : 512
    	      LanguageID . . . . : 1033
    	      Authenticode . . . : Self-signed
    	      Fuzzy  . . . . . . : 26.0
    	         Program is code signed with a weak certificate. This is common to malware.
    	         Program is code self-signed.
    	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
    
    	   C:\WINDOWS\SysWOW64\GetHst32.OCX
    	      Size . . . . . . . : 46,512 bytes
    	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
    	      Entropy  . . . . . : 5.5
    	      SHA-256  . . . . . : 37643B0F7D6B680B79CC6F53A34E4F655E5649AC83703C5531E6598950076ED6
    	      Product  . . . . . : GetHst
    	      Publisher  . . . . : Mabry Software, Inc.
    	      Description  . . . : Mabry Internet GetHst Control
    	      Version  . . . . . : 5.00.007
    	      Copyright  . . . . : Copyright © 1996-1998 by Mabry Software, Inc.
    	      RSA Key Size . . . : 512
    	      LanguageID . . . . : 1033
    	      Authenticode . . . : Self-signed
    	      Fuzzy  . . . . . . : 26.0
    	         Program is code signed with a weak certificate. This is common to malware.
    	         Program is code self-signed.
    	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
    
    	   C:\WINDOWS\SysWOW64\Mftp32.ocx
    	      Size . . . . . . . : 75,696 bytes
    	      Age  . . . . . . . : 1097.1 days (2014-03-28 13:02:29)
    	      Entropy  . . . . . : 5.8
    	      SHA-256  . . . . . : 6249744A37B44608E569160B7281D34AFA6BFDF625FF60237C400067575F54A5
    	      Product  . . . . . : Mabry Internet FTP Control
    	      Publisher  . . . . : Mabry Software, Inc.
    	      Description  . . . : Mabry Internet FTP Control
    	      Version  . . . . . : 5.00.015
    	      Copyright  . . . . : Copyright © 1996-1998 by Zane Thomas
    	      RSA Key Size . . . : 512
    	      LanguageID . . . . : 1033
    	      Authenticode . . . : Self-signed
    	      Fuzzy  . . . . . . : 26.0
    	         Program is code signed with a weak certificate. This is common to malware.
    	         Program is code self-signed.
    	         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
    
    
    	Potential Unwanted Programs _________________________________________________
    
    	   HKU\S-1-5-21-4003829262-2848994777-1340562341-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
    
    
    
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.