FoundMarbles
-
Posts
7 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by FoundMarbles
-
-
Thank You, Aura, you can shut this topic now.
-
Hi Aura, Here is the resulting file:
MiniToolBox by Farbar Version: 17-06-2016
Ran by owner (administrator) on 28-11-2017 at 21:43:03
Running from "C:\Users\owner\Desktop"
Microsoft Windows 10 Home (X64)
Model: Inspiron 3668 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************========================= Event log errors: ===============================
Application errors:
==================
Error: (11/24/2017 07:50:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
Exception code: 0xc0000005
Fault offset: 0x0000000000070b94
Faulting process ID: 0x10b0
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report ID: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5Error: (11/23/2017 11:04:00 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
Exception code: 0xc0000005
Fault offset: 0x0000000000070b94
Faulting process ID: 0x119c
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report ID: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5Error: (11/23/2017 05:06:50 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous OperationContext:
Current State: DoSnapshotSetError: (11/23/2017 05:06:42 PM) (Source: .NET Runtime) (User: )
Description: Application: PostInstall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
at System.IO.Path.CheckInvalidPathChars(System.String, Boolean)
at System.IO.Path.Combine(System.String, System.String)
at utilities.UserCredConfig.PerformConfig(Boolean, System.String)
at PostInstall.Program.Main(System.String[])Error: (11/23/2017 05:06:40 PM) (Source: PostOnce.exe) (User: )
Description: [1] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.Load(String filename)
at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#Error: (11/21/2017 04:43:14 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: arwlib.dll, version: 3.0.0.390, time stamp: 0x58af57f8
Exception code: 0xc0000005
Fault offset: 0x0000000000070b94
Faulting process ID: 0xed8
Faulting application start time: 0xmbamservice.exe0
Faulting application path: mbamservice.exe1
Faulting module path: mbamservice.exe2
Report ID: mbamservice.exe3
Faulting package full name: mbamservice.exe4
Faulting package-relative application ID: mbamservice.exe5Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#Error: (11/21/2017 08:25:43 AM) (Source: DellSupportAssistRemedationService.exe) (User: )
Description: [4] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.Load(String filename)
at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#Error: (11/21/2017 08:20:44 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid.
.
Operation:
Executing Asynchronous OperationContext:
Current State: DoSnapshotSet
System errors:
=============
Error: (11/28/2017 11:50:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/28/2017 11:50:48 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/26/2017 04:47:14 PM) (Source: DCOM) (User: DESKTOP-4KNLURF)
Description: application-specificLocalActivation{9A4948D9-13FC-4FAC-B60A-FBA6EE0FB11C}{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}DESKTOP-4KNLURFownerS-1-5-21-151752392-1570635984-2468627807-1001LocalHost (Using LRPC)Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbweS-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518Error: (11/24/2017 07:51:05 PM) (Source: Service Control Manager) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 1 time(s).Error: (11/24/2017 10:01:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/24/2017 10:01:32 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/24/2017 10:00:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NvStreamNetworkSvc service to connect.Error: (11/24/2017 10:00:50 AM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.
Error: (11/23/2017 11:05:47 PM) (Source: Service Control Manager) (User: )
Description: The Malwarebytes Service service terminated unexpectedly. It has done this 2 time(s).Error: (11/23/2017 10:06:26 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
Microsoft Office Sessions:
=========================
Error: (11/24/2017 07:50:25 PM) (Source: Application Error)(User: )
Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b9410b001d36535069a1b35C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll8285f52b-a104-4818-8cb1-a92a3d4b33a9Error: (11/23/2017 11:04:00 PM) (Source: Application Error)(User: )
Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b94119c01d363a94e2dd4a0C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll3e5bea73-d712-464a-918d-23bbdc592612Error: (11/23/2017 05:06:50 PM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.
Operation:
Executing Asynchronous OperationContext:
Current State: DoSnapshotSetError: (11/23/2017 05:06:42 PM) (Source: .NET Runtime)(User: )
Description: Application: PostInstall.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentException
at System.IO.Path.CheckInvalidPathChars(System.String, Boolean)
at System.IO.Path.Combine(System.String, System.String)
at utilities.UserCredConfig.PerformConfig(Boolean, System.String)
at PostInstall.Program.Main(System.String[])Error: (11/23/2017 05:06:40 PM) (Source: PostOnce.exe)(User: )
Description: [1] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.Load(String filename)
at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#Error: (11/21/2017 04:43:14 PM) (Source: Application Error)(User: )
Description: mbamservice.exe3.1.0.4155881b7a1arwlib.dll3.0.0.39058af57f8c00000050000000000070b94ed801d362cbe0336e62C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exeC:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll1c5516a8-fe5a-4968-83f6-cd4f66c6fe13Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:DELLSUPPORT, Partition:PartitionPos {disk:0, part:6}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#Error: (11/21/2017 08:55:44 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
Description: [5] ERROR- FindPartObjects() Lable not matched! Target:WINRETOOLS, Current:Image, Partition:PartitionPos {disk:0, part:5}, curGptTypeStr:{de94bba4-06d1-4d40-a16a-bfd50179d6ac} #StackInfo#Error: (11/21/2017 08:25:43 AM) (Source: DellSupportAssistRemedationService.exe)(User: )
Description: [4] ERROR- Merge back telemetry event faile: System.Xml.XmlException: Root element is missing.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
at System.Xml.XmlDocument.Load(XmlReader reader)
at System.Xml.XmlDocument.Load(String filename)
at Excal.Telemetry.EventManager.MergeEventFile() #StackInfo#Error: (11/21/2017 08:20:44 AM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.
Operation:
Executing Asynchronous OperationContext:
Current State: DoSnapshotSet
CodeIntegrity Errors:
===================================
Date: 2017-11-20 10:55:17.827
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.Date: 2017-11-20 10:54:45.022
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.Date: 2017-11-20 10:54:44.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.Date: 2017-11-20 09:50:26.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.Date: 2017-11-20 09:49:55.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.Date: 2017-11-20 09:49:55.634
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
=========================== Installed Programs ============================7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20044 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 382.66 - NVIDIA Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Customer Connect (HKLM-x32\...\{04A41EBC-AB30-4574-A14D-E0CDFE31AB70}) (Version: 1.5.1.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.72 - Dell)
Dell SupportAssist Remediation (HKLM\...\{EEB1E6AD-5E5E-46C0-B60C-BF208CE755A3}) (Version: 3.1.1.3834 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{61737d36-07ae-47a4-a2f5-3f2979f77e50}) (Version: 3.1.1.3834 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{18EF001B-B005-46CB-917B-112BA69ED85E}) (Version: 2.0.3.10 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Dropbox 20 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.72 - PC-Doctor, Inc.) Hidden
EPSON Artisan 830 Series Printer Uninstall (HKLM\...\EPSON Artisan 830 Series) (Version: - SEIKO EPSON Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{674E262F-72EA-41C1-AF16-9727311A4553}) (Version: 2.4.1.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Stylus Photo R2000 Printer Uninstall (HKLM\...\Epson Stylus Photo R2000) (Version: - SEIKO EPSON Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4550 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.1.1028 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{E7173746-C254-4F4E-ACCB-D6BD55E76EFE}) (Version: 1.1.70.527 - Intel Corporation)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.9134.0 - Waves Audio Ltd.) Hidden
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8625.2127 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Research AutoCollage 2008 version 1.1 (HKLM-x32\...\{423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}) (Version: 1.01.2008 - Microsoft Research)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
NVIDIA 3D Vision Driver 382.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.66 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.66 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8625.2127 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.6.6235 - Electronic Arts, Inc.)
proDAD Adorage 3.0 (HKLM-x32\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
Product Registration (HKLM\...\{0CB75726-FC62-4609-B5DA-0031E64F771B}) (Version: 3.0.128.0 - Dell Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.11 - Qualcomm Atheros)
Rainlendar2 (remove only) (HKLM-x32\...\Rainlendar2) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8105 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.36.104.1020 - Electronic Arts Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)**** End of log ****
-
Aura, Thank You! Yes, It has been a while since I posted that question and you are the first response I have had. As noted in the question, I'm just wondering if any OR all of those Dell programs are require. (Dumb me, Dell Update is an obvious keeper!) The product is registered already and the all those support bits have prove hard to navigate or useless. I just phone them instead.
-
-
NEVER MIND, NO HELP TO BE FOUND HERE I SEE. I FIXED IT, FINALLY.
IF IT TURNS UP AGAIN, I'LL GO SOMEWHERE ELSE!
-
We seem to have 4 VERY persistent infections. Mind Spark, Ask.com & others. No amount of cleaning gets rid of the problems! Please Help!
After reinstalling Malwarebytes and scanning, it cleaned 327 items. Ran AdwCleaner it removed a bunch of threats. This morning 2 were right back so I ran AdwCleaner again and Hitmman pro after that and then 4 items were back. I am near my wits end!! The Hitman pro log is copied below.
HitmanPro 3.7.15.281 www.hitmanpro.com Computer name . . . . : ACER-PC Windows . . . . . . . : 10.0.0.14393.X64/4 User name . . . . . . : acer-PC\acer UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-03-29 15:34:42 Scan mode . . . . . . : Normal Scan duration . . . . : 10m 13s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 4 Objects scanned . . . : 2,076,381 Files scanned . . . . : 66,173 Remnants scanned . . : 421,941 files / 1,588,267 keys Suspicious files ____________________________________________________________ C:\WINDOWS\SysWOW64\ASock32.OCX Size . . . . . . . : 62,384 bytes Age . . . . . . . : 1097.1 days (2014-03-28 13:02:29) Entropy . . . . . : 5.7 SHA-256 . . . . . : 5DB604CEEE5C4502F7FB4DB77CDBBA70F0783AF3A92389749040167384ECDC9F Product . . . . . : ASOCKET Publisher . . . . : Mabry Software, Inc. Description . . . : Mabry ASocket Control Version . . . . . : 5.00.012 Copyright . . . . : Copyright © 1996-1998 by Zane Thomas RSA Key Size . . . : 512 LanguageID . . . . : 1033 Authenticode . . . : Self-signed Fuzzy . . . . . . : 26.0 Program is code signed with a weak certificate. This is common to malware. Program is code self-signed. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. C:\WINDOWS\SysWOW64\GetHst32.OCX Size . . . . . . . : 46,512 bytes Age . . . . . . . : 1097.1 days (2014-03-28 13:02:29) Entropy . . . . . : 5.5 SHA-256 . . . . . : 37643B0F7D6B680B79CC6F53A34E4F655E5649AC83703C5531E6598950076ED6 Product . . . . . : GetHst Publisher . . . . : Mabry Software, Inc. Description . . . : Mabry Internet GetHst Control Version . . . . . : 5.00.007 Copyright . . . . : Copyright © 1996-1998 by Mabry Software, Inc. RSA Key Size . . . : 512 LanguageID . . . . : 1033 Authenticode . . . : Self-signed Fuzzy . . . . . . : 26.0 Program is code signed with a weak certificate. This is common to malware. Program is code self-signed. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. C:\WINDOWS\SysWOW64\Mftp32.ocx Size . . . . . . . : 75,696 bytes Age . . . . . . . : 1097.1 days (2014-03-28 13:02:29) Entropy . . . . . : 5.8 SHA-256 . . . . . : 6249744A37B44608E569160B7281D34AFA6BFDF625FF60237C400067575F54A5 Product . . . . . : Mabry Internet FTP Control Publisher . . . . : Mabry Software, Inc. Description . . . : Mabry Internet FTP Control Version . . . . . : 5.00.015 Copyright . . . . : Copyright © 1996-1998 by Zane Thomas RSA Key Size . . . : 512 LanguageID . . . . : 1033 Authenticode . . . : Self-signed Fuzzy . . . . . . : 26.0 Program is code signed with a weak certificate. This is common to malware. Program is code self-signed. The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities. Potential Unwanted Programs _________________________________________________ HKU\S-1-5-21-4003829262-2848994777-1340562341-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar)
Malwarebytes Removal tool fail even in safe mode
in Malwarebytes for Windows Support Forum
Posted
I have a problem with Malwarebytes pro, real time protection could not be enabled after removing 3 items found by Rogue Killer. I have tried twice to remove the program for a fresh install but it fails to be able to do the job. I have attached the text file in the hope that you can tell me what is wrong.
mb-clean-results.txt