Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is TODO: <文件说明> in SDIOassist.exe a virus?


  • Please log in to reply
15 replies to this topic

#1 jujube

jujube

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 11:52 AM

I found 2 processes named TODO: <文件说明> in my task manager. They each show file location of SDIOassist.exe.  In file details it shows 2 instances of SDIOassist.exe running. 1 is username SYSTEM and 1 is my username.  Is this a virus or an okay process?
 
Thanks,
Cheryl

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 29 March 2017 - 12:46 PM

Hello,
This is the software driver package for the installed O2Micro Flash Memory Card Reader. Do you have that installed?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 12:52 PM

I don't know.  I don't think so. I didn't request that when I ordered the system from Dell.

 

Cheryl



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 29 March 2017 - 01:23 PM

Hi Cheryl, maybe we can see...

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 01:30 PM

Ok so I am an idiot! Yes I have a card reader!  I just never have used it so I forgot it was there.

 

Cheryl



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 29 March 2017 - 01:36 PM

Cool!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 01:57 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by glaze_000 (administrator) on 29-03-2017 at 13:55:57
Running from "C:\Users\glaze_000\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Inspiron 23 Model 5348 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
 
There are 4 entries.
 
========================= IP Configuration: ================================
 
Intel® Ethernet Connection I217-LM = Ethernet (Connected)
Intel® Dual Band Wireless-AC 3160 = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
The following helper DLL cannot be loaded: DGNET.DLL.
The following helper DLL cannot be loaded: IPV6MON.DLL.
The following helper DLL cannot be loaded: NAPMONTR.DLL.
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Cheryl
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : T-mobile.com
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : T-mobile.com
   Description . . . . . . . . . . . : Intel® Ethernet Connection I217-LM
   Physical Address. . . . . . . . . : 74-E6-E2-DF-C9-C9
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::887a:96bf:d642:f35a%8(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.29.137(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, March 29, 2017 12:54:39 PM
   Lease Expires . . . . . . . . . . : Thursday, March 30, 2017 12:54:38 PM
   Default Gateway . . . . . . . . . : 192.168.29.1
   DHCP Server . . . . . . . . . . . : 192.168.29.1
   DHCPv6 IAID . . . . . . . . . . . : 57992930
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-08-63-54-74-E6-E2-DF-C9-C9
   DNS Servers . . . . . . . . . . . : 192.168.29.1
   Primary WINS Server . . . . . . . : 192.168.29.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : T-mobile.com
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 3160
   Physical Address. . . . . . . . . : 34-E6-AD-1D-72-8E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 34-E6-AD-1D-72-8F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth PAN HelpText
   Physical Address. . . . . . . . . : 34-E6-AD-1D-72-92
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.T-mobile.com:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : T-mobile.com
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1020:38f7:b97f:8e9c(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1020:38f7:b97f:8e9c%18(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 50331648
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-08-63-54-74-E6-E2-DF-C9-C9
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cellspot.router
Address:  192.168.29.1
 
Name:    google.com
Addresses:  2607:f8b0:4005:80a::200e
 216.58.195.78
 
 
Pinging google.com [216.58.195.78] with 32 bytes of data:
Reply from 216.58.195.78: bytes=32 time=250ms TTL=51
Reply from 216.58.195.78: bytes=32 time=234ms TTL=51
 
Ping statistics for 216.58.195.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 234ms, Maximum = 250ms, Average = 242ms
Server:  cellspot.router
Address:  192.168.29.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=234ms TTL=45
Reply from 206.190.36.45: bytes=32 time=200ms TTL=45
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 200ms, Maximum = 234ms, Average = 217ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...74 e6 e2 df c9 c9 ......Intel® Ethernet Connection I217-LM
  5...34 e6 ad 1d 72 8e ......Intel® Dual Band Wireless-AC 3160
  7...34 e6 ad 1d 72 8f ......Microsoft Wi-Fi Direct Virtual Adapter
 16...34 e6 ad 1d 72 92 ......Bluetooth PAN HelpText
  1...........................Software Loopback Interface 1
  6...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.29.1   192.168.29.137     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
     192.168.29.0    255.255.255.0         On-link    192.168.29.137    281
   192.168.29.137  255.255.255.255         On-link    192.168.29.137    281
   192.168.29.255  255.255.255.255         On-link    192.168.29.137    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    192.168.29.137    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    192.168.29.137    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 18    331 2001::/32                On-link
 18    331 2001:0:4137:9e76:1020:38f7:b97f:8e9c/128
                                    On-link
  8    281 fe80::/64                On-link
 18    331 fe80::/64                On-link
 18    331 fe80::1020:38f7:b97f:8e9c/128
                                    On-link
  8    281 fe80::887a:96bf:d642:f35a/128
                                    On-link
  1    331 ff00::/8                 On-link
  8    281 ff00::/8                 On-link
 18    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/29/2017 01:51:17 PM) (Source: Windows Search Service) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (03/29/2017 01:01:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CHERYL)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/29/2017 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CHERYL)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/29/2017 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CHERYL)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/29/2017 12:59:30 PM) (Source: Application Hang) (User: )
Description: The program RemindersServer.exe version 10.0.14393.953 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 18dc
 
Start Time: 01d2a8b5ab9ec7fe
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
 
Report Id: 5e548c58-14a9-11e7-82b7-34e6ad1d7292
 
Faulting package full name: Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/29/2017 12:59:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CHERYL)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/29/2017 12:59:18 PM) (Source: Application Hang) (User: )
Description: The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1e2c
 
Start Time: 01d2a8b5e7e3bb0c
 
Termination Time: 4294967295
 
Application Path: UNKNOWN
 
Report Id: 
 
Faulting package full name: Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/29/2017 12:58:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: CHERYL)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (03/29/2017 12:48:59 PM) (Source: Windows Search Service) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (03/29/2017 12:48:59 PM) (Source: Windows Search Service) (User: )
Description: Enumerating user sessions to generate filter pools failed.
 
 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
 
System errors:
=============
Error: (03/29/2017 01:56:03 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (03/29/2017 01:01:18 PM) (Source: DCOM) (User: CHERYL)
Description: App.AppX85gcbw533amccd2rr8qswxymhfj649t2.mca
 
Error: (03/29/2017 01:01:04 PM) (Source: Service Control Manager) (User: )
Description: The File History Service service hung on starting.
 
Error: (03/29/2017 12:59:18 PM) (Source: DCOM) (User: CHERYL)
Description: App.AppX85gcbw533amccd2rr8qswxymhfj649t2.mca
 
Error: (03/29/2017 12:58:29 PM) (Source: DCOM) (User: CHERYL)
Description: {DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
 
Error: (03/29/2017 12:57:56 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (03/29/2017 12:57:54 PM) (Source: Service Control Manager) (User: )
Description: The Dell Help & Support service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (03/29/2017 12:57:54 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Help & Support service to connect.
 
Error: (03/29/2017 12:54:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (03/29/2017 12:54:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (03/29/2017 01:51:17 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (03/29/2017 01:01:18 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CHERYL)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 
Error: (03/29/2017 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CHERYL)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2147023170
 
Error: (03/29/2017 01:00:06 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CHERYL)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927142
 
Error: (03/29/2017 12:59:30 PM) (Source: Application Hang)(User: )
Description: RemindersServer.exe10.0.14393.95318dc01d2a8b5ab9ec7fe4294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe5e548c58-14a9-11e7-82b7-34e6ad1d7292Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewyppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/29/2017 12:59:18 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CHERYL)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 
Error: (03/29/2017 12:59:18 PM) (Source: Application Hang)(User: )
Description: UNKNOWN0.0.0.01e2c01d2a8b5e7e3bb0c4294967295UNKNOWNMicrosoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5cppleae38af2e007f4358a809ac99a64a67c1
 
Error: (03/29/2017 12:58:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: CHERYL)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1-2144927142
 
Error: (03/29/2017 12:48:59 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
Error: (03/29/2017 12:48:59 PM) (Source: Windows Search Service)(User: )
Description: 
Details:
(HRESULT : 0x80040210) (0x80040210)
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-03-10 20:22:46.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:45.634
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:45.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:44.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:44.508
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:43.338
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:43.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:38.781
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:38.525
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
  Date: 2017-03-10 20:22:38.454
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume5\Program Files\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.
 
 
=========================== Installed Programs ============================
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
ArcSoft PhotoStudio 6 (HKLM-x32\...\{6C33D2FD-8FBB-4613-BC4A-1663D03D1626}) (Version: 6.0.6.187 - ArcSoft)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.4 - ASUS)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32\...\{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 - ASUS)
Brother HL-2170W (HKLM-x32\...\{E2789852-DF95-41DA-8BE9-91F99EDD064B}) (Version: 1.00 - Brother)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP)
Dell Foundation Services (HKLM\...\{BDB50421-E961-42F3-B803-6DAC6F173834}) (Version: 3.4.16100.0 - Dell Inc.)
Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell)
Dell Update - SupportAssist Update Plugin (HKLM\...\{92F651D9-4431-469E-9B11-299D007AF656}) (Version: 2.0.2.1835 - Dell Inc.)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
DELLOSD (HKLM-x32\...\{AC950530-9F3B-4D94-8BEF-C84A77869AF4}) (Version: 1.0.0.0 - DELL)
Dropbox (HKLM-x32\...\Dropbox) (Version: 22.4.24 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM-x32\...\{04A3C7AC-C350-46FA-8F72-C4E3F6B50D07}) (Version: 1.00.0004 - Seiko Epson Corporation)
Epson Copy Utility 4 (HKLM-x32\...\{B835ADF3-3807-4B06-8E23-3B84AD67C4D7}) (Version: 4.01.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{747C2710-1D8F-46DD-ADF0-6EE0D980F13C}) (Version: 3.10.0039 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
Gadwin PrintScreen (64-Bit) (HKLM\...\{819A52E1-0929-469A-BEB6-1AEBE0873CFC}) (Version: 5.4.2.0 - Gadwin Systems)
Google Apps Migration For Microsoft Outlook® 4.0.30.10 (HKLM-x32\...\{141D6939-CB21-419F-9FCC-506A2CD03110}) (Version: 4.0.30.10 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Photos Backup (HKCU\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
HP Dropbox Plugin (HKLM-x32\...\{23617173-F935-4C17-A323-EB1207F3ED49}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP ENVY 5540 series Basic Device Software (HKLM\...\{44CE34C3-7B6A-44CA-BD7F-73E053BBAEC8}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
HP ENVY 5540 series Help (HKLM-x32\...\{3B1BE080-D477-4B94-AAE4-8B0BEC5D0CE3}) (Version: 35.0.0 - Hewlett Packard)
HP Google Drive Plugin (HKLM-x32\...\{AFF80405-E56A-48E7-98FC-8E46E261949F}) (Version: 36.0.31.53050 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1423.2) (HKLM\...\{302600C1-6BDF-4FD1-1405-148929CC1385}) (Version: 17.0.1405.0464 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.5.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{08AF7D7B-A9A7-49D2-BBEE-D9E5C09E54F5}) (Version: 5.0.10.2848 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{3b398ef6-924b-4943-ae2d-e8feb143622a}) (Version: 17.0.5 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Laplink PCmover Express - Personal Use (HKLM-x32\...\{3EDDD517-FFCF-416A-ABE7-BE826FB5C6C0}) (Version: 10.00.639 - Laplink Software, Inc.)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.6570.1 - Waves Audio Ltd.) Hidden
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 8.1.0.135 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7870.2024 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{C834E5DF-AB21-4142-8234-0C4FA77F3A04}) (Version: 3.0.08.38 - O2Micro International LTD.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.7870.2024 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Perfection V600 User's Guide version 1.0 (HKLM-x32\...\UsersGuidePerfection V600 User's Guide_is1) (Version: 1.0 - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Product Improvement Study for HP ENVY 5540 series (HKLM\...\{4F9AAF2D-42E6-4BD0-A295-842BC068CC4B}) (Version: 36.0.72.54013 - Hewlett-Packard Co.)
Quicknote 5.5 (HKLM-x32\...\JC&MB Quicknote_is1) (Version:  - JC&MB)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7628 - Realtek Semiconductor Corp.)
Reason Core Security (HKLM-x32\...\Reason Core Security) (Version: 1.2.0.1 - Reason Software Company Inc.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{F4F2EF32-EAFE-4F87-B7DC-E19C9F8E76FC}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
WD SmartWare (HKLM\...\{515B34CA-1229-4EDA-AE7C-53CBA68B8A7A}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 43%
Total physical RAM: 8092.65 MB
Available physical RAM: 4568.64 MB
Total Virtual: 9692.65 MB
Available Virtual: 5000.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:922.03 GB) (Free:771.88 GB) NTFS
3 Drive e: (My Book) (Fixed) (Total:2793.98 GB) (Free:2489.86 GB) NTFS
4 Drive f: (ESP) (Fixed) (Total:0.48 GB) (Free:0.43 GB) FAT32
5 Drive h: (DBR_BOOT) (Fixed) (Total:0.46 GB) (Free:0.44 GB) FAT32
6 Drive w: () (Fixed) (Total:0.44 GB) (Free:0.09 GB) NTFS
7 Drive x: (PBR Image) (Fixed) (Total:7.66 GB) (Free:0.73 GB) NTFS
8 Drive z: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.43 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\CHERYL
 
Administrator            DefaultAccount           glaze_000                
Guest                    
 
 
**** End of log ****


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 29 March 2017 - 02:27 PM

OK, yes it is installed..

You have no antivirus, so lets clean while here.

zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 03:02 PM

I did have Mcafee installed but oddly enough became corrupt earlier.  Will run the above.



#10 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 29 March 2017 - 07:02 PM

zcMPezJ.pngAdwCleaner

# AdwCleaner v6.045 - Logfile created 29/03/2017 at 17:20:25

# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-03-29.1 [Server]
# Operating System : Windows 10 Home  (X64)
# Username : glaze_000 - CHERYL
# Running from : C:\Users\glaze_000\Desktop\AdwCleaner (1).exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
 
 
***** [ Folders ] *****
 
[-] Folder deleted: C:\ProgramData\23abc046-c34c-40f1-9bfb-8647a46bb7eb
[-] Folder deleted: C:\ProgramData\984db59e-f396-44fd-afe6-799148c3ca39
[-] Folder deleted: C:\ProgramData\c1cb0f59-2ea8-4feb-83be-0f9cf00c5de2
[-] Folder deleted: C:\ProgramData\BSD
[-] Folder deleted: C:\ProgramData\Auslogics
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD
[#] Folder deleted on reboot: C:\ProgramData\Application Data\Auslogics
[-] Folder deleted: C:\Users\glaze_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
[-] Folder deleted: C:\Users\glaze_000\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pbjikboenpfhbbejgkoklgkhjpfogcam
 
 
***** [ Files ] *****
 
[-] File deleted: C:\Users\glaze_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pbjikboenpfhbbejgkoklgkhjpfogcam_0.localstorage
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-4098776918-1846079208-2893720126-1001\Software\BSD
[-] Key deleted: HKU\S-1-5-21-4098776918-1846079208-2893720126-1001\Software\AppDataLow\Software\adawarebp
[#] Key deleted on reboot: HKCU\Software\BSD
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\adawarebp
[-] Key deleted: HKLM\SOFTWARE\Auslogics
[-] Key deleted: HKLM\SOFTWARE\BSD
[#] Key deleted on reboot: [x64] HKCU\Software\BSD
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\adawarebp
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\glaze_000\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pbjikboenpfhbbejgkoklgkhjpfogcam
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [2554 Bytes] - [29/03/2017 17:20:25]
C:\AdwCleaner\AdwCleaner[S0].txt - [2665 Bytes] - [29/03/2017 17:17:09]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2700 Bytes] ##########
 
 
lv0mVRW.pngJunkware Removal Tool
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64 
Ran by glaze_000 (Administrator) on Wed 03/29/2017 at 17:29:38.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 3 
 
Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\glaze_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam (Folder) 
Successfully deleted: C:\Users\glaze_000\AppData\Roaming\productdata (Folder) 
 
 
 
Registry: 6 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_33998685E6B844427AE2CAAD9E31BEAB (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2B0A519A-0C7B-492F-9230-615511492A12} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} (Registry Key)
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/29/2017 at 17:36:54.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
cvMlKv6.pngESET Online Scanner is still running


#11 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 30 March 2017 - 02:37 PM

Here is cvMlKv6.pngESET Online Scanner txt file

 

 

C:\Users\glaze_000\Documents\Downloads\ccsetup507.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup522.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup523.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup524.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup525 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup525.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup526.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\Downloads\ccsetup527.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\glaze_000\OneDrive\Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4.exe a variant of Win32/OpenCandy.A potentially unsafe application
C:\Documents and Settings\glaze_000\Documents\Downloads\ccsetup507.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup522.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup523.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup524.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup525 (1).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup525.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup526.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\Downloads\ccsetup527.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
C:\Documents and Settings\glaze_000\OneDrive\Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\$OF\30098\19929 (2017_03_16 19_56_14 UTC).exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Documents\Downloads\ccsetup507 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4 (2017_03_16 19_56_14 UTC).exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup522 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup523 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup524 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup525 (1) (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup525 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup526 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\FileHistory\glaze_000\CHERYL\Data\C\Users\glaze_000\Downloads\ccsetup527 (2017_03_16 19_56_14 UTC).exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\WD SmartWare.swstor\CHERYL\Volume.4fdada0e.ad07.4cf2.94f3.96f8844194f9\Users\glaze_000\Downloads\Unconfirmed 184897.crdownload Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\WD SmartWare.swstor\CHERYL\Volume.4fdada0e.ad07.4cf2.94f3.96f8844194f9\Users\glaze_000\Downloads\Unconfirmed 980689.crdownload Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\WD SmartWare.swstor\HOME-F5IRRMASJ6\Volume.3b6d925e.9bbe.11e3.baa4.806d6172696f\Documents and Settings\Cheryl Holmberg\Local Settings\Application Data\Downloaded Installations\{C10E92A1-0281-4E9B-B623-41F886FA1752}\default.msi a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted
E:\WD SmartWare.swstor\HOME-F5IRRMASJ6\Volume.3b6d925e.9bbe.11e3.baa4.806d6172696f\Documents and Settings\Cheryl Holmberg\Local Settings\Temp\pc-cleaner-setup.exe a variant of Win32/Auslogics.A potentially unwanted application cleaned by deleting
E:\WD SmartWare.swstor\HOME-F5IRRMASJ6\Volume.3b6d925e.9bbe.11e3.baa4.806d6172696f\Documents and Settings\Cheryl Holmberg\My Documents\Downloads\ccsetup507.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
E:\WD SmartWare.swstor\HOME-F5IRRMASJ6\Volume.3b6d925e.9bbe.11e3.baa4.806d6172696f\Documents and Settings\Cheryl Holmberg\My Documents\Downloads\fix-my-pc-setup.exe a variant of Win32/Auslogics.A potentially unwanted application cleaned by deleting
E:\WD SmartWare.swstor\HOME-F5IRRMASJ6\Volume.3b6d925e.9bbe.11e3.baa4.806d6172696f\Documents and Settings\Cheryl Holmberg\My Documents\samsung\Kies3\backup\SGH-M919\SGH-M919_19182829632\SGH-M919_20150420125845\Others\Download\FYDLoad_flvto_4.exe a variant of Win32/OpenCandy.A potentially unsafe application cleaned by deleting


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 30 March 2017 - 03:17 PM

Great, we got some garbage off.. See how it's running.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 31 March 2017 - 01:43 PM

Most of what was deleted appears to be Ccleaner update downloads and my Samsung phone backup files from both my hard drive and external drive.  So TODO: <文件说明> is legitimate and not a virus?

 

Cheryl



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:27 AM

Posted 31 March 2017 - 01:50 PM

Yes, that was a driver file and safe.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 jujube

jujube
  • Topic Starter

  • Members
  • 66 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Tulsa, OK
  • Local time:08:27 AM

Posted 31 March 2017 - 04:07 PM

Ok so everything checked out and I'm good to go?  If so, thanks so much for your help!

 

Cheryl






3 user(s) are reading this topic

0 members, 3 guests, 0 anonymous users