Jump to content

scotmahn

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Everything posted by scotmahn

  1. scotmahn
    My Rogue Killer report--thanks for your help RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 8.1 (6.3.9200 ) 64 bits versionStarted in : Normal modeUser : Scott [Admin rights]Mode : Scan -- Date : 07/16/2014 10:21:05 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1924653211-3760871588-2711583691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57654;https=127.0.0.1:57654 -> FOUND[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1924653211-3760871588-2711583691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57654;https=127.0.0.1:57654 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 71.250.0.12 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 71.250.0.12 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7DE690DE-29E8-4CFC-9BB2-BF4205946930} | DhcpNameServer : 192.168.1.1 71.250.0.12 -> FOUND[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7DE690DE-29E8-4CFC-9BB2-BF4205946930} | DhcpNameServer : 192.168.1.1 71.250.0.12 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[suspicious.Path] Digital Sites.job -- C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND[suspicious.Path] \\Digital Sites -- C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS File : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++--- User ---[MBR] 3d60d2a307c8700eb8fc564419751f7e[bSP] 19e86e7defcdc241926c093ab1e64605 : Empty MBR CodePartition table:0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 953869 MBUser = LL1 ... OKUser = LL2 ... OK +++++ PhysicalDrive1: WDC WD16 00BB-22GUA0 USB Device +++++--- User ---[MBR] 8807ae481c80e0a29704abeec2777993[bSP] fc2eb5c1518e8bc2a2e68077323fde92 : Windows XP MBR CodePartition table:0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 63 | Size: 32765 MB1 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 67103505 | Size: 32765 MB2 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 134207010 | Size: 32765 MB3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 201310515 | Size: 54329 MBUser = LL1 ... OKError reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive2: SDHC Card +++++--- User ---[MBR] 354d0d0946118c9914c5aca65542fc98[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR CodePartition table:0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 7576 MBUser = LL1 ... OKError reading LL2 MBR! ([32] The request is not supported. ) +++++ PhysicalDrive3: EPSON USB Mass Storage USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. )
  2. scotmahn
    Here is my Farbar log Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01Ran by Scott at 2014-07-16 10:11:30Running from C:\Users\Scott\DownloadsBoot Mode: Normal========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0} ==================== Installed Programs ====================== 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)Alcor Micro USB Card Reader Driver (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) HiddenAmazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Canon LBP6000/LBP6018 (HKLM\...\Canon LBP6000/LBP6018) (Version: - )Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)CyberLink LabelPrint (x32 Version: 2.5.3.5901 - CyberLink Corp.) HiddenCyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2509 - CyberLink Corp.)CyberLink Media Suite 10 (x32 Version: 10.0.3.2509 - CyberLink Corp.) HiddenCyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3724 - CyberLink Corp.)Cyberlink PhotoDirector (x32 Version: 3.0.1.3724 - CyberLink Corp.) HiddenCyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2301 - CyberLink Corp.)CyberLink Power2Go 8 (x32 Version: 8.0.3.2301 - CyberLink Corp.) HiddenCyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2524 - CyberLink Corp.)CyberLink PowerDirector 10 (x32 Version: 10.0.3.2524 - CyberLink Corp.) HiddenCyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.4930 - CyberLink Corp.)CyberLink PowerDVD (x32 Version: 10.0.8.4930 - CyberLink Corp.) HiddenD3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenEPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) HiddenGoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) HiddenHP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) HiddenHP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6263.4289 - Hewlett-Packard)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6451.0 - IDT)Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) HiddeniTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) HiddenMalwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) HiddenMicrosoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1165.0612 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) HiddenMovie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenMozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) HiddenMSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) HiddenMSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) HiddenNorton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) HiddenSpotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012 - GoPro)Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) HiddenWindows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 22-06-2014 04:51:53 Windows Update29-06-2014 15:51:31 Scheduled Checkpoint08-07-2014 12:23:03 Scheduled Checkpoint11-07-2014 13:56:36 Windows Update16-07-2014 13:26:37 JULY 16 ==================== Hosts content: ========================== 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {042480EE-E379-4B15-BA99-F843EF79A5D8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1924653211-3760871588-2711583691-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exeTask: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTaskTask: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsListTask: {1431982F-DF89-417C-928B-DF70A074A7F8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTaskTask: {2C28A69A-6727-4BF1-BD81-05E712A9C89C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ManagementTask: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulateTask: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)Task: {3C2FC446-C800-4778-9CD0-6BCA8D380D9A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalanceTask: {5DC05C97-A234-465A-915D-C7DBFDD3217A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {62151ECA-2056-4546-A45E-B29AC42B64CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play CleanupTask: {6AFC9E4C-3A5D-4E30-8429-CAB32CCEFB0E} - System32\Tasks\Microsoft\Windows\DiskFootprint\DiagnosticsTask: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance TaskTask: {739E936B-E7E2-456A-B481-DF1D63D85561} - System32\Tasks\Digital Sites => C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTIONTask: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTaskTask: {75B30FA0-F4D7-4E07-956D-C08360ECE23C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)Task: {770C1B7A-A09F-4D26-BA88-88339C2223F0} - System32\Tasks\HPCeeScheduleForScott => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryStateTask: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance TaskTask: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTaskTask: {990F7F77-69FD-4C9C-A038-ABFD56B0442D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)Task: {9A7A7153-E8A9-40B5-AFEB-F7EAB9C49F6E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauservTask: {9E9FFC10-C0D1-48AC-BCFE-97E7C5506B2C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {9FC2FE89-04D0-4054-B805-F6CDF1C2EEA4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance WorkTask: {A3785CF4-A25A-43F3-941C-8DDFBD7126A2} - \BrowserSafeguard Update Task No Task File <==== ATTENTIONTask: {ACE35EE8-6012-465B-B4A9-95F1BB05CFBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {C90BD418-1B44-4309-9788-AD268DDCE7DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-13] (Microsoft Corporation)Task: {CF42F747-E346-437E-95E6-CEAB36AE3FDD} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-11-01] (CyberLink Corp.)Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTaskTask: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensingTask: {D9093BDF-C5B1-455D-89C1-0500C28F6F26} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon SynchronizationTask: {E3F45DC3-D79F-4FD2-80B1-B64A044F9740} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-01] (CyberLink)Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRETask: {EFF2BE2E-B11D-4C59-9223-C0825F08ED5F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-ValidationTask: {FA7E99E6-5337-4C8D-A20A-50A66B36FF93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)Task: {FF489CB8-1BF9-421A-829E-659D31C48CE9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUploadTask: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTIONTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\HPCeeScheduleForScott.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (whitelisted) ============= 2013-10-21 12:52 - 2013-10-21 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll2014-04-04 11:22 - 2014-03-07 16:39 - 03168576 _____ () C:\Users\Scott\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe2014-04-12 07:49 - 2009-10-23 12:31 - 00038912 _____ () C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2013-09-06 17:24 - 2012-06-07 23:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll2014-06-10 21:28 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll2014-06-10 21:28 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll2014-07-16 10:06 - 2014-07-16 10:06 - 00098816 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32api.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00110080 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pywintypes27.dll2014-07-16 10:06 - 2014-07-16 10:06 - 00364544 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pythoncom27.dll2014-07-16 10:06 - 2014-07-16 10:06 - 00045568 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_socket.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 01160704 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_ssl.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00320512 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32com.shell.shell.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00713216 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_hashlib.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 01175040 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._core_.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00805888 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._gdi_.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00811008 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._windows_.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 01062400 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._controls_.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00735232 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._misc_.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00128512 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_elementtree.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00127488 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pyexpat.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00557056 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pysqlite2._sqlite.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00007168 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\hashobjs_ext.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00087552 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_ctypes.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00119808 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32file.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00108544 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32security.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00018432 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32event.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00038912 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32inet.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00070656 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._html2.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00167936 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32gui.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00011264 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32crypt.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00027136 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_multiprocessing.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00122368 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._wizard.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00010240 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\select.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00024064 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32pipe.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00686080 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\unicodedata.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00025600 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32pdh.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00525640 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\windows._lib_cacheinvalidation.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00035840 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32process.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00017408 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32profile.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00022528 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32ts.pyd2014-07-16 10:06 - 2014-07-16 10:06 - 00078336 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._animate.pyd2014-06-10 21:28 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll2014-06-10 21:28 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll2014-06-10 21:28 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll2013-09-06 17:19 - 2012-07-18 04:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:054203E4AlternateDataStreams: C:\Users\Scott\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= Name: Unknown USB Device (Device Descriptor Request Failed)Description: Unknown USB Device (Device Descriptor Request Failed)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: ========================= Application errors:==================Error: (07/16/2014 10:06:50 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x10a4Faulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/16/2014 09:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x256cFaulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/15/2014 08:26:37 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x1de4Faulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/14/2014 08:22:42 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x10e8Faulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/14/2014 04:52:22 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x17ccFaulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/13/2014 09:58:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OFFICE)Description: Activation of app AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/13/2014 09:58:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: OFFICE)Description: App AccuWeather.AccuWeatherforWindows8_3.2.0.7_x64__8zz2pj9h1h1d8+App did not launch within its allotted time. Error: (07/13/2014 09:50:48 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3Exception code: 0x80000003Fault offset: 0x000b3425Faulting process id: 0x2138Faulting application start time: 0xSkyDrive.exe0Faulting application path: SkyDrive.exe1Faulting module path: SkyDrive.exe2Report Id: SkyDrive.exe3Faulting package full name: SkyDrive.exe4Faulting package-relative application ID: SkyDrive.exe5 Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1078 System errors:=============Error: (07/16/2014 10:04:43 AM) (Source: disk) (EventID: 11) (User: )Description: The driver detected a controller error on \Device\Harddisk2\DR2. Error: (07/16/2014 09:25:26 AM) (Source: Virtual Disk Service) (EventID: 9) (User: )Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014 Error: (07/16/2014 04:16:01 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/15/2014 08:48:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/15/2014 05:24:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/14/2014 07:43:00 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/14/2014 06:53:14 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/14/2014 01:53:36 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/14/2014 08:44:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Error: (07/14/2014 05:18:36 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )Description: 4 Microsoft Office Sessions:=========================Error: (07/16/2014 10:06:50 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342510a401cfa0ff29dfa4b7C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll6e03d237-0cf2-11e4-be91-8851fb6acd2e Error: (07/16/2014 09:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b3425256c01cfa0f72a470a20C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll68be45aa-0cea-11e4-be90-8851fb6acd2e Error: (07/15/2014 08:26:37 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b34251de401cfa028050ee705C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll4377f224-0c1b-11e4-be90-8851fb6acd2e Error: (07/14/2014 08:22:42 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342510e801cf9f5e4e9a94dfC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll8cf661af-0b51-11e4-be90-8851fb6acd2e Error: (07/14/2014 04:52:22 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342517cc01cf9f40ed1223bfC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll2b0458a1-0b34-11e4-be90-8851fb6acd2e Error: (07/13/2014 09:58:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OFFICE)Description: AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8!App-2144927142 Error: (07/13/2014 09:58:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: OFFICE)Description: AccuWeather.AccuWeatherforWindows8_3.2.0.7_x64__8zz2pj9h1h1d8+App Error: (07/13/2014 09:50:48 AM) (Source: Application Error) (EventID: 1000) (User: )Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b3425213801cf9ea173789a0cC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllb1879558-0a94-11e4-be8f-8851fb6acd2e Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )Description: Task Scheduling Error: m->NextScheduledEvent 1078 ==================== Memory info =========================== Percentage of memory in use: 27%Total physical RAM: 6028.85 MBAvailable physical RAM: 4343.88 MBTotal Pagefile: 7052.85 MBAvailable Pagefile: 5268.48 MBTotal Virtual: 131072 MBAvailable Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:916.92 GB) (Free:816.02 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive d: (Recovery Image) (Fixed) (Total:12.77 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from reading drive)]Drive f: (TRISELECT 1) (Fixed) (Total:31.98 GB) (Free:1.41 GB) FAT32Drive g: (TRISELECT 2) (Fixed) (Total:31.98 GB) (Free:0.45 GB) FAT32Drive h: (TRISELECT 3) (Fixed) (Total:31.98 GB) (Free:29.6 GB) FAT32Drive i: (TRISELECT 4) (Fixed) (Total:31.98 GB) (Free:30.35 GB) FAT32Drive j: (TRISELECT 5) (Fixed) (Total:21.05 GB) (Free:7.6 GB) FAT32Drive m: () (Removable) (Total:7.39 GB) (Free:5.65 GB) FAT32 ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 932 GB) (Disk ID: 50B55FF3) Partition: GPT Partition Type. ========================================================Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: E6E82B94)Partition 1: (Not Active) - (Size=32 GB) - (Type=0C)Partition 2: (Not Active) - (Size=32 GB) - (Type=0C)Partition 3: (Not Active) - (Size=32 GB) - (Type=0C)Partition 4: (Not Active) - (Size=53 GB) - (Type=OF Extended) ========================================================Disk: 2 (Size: 7 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================
  3. scotmahn
    Proxy server settings have been self activating in Windows 8. Here is a copy of my Malwarebytes log Malwarebytes Anti-Malwarewww.malwarebytes.org Scan Date: 7/16/2014Scan Time: 9:35:42 AMLogfile: Administrator: Yes Version: 2.00.2.1012Malware Database: v2014.07.16.04Rootkit Database: v2014.07.14.01License: FreeMalware Protection: DisabledMalicious Website Protection: DisabledSelf-protection: Disabled OS: Windows 8.1CPU: x64File System: NTFSUser: Scott Scan Type: Threat ScanResult: CompletedObjects Scanned: 398064Time Elapsed: 24 min, 22 sec Memory: EnabledStartup: EnabledFilesystem: EnabledArchives: EnabledRootkits: DisabledHeuristics: EnabledPUP: EnabledPUM: Enabled Processes: 1PUP.Optional.RocketTab.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, 6036, , [22124c54f88381b55aa54108837d26da] Modules: 0(No malicious items detected) Registry Keys: 17PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browsersafeguard, , [1e16821e9fdc33038d62f0101fe57d83], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [fb39dac6106bd95d460f01e62bd747b9], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [da5a613f205bc96d4c26e4dc9d65966a], PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [e54fb4ecd2a9d660b3db4ac6a65e1be5], PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, , [ce66643c96e5b1854fa2b84852b21ae6], PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [e84caaf65b20c670a8adf8ef23dff60a], PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD, , [8da7f2ae55261224672923ed9e664db3], PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowsersafeguardInstalled, , [c56f1987cfac3df9bf9605bcc1417a86], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [250f1a86c1ba55e14f05e502986a2ad6], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [dd57633db6c54beb9444f0f4a65c38c8], PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [d95bbce4ccaf2f075487e218e91a3ec2], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [64d0f4ac5a21a0961d56d9e728dab050], Registry Values: 7PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserSafeguard, "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe", , [22124c54f88381b55aa54108837d26da]PUP.Optional.NextLive.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Scott\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [062e7030ff7c122410fcd686c041b24e]PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [da5a613f205bc96d4c26e4dc9d65966a]PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, downloadinfo|1_di_pi_g_s_us_win8pt1_ch_0_0000-0001, , [ce66643c96e5b1854fa2b84852b21ae6]PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD|DisplayName, hlnfd, , [8da7f2ae55261224672923ed9e664db3]PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, , [d95bbce4ccaf2f075487e218e91a3ec2]PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [64d0f4ac5a21a0961d56d9e728dab050] Registry Data: 4PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, "http://www.youtube.com/watch?v=oT5HHEef4Qs&feature=player_detailpage#t=23s", "http://www.google.com/", "http://search.iminent.com/?appId=151E8644-A051-4000-B08E-F9273E7BF3C9", "http://isearch.fantastigames.com/465", "http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuzzzzyDtC0F0ByC0A0C0DtB0E0C0Ezz0EtN0D0Tzu0SyByEyBtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=954820702&ir=", "http://wnyw-ipc/" ],), ,[e252a8f81863e45215e0b31fbc48ee12] Physical Sectors: 0(No malicious items detected) (end)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.