Jump to content

Proxy Server Hijack


Recommended Posts

Proxy server settings have been self activating in Windows 8.  Here is a copy of my Malwarebytes log

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/16/2014
Scan Time: 9:35:42 AM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.16.04
Rootkit Database: v2014.07.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Scott
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 398064
Time Elapsed: 24 min, 22 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 1
PUP.Optional.RocketTab.A, C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe, 6036, , [22124c54f88381b55aa54108837d26da]
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 17
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, , [7fb5b1efc0bb7abce662c9c43fc34bb5], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, , [dd572a76fb8079bd7b7de172e022bc44], 
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Browsersafeguard, , [1e16821e9fdc33038d62f0101fe57d83], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [fb39dac6106bd95d460f01e62bd747b9], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [da5a613f205bc96d4c26e4dc9d65966a], 
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [e54fb4ecd2a9d660b3db4ac6a65e1be5], 
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, , [ce66643c96e5b1854fa2b84852b21ae6], 
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [e84caaf65b20c670a8adf8ef23dff60a], 
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD, , [8da7f2ae55261224672923ed9e664db3], 
PUP.Optional.BrowserSafeGuard.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BrowsersafeguardInstalled, , [c56f1987cfac3df9bf9605bcc1417a86], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pflphaooapbgpeakohlggbpidpppgdff, , [250f1a86c1ba55e14f05e502986a2ad6], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [dd57633db6c54beb9444f0f4a65c38c8], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [d95bbce4ccaf2f075487e218e91a3ec2], 
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [64d0f4ac5a21a0961d56d9e728dab050], 
 
Registry Values: 7
PUP.Optional.RocketTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserSafeguard, "C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe", , [22124c54f88381b55aa54108837d26da]
PUP.Optional.NextLive.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\WINDOWS\SysWOW64\rundll32.exe "C:\Users\Scott\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, , [062e7030ff7c122410fcd686c041b24e]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [da5a613f205bc96d4c26e4dc9d65966a]
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, downloadinfo|1_di_pi_g_s_us_win8pt1_ch_0_0000-0001, , [ce66643c96e5b1854fa2b84852b21ae6]
PUP.Optional.Highlightly, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HLNFD|DisplayName, hlnfd, , [8da7f2ae55261224672923ed9e664db3]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, , [d95bbce4ccaf2f075487e218e91a3ec2]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1924653211-3760871588-2711583691-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [64d0f4ac5a21a0961d56d9e728dab050]
 
Registry Data: 4
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, "http://www.youtube.com/watch?v=oT5HHEef4Qs&feature=player_detailpage#t=23s", "http://www.google.com/", "http://search.iminent.com/?appId=151E8644-A051-4000-B08E-F9273E7BF3C9", "http://isearch.fantastigames.com/465", "http://start.mysearchdial.com/?f=1&a=dsites0101&cd=2XzuyEtN2Y1L1QzuzzzzyDtC0F0ByC0A0C0DtB0E0C0Ezz0EtN0D0Tzu0SyByEyBtN1L2XzutBtFtBtFtCyDtFtCyDzytBtN1L1CzutDzytDtCtG1T&cr=954820702&ir=", "http://wnyw-ipc/" ],), ,[e252a8f81863e45215e0b31fbc48ee12]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Here is my Farbar log

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01
Ran by Scott at 2014-07-16 10:11:30
Running from C:\Users\Scott\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Alcor Micro USB Card Reader Driver  (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver  (x32 Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP6000/LBP6018 (HKLM\...\Canon LBP6000/LBP6018) (Version:  - )
Classic Shell (HKLM\...\{98BB5224-BC5D-4028-9D20-536C1C263AA9}) (Version: 4.0.2 - IvoSoft)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3.5901 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3.5901 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.3.2509 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.3.2509 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.3724 - CyberLink Corp.)
Cyberlink PhotoDirector (x32 Version: 3.0.1.3724 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.3.2301 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.3.2301 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2524 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.3.2524 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.8.4930 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.8.4930 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKCU\...\HPConnectedMusic) (Version: 1.1 (build 96) hp - Meridian Audio Ltd)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 4.0.4100 - Hewlett-Packard) Hidden
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6263.4289 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6451.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1165.0612 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.6.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 24.6.0 (x86 en-US)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 6.2.9200.30153 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.6208 - CyberLink Corp.) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TI xHCI Filter Driver 1.0.0.4 (HKLM-x32\...\TI xHCI Filter Driver) (Version: 1.0.0.4 - Texas Instruments Inc.)
Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices  (03/07/2012 ) (HKLM\...\0B624A43DD66DBF5CF3EDFA9741A364E688062A4) (Version: 03/07/2012  - GoPro)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
 
==================== Restore Points  =========================
 
22-06-2014 04:51:53 Windows Update
29-06-2014 15:51:31 Scheduled Checkpoint
08-07-2014 12:23:03 Scheduled Checkpoint
11-07-2014 13:56:36 Windows Update
16-07-2014 13:26:37 JULY 16
 
==================== Hosts content: ==========================
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {042480EE-E379-4B15-BA99-F843EF79A5D8} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1924653211-3760871588-2711583691-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1431982F-DF89-417C-928B-DF70A074A7F8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001Core => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C28A69A-6727-4BF1-BD81-05E712A9C89C} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3C2FC446-C800-4778-9CD0-6BCA8D380D9A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5DC05C97-A234-465A-915D-C7DBFDD3217A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {62151ECA-2056-4546-A45E-B29AC42B64CF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AFC9E4C-3A5D-4E30-8429-CAB32CCEFB0E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {739E936B-E7E2-456A-B481-DF1D63D85561} - System32\Tasks\Digital Sites => C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75B30FA0-F4D7-4E07-956D-C08360ECE23C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: {770C1B7A-A09F-4D26-BA88-88339C2223F0} - System32\Tasks\HPCeeScheduleForScott => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {990F7F77-69FD-4C9C-A038-ABFD56B0442D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {9A7A7153-E8A9-40B5-AFEB-F7EAB9C49F6E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {9E9FFC10-C0D1-48AC-BCFE-97E7C5506B2C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9FC2FE89-04D0-4054-B805-F6CDF1C2EEA4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001UA => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A3785CF4-A25A-43F3-941C-8DDFBD7126A2} - \BrowserSafeguard Update Task No Task File <==== ATTENTION
Task: {ACE35EE8-6012-465B-B4A9-95F1BB05CFBE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C90BD418-1B44-4309-9788-AD268DDCE7DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-13] (Microsoft Corporation)
Task: {CF42F747-E346-437E-95E6-CEAB36AE3FDD} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-11-01] (CyberLink Corp.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {D9093BDF-C5B1-455D-89C1-0500C28F6F26} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E3F45DC3-D79F-4FD2-80B1-B64A044F9740} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-11-01] (CyberLink)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EFF2BE2E-B11D-4C59-9223-C0825F08ED5F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {FA7E99E6-5337-4C8D-A20A-50A66B36FF93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-07] (Google Inc.)
Task: {FF489CB8-1BF9-421A-829E-659D31C48CE9} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: C:\WINDOWS\Tasks\Digital Sites.job => C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001Core.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1924653211-3760871588-2711583691-1001UA.job => C:\Users\Scott\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForScott.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-21 12:52 - 2013-10-21 12:52 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-04 11:22 - 2014-03-07 16:39 - 03168576 _____ () C:\Users\Scott\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
2014-04-12 07:49 - 2009-10-23 12:31 - 00038912 _____ () C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-06 17:24 - 2012-06-07 23:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-06-10 21:28 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-10 21:28 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00098816 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32api.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00110080 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pywintypes27.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00364544 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pythoncom27.dll
2014-07-16 10:06 - 2014-07-16 10:06 - 00045568 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_socket.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 01160704 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_ssl.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00320512 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32com.shell.shell.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00713216 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_hashlib.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 01175040 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._core_.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00805888 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._gdi_.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00811008 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._windows_.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 01062400 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._controls_.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00735232 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._misc_.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00128512 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_elementtree.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00127488 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pyexpat.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00557056 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\pysqlite2._sqlite.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00007168 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\hashobjs_ext.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00087552 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_ctypes.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00119808 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32file.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00108544 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32security.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00018432 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32event.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00038912 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32inet.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00070656 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._html2.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00167936 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32gui.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00011264 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32crypt.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00027136 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\_multiprocessing.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00122368 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._wizard.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00010240 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\select.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00024064 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32pipe.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00686080 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\unicodedata.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00025600 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32pdh.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00525640 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\windows._lib_cacheinvalidation.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00035840 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32process.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00017408 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32profile.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00022528 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\win32ts.pyd
2014-07-16 10:06 - 2014-07-16 10:06 - 00078336 _____ () C:\Users\Scott\AppData\Local\Temp\_MEI43643\wx._animate.pyd
2014-06-10 21:28 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-10 21:28 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-10 21:28 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2013-09-06 17:19 - 2012-07-18 04:50 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\Temp:054203E4
AlternateDataStreams: C:\Users\Scott\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: Unknown USB Device (Device Descriptor Request Failed)
Description: Unknown USB Device (Device Descriptor Request Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/16/2014 10:06:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x10a4
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/16/2014 09:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x256c
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/15/2014 08:26:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x1de4
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/14/2014 08:22:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x10e8
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/14/2014 04:52:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x17cc
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/13/2014 09:58:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OFFICE)
Description: Activation of app AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (07/13/2014 09:58:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: OFFICE)
Description: App AccuWeather.AccuWeatherforWindows8_3.2.0.7_x64__8zz2pj9h1h1d8+App did not launch within its allotted time.
 
Error: (07/13/2014 09:50:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyDrive.exe, version: 17.3.1165.612, time stamp: 0x539a47b7
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17055, time stamp: 0x532943a3
Exception code: 0x80000003
Fault offset: 0x000b3425
Faulting process id: 0x2138
Faulting application start time: 0xSkyDrive.exe0
Faulting application path: SkyDrive.exe1
Faulting module path: SkyDrive.exe2
Report Id: SkyDrive.exe3
Faulting package full name: SkyDrive.exe4
Faulting package-relative application ID: SkyDrive.exe5
 
Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078
 
Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078
 
 
System errors:
=============
Error: (07/16/2014 10:04:43 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (07/16/2014 09:25:26 AM) (Source: Virtual Disk Service) (EventID: 9) (User: )
Description: Unexpected provider failure. Restarting the service may fix the problem. Error code: 8007001F@02000014
 
Error: (07/16/2014 04:16:01 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/15/2014 08:48:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/15/2014 05:24:59 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/14/2014 07:43:00 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/14/2014 06:53:14 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/14/2014 01:53:36 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/14/2014 08:44:23 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (07/14/2014 05:18:36 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
 
Microsoft Office Sessions:
=========================
Error: (07/16/2014 10:06:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342510a401cfa0ff29dfa4b7C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll6e03d237-0cf2-11e4-be91-8851fb6acd2e
 
Error: (07/16/2014 09:09:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b3425256c01cfa0f72a470a20C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll68be45aa-0cea-11e4-be90-8851fb6acd2e
 
Error: (07/15/2014 08:26:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b34251de401cfa028050ee705C:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll4377f224-0c1b-11e4-be90-8851fb6acd2e
 
Error: (07/14/2014 08:22:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342510e801cf9f5e4e9a94dfC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll8cf661af-0b51-11e4-be90-8851fb6acd2e
 
Error: (07/14/2014 04:52:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b342517cc01cf9f40ed1223bfC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll2b0458a1-0b34-11e4-be90-8851fb6acd2e
 
Error: (07/13/2014 09:58:17 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: OFFICE)
Description: AccuWeather.AccuWeatherforWindows8_8zz2pj9h1h1d8!App-2144927142
 
Error: (07/13/2014 09:58:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: OFFICE)
Description: AccuWeather.AccuWeatherforWindows8_3.2.0.7_x64__8zz2pj9h1h1d8+App
 
Error: (07/13/2014 09:50:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyDrive.exe17.3.1165.612539a47b7KERNELBASE.dll6.3.9600.17055532943a380000003000b3425213801cf9ea173789a0cC:\Users\Scott\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dllb1879558-0a94-11e4-be8f-8851fb6acd2e
 
Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1078
 
Error: (07/13/2014 04:03:42 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1078
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 27%
Total physical RAM: 6028.85 MB
Available physical RAM: 4343.88 MB
Total Pagefile: 7052.85 MB
Available Pagefile: 5268.48 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:916.92 GB) (Free:816.02 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:12.77 GB) (Free:1.52 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive f: (TRISELECT 1) (Fixed) (Total:31.98 GB) (Free:1.41 GB) FAT32
Drive g: (TRISELECT 2) (Fixed) (Total:31.98 GB) (Free:0.45 GB) FAT32
Drive h: (TRISELECT 3) (Fixed) (Total:31.98 GB) (Free:29.6 GB) FAT32
Drive i: (TRISELECT 4) (Fixed) (Total:31.98 GB) (Free:30.35 GB) FAT32
Drive j: (TRISELECT 5) (Fixed) (Total:21.05 GB) (Free:7.6 GB) FAT32
Drive m: () (Removable) (Total:7.39 GB) (Free:5.65 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 50B55FF3)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: E6E82B94)
Partition 1: (Not Active) - (Size=32 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=32 GB) - (Type=0C)
Partition 3: (Not Active) - (Size=32 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=53 GB) - (Type=OF Extended)
 
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

My Rogue Killer report--thanks for your help

 

RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software
 
Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Scott [Admin rights]
Mode : Scan -- Date : 07/16/2014  10:21:05
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 10 ¤¤¤
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-1924653211-3760871588-2711583691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57654;https=127.0.0.1:57654  -> FOUND
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-1924653211-3760871588-2711583691-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : http=127.0.0.1:57654;https=127.0.0.1:57654  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 71.250.0.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 71.250.0.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7DE690DE-29E8-4CFC-9BB2-BF4205946930} | DhcpNameServer : 192.168.1.1 71.250.0.12  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7DE690DE-29E8-4CFC-9BB2-BF4205946930} | DhcpNameServer : 192.168.1.1 71.250.0.12  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
 
¤¤¤ Scheduled tasks : 2 ¤¤¤
[suspicious.Path] Digital Sites.job -- C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND
[suspicious.Path] \\Digital Sites -- C:\Users\Scott\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE (/Check) -> FOUND
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ HOSTS File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 3d60d2a307c8700eb8fc564419751f7e
[bSP] 19e86e7defcdc241926c093ab1e64605 : Empty MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 953869 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: WDC WD16 00BB-22GUA0 USB Device +++++
--- User ---
[MBR] 8807ae481c80e0a29704abeec2777993
[bSP] fc2eb5c1518e8bc2a2e68077323fde92 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 63 | Size: 32765 MB
1 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 67103505 | Size: 32765 MB
2 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 134207010 | Size: 32765 MB
3 - [XXXXXX] EXTEN-LBA (0xf) [VISIBLE] Offset (sectors): 201310515 | Size: 54329 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive2: SDHC Card +++++
--- User ---
[MBR] 354d0d0946118c9914c5aca65542fc98
[bSP] df4f83c1f72e36823a12b0dfc7617313 : Empty MBR Code
Partition table:
0 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 8192 | Size: 7576 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 
+++++ PhysicalDrive3: EPSON USB Mass Storage USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
Link to post
Share on other sites

  • 1 month later...
  • 1 month later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.