Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't turn Laptop off. - Win auto restarts on shutdown


  • This topic is locked This topic is locked
60 replies to this topic

#1 Skydie

Skydie

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 09 February 2014 - 12:27 PM

Laptop Model : Asus N550JV

OS: Win 8.1

Previously I shut down my laptop, win button + x -> shutdown, the laptop turns off and then reboots itself. I've had no choice but to turn it off cold. I've also turned off 'fast boot' and changed the power settings so that shutdown means shutdown - not sleep. I've even reset the UEFI to default settings. I've stopped letting anything be able to wake the Laptop; wake-on-Lane disabled, magic packet disabled, packet match disabled and still the problem persists.The one thing I haven't done is set fast boot off on UEFI. As a result it seems I may be infected.

 

Previous thread in Win 8 forums:

http://www.bleepingcomputer.com/forums/t/523088/cant-turn-laptop-off-win-auto-restarts-on-shutdown/#entry3281597

 

Am I infected? : http://www.bleepingcomputer.com/forums/t/523424/cant-turn-laptop-off-win-auto-restarts-on-shutdown/#entry3281600

 

Sorry couldn't post a DDS log - won't run on Win 8.1 

 

MBAM log: 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.02.07.04
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16476
Haroon :: HAROONPC [administrator]
 
07/02/2014 12:33:43
mbam-log-2014-02-07 (12-33-43).txt
 
Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 356604
Time elapsed: 1 hour(s), 16 minute(s), 33 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 


BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:38 AM

Posted 14 February 2014 - 12:30 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/523757 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 15 February 2014 - 08:11 AM

I still am unable to fully turn off my Laptop without holding down the power button. Again unable to post a DDS log. 


Edited by Skydie, 15 February 2014 - 08:11 AM.


#4 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 16 February 2014 - 07:03 PM

Sorry couldn't edit this in: I don't have a Windows CD/DVD (the laptop didn't come with one). Win 8.1 64 Bit.


Edited by Skydie, 16 February 2014 - 10:14 PM.


#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 17 February 2014 - 04:17 PM

Greetings Skydie and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. I am not sure if this is a malware issue but we will take a look.

Please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 17 February 2014 - 07:51 PM

Hi Gary, my name is Haroon. Thanks for your reply. 

 

The logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Haroon (administrator) on HAROONPC on 18-02-2014 00:48:13
Running from C:\Users\Haroon\Downloads
Windows 8.1 (X64) OS Language: English(UK)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer INC.) C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\POWERPNT.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Nvtmru] - "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1179576 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1361112 2013-11-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-01-15] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe [222504 2013-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [ASUS InstantKey] - C:\Program Files (x86)\ASUS\ASUS Instant Key\Ikey_start.exe [13936 2013-08-27] (ASUS)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Qualcomm®Atheros®))
AppInit_DLLs: C:\Windows\system32\nvinitx.dll,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 77.244.128.44 77.244.128.45
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.co.uk
CHR Extension: (Google Docs) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-31]
CHR Extension: (Google Drive) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-31]
CHR Extension: (YouTube) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-31]
CHR Extension: (Google Search) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-31]
CHR Extension: (SiteAdvisor) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-12-31]
CHR Extension: (AdBlock) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-26]
CHR Extension: (Google Wallet) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-31]
CHR Extension: (Gmail) - C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-31]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-02-04]
 
==================== Services (Whitelisted) =================
 
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-08-29] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows ® Win 7 DDK provider)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [247768 2013-01-15] (CyberLink)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-06-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-06-23] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [123384 2014-01-22] (McAfee, Inc.)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [70416 2013-09-23] (ASUS Corporation)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-01] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2013-08-29] (Windows ® Win 7 DDK provider)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-01] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 kbfiltr; \SystemRoot\System32\drivers\kbfiltr.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-18 00:48 - 2014-02-18 00:48 - 00017549 _____ () C:\Users\Haroon\Downloads\FRST.txt
2014-02-18 00:48 - 2014-02-18 00:48 - 00000000 ____D () C:\FRST
2014-02-18 00:46 - 2014-02-18 00:46 - 02152448 _____ (Farbar) C:\Users\Haroon\Downloads\FRST64.exe
2014-02-16 23:45 - 2014-02-16 23:46 - 39401336 _____ (Apple Inc.) C:\Users\Haroon\Downloads\QuickTimeInstaller.exe
2014-02-14 11:31 - 2014-02-14 11:31 - 01142752 _____ () C:\WINDOWS\Minidump\021414-24859-01.dmp
2014-02-13 20:05 - 2014-02-06 11:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 20:05 - 2014-02-06 11:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 20:05 - 2014-02-06 11:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 20:05 - 2014-02-06 11:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 20:05 - 2014-02-06 10:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 20:05 - 2014-02-06 10:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 20:05 - 2014-02-06 09:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 20:05 - 2014-02-06 09:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 20:05 - 2014-02-06 09:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 20:05 - 2014-02-06 08:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 20:05 - 2014-01-07 05:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 20:05 - 2014-01-07 04:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 20:05 - 2013-12-09 00:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 20:05 - 2013-12-09 00:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 20:05 - 2013-12-08 23:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 20:05 - 2013-12-08 23:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 20:05 - 2013-11-21 06:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 20:05 - 2013-11-21 05:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 20:04 - 2014-02-06 12:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 20:04 - 2014-02-06 11:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 20:04 - 2014-02-06 10:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 20:04 - 2014-02-06 10:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 20:04 - 2014-02-06 10:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 20:04 - 2014-02-06 10:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 20:04 - 2014-02-06 10:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 20:04 - 2014-02-06 10:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 20:04 - 2014-02-06 10:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 20:04 - 2014-02-06 10:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 20:04 - 2014-02-06 10:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 20:04 - 2014-02-06 10:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 20:04 - 2014-02-06 09:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 20:04 - 2014-02-06 09:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 20:04 - 2014-02-06 09:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 20:04 - 2014-02-06 09:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 20:04 - 2014-02-06 09:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 20:04 - 2014-02-06 09:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 20:04 - 2014-02-06 09:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 20:04 - 2014-02-06 09:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 20:04 - 2014-02-06 09:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 20:04 - 2014-02-06 09:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 20:04 - 2014-02-06 09:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 20:04 - 2014-02-06 08:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 20:04 - 2014-02-06 08:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 20:04 - 2014-02-06 08:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 20:04 - 2014-02-06 08:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 20:04 - 2014-01-09 08:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 20:04 - 2014-01-09 07:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 20:04 - 2014-01-09 07:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 20:04 - 2014-01-09 07:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 20:04 - 2014-01-09 07:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 20:04 - 2014-01-09 07:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 20:04 - 2014-01-09 07:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 20:04 - 2014-01-09 07:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 20:04 - 2014-01-09 07:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 20:04 - 2014-01-09 07:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 20:04 - 2014-01-07 07:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 20:04 - 2014-01-07 05:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 20:04 - 2014-01-04 20:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 20:04 - 2014-01-04 19:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 20:04 - 2014-01-04 14:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 20:04 - 2014-01-04 14:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 20:04 - 2014-01-04 13:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 20:04 - 2014-01-04 13:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 20:04 - 2014-01-04 13:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 20:04 - 2014-01-04 13:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 20:04 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 20:04 - 2013-12-21 02:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 20:04 - 2013-12-20 10:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 20:04 - 2013-12-20 06:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-13 20:04 - 2013-12-09 02:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 20:04 - 2013-12-09 01:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 02:55 - 2014-02-13 02:55 - 01422848 _____ () C:\Users\Haroon\Downloads\ABO.ppt
2014-02-13 02:55 - 2014-02-13 02:55 - 00208384 _____ () C:\Users\Haroon\Downloads\Blood Groups.ppt
2014-02-12 04:50 - 2014-02-12 04:50 - 01115960 _____ () C:\WINDOWS\Minidump\021214-15484-01.dmp
2014-02-08 22:50 - 2014-02-08 22:50 - 01141824 _____ () C:\WINDOWS\Minidump\020814-15156-01.dmp
2014-02-08 00:39 - 2014-02-08 00:39 - 01141976 _____ () C:\WINDOWS\Minidump\020814-14906-01.dmp
2014-02-07 12:28 - 2014-02-07 12:28 - 00688992 _____ (Swearware) C:\Users\Haroon\Downloads\dds.com
2014-02-06 23:20 - 2014-02-06 23:20 - 00001615 _____ () C:\Users\Haroon\Documents\bmguz.txt
2014-02-06 20:30 - 2014-02-06 20:33 - 144492296 _____ (Intel Corporation) C:\Users\Haroon\Downloads\Win64_15338.exe
2014-02-06 20:21 - 2014-02-06 20:21 - 00000000 ____D () C:\Users\Haroon\SystemRequirementsLab
2014-02-06 20:21 - 2014-02-06 20:21 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-06 00:28 - 2014-02-06 00:28 - 01138136 _____ () C:\WINDOWS\Minidump\020614-14593-01.dmp
2014-02-05 22:31 - 2014-02-05 22:31 - 01140456 _____ () C:\WINDOWS\Minidump\020514-47281-01.dmp
2014-02-05 19:24 - 2013-12-09 00:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-05 19:24 - 2013-12-09 00:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-05 19:24 - 2013-11-27 15:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-05 19:24 - 2013-11-27 15:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-05 19:24 - 2013-11-27 14:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-05 19:24 - 2013-11-27 13:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-05 19:24 - 2013-11-27 12:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-05 19:24 - 2013-11-27 10:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-05 19:24 - 2013-11-27 10:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-05 19:24 - 2013-11-27 10:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-05 19:24 - 2013-11-27 09:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-05 19:24 - 2013-11-27 09:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-05 19:24 - 2013-11-27 09:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-05 19:24 - 2013-11-27 09:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-05 19:24 - 2013-11-27 08:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-05 19:24 - 2013-11-27 08:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-05 19:24 - 2013-11-27 04:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-05 19:24 - 2013-11-26 13:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-05 19:24 - 2013-11-26 13:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-05 19:24 - 2013-11-26 13:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-05 19:24 - 2013-11-26 13:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-05 19:24 - 2013-11-26 11:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-05 19:24 - 2013-11-26 11:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-05 19:24 - 2013-11-26 11:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-05 19:24 - 2013-11-26 10:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-05 19:24 - 2013-11-26 09:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-05 19:24 - 2013-11-26 08:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-05 19:24 - 2013-11-25 01:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-05 19:24 - 2013-11-25 01:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-05 19:24 - 2013-11-24 23:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-05 19:24 - 2013-11-24 23:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-05 19:24 - 2013-11-23 12:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-05 19:24 - 2013-11-23 11:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-05 19:24 - 2013-11-23 08:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-05 19:24 - 2013-11-23 07:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-05 19:24 - 2013-11-23 07:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-05 19:24 - 2013-11-23 07:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-05 19:24 - 2013-11-23 04:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-05 19:24 - 2013-11-23 03:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-05 19:24 - 2013-11-23 03:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-05 19:24 - 2013-11-23 03:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-05 19:24 - 2013-11-23 03:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-05 19:24 - 2013-11-23 03:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-05 19:24 - 2013-11-23 03:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-05 19:24 - 2013-11-21 06:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-05 19:24 - 2013-11-21 06:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-05 19:24 - 2013-11-16 05:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-05 19:24 - 2013-11-15 18:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-05 19:24 - 2013-11-15 14:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-05 19:24 - 2013-11-15 14:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-05 19:24 - 2013-11-15 14:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-05 19:24 - 2013-11-15 13:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-05 19:24 - 2013-11-05 20:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-05 19:24 - 2013-10-31 00:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-05 19:24 - 2013-10-30 23:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-05 02:13 - 2014-02-05 02:13 - 01135064 _____ () C:\WINDOWS\Minidump\020514-13781-01.dmp
2014-02-05 00:58 - 2014-02-05 00:58 - 01135280 _____ () C:\WINDOWS\Minidump\020514-13390-01.dmp
2014-02-05 00:49 - 2014-02-05 00:52 - 00001564 _____ () C:\Users\Haroon\Desktop\Shutdown.lnk
2014-02-05 00:46 - 2014-02-05 00:46 - 01068696 _____ () C:\WINDOWS\Minidump\020514-14187-01.dmp
2014-02-05 00:33 - 2014-02-05 00:33 - 01051136 _____ () C:\Users\Haroon\Downloads\MicrosoftFixit55017.msi
2014-02-05 00:18 - 2014-02-05 00:18 - 01138168 _____ () C:\WINDOWS\Minidump\020514-13281-01.dmp
2014-02-04 23:02 - 2014-02-04 23:02 - 01112912 _____ () C:\WINDOWS\Minidump\020414-13781-01.dmp
2014-02-04 15:39 - 2014-02-04 15:40 - 01193808 _____ () C:\WINDOWS\Minidump\020414-14000-01.dmp
2014-02-03 13:26 - 2014-02-03 13:26 - 01115728 _____ () C:\WINDOWS\Minidump\020314-14031-01.dmp
2014-02-02 19:46 - 2014-02-02 19:46 - 01171696 _____ () C:\WINDOWS\Minidump\020214-14250-01.dmp
2014-02-02 14:20 - 2014-02-02 14:20 - 01164384 _____ () C:\WINDOWS\Minidump\020214-15218-01.dmp
2014-02-02 14:09 - 2014-02-02 14:09 - 00000042 _____ () C:\Users\Haroon\Documents\ibbi.txt
2014-02-02 14:07 - 2014-01-19 07:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-02-02 13:46 - 2014-02-02 13:46 - 01134144 _____ () C:\WINDOWS\Minidump\020214-13796-01.dmp
2014-02-02 02:20 - 2014-02-02 02:20 - 01107880 _____ () C:\WINDOWS\Minidump\020214-14640-01.dmp
2014-02-02 02:13 - 2014-02-02 02:13 - 01131776 _____ () C:\WINDOWS\Minidump\020214-14203-01.dmp
2014-02-02 02:05 - 2014-02-02 02:05 - 01108880 _____ () C:\WINDOWS\Minidump\020214-15453-01.dmp
2014-02-02 01:50 - 2014-02-02 01:50 - 01115848 _____ () C:\WINDOWS\Minidump\020214-14968-01.dmp
2014-02-02 01:33 - 2014-02-02 01:33 - 00001123 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\Users\Haroon\AppData\Roaming\Malwarebytes
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 01:33 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-02 01:29 - 2014-02-02 01:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Haroon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-31 20:14 - 2014-01-31 20:15 - 01160216 _____ () C:\WINDOWS\Minidump\013114-13906-01.dmp
2014-01-31 20:06 - 2014-01-31 20:06 - 01110960 _____ () C:\WINDOWS\Minidump\013114-15000-01.dmp
2014-01-31 19:24 - 2014-01-31 19:24 - 01136368 _____ () C:\WINDOWS\Minidump\013114-14656-01.dmp
2014-01-31 17:44 - 2014-01-31 17:44 - 01163424 _____ () C:\WINDOWS\Minidump\013114-14359-01.dmp
2014-01-31 13:03 - 2014-01-31 13:03 - 01110336 _____ () C:\WINDOWS\Minidump\013114-15187-01.dmp
2014-01-31 12:14 - 2014-01-31 12:14 - 01159224 _____ () C:\WINDOWS\Minidump\013114-17156-01.dmp
2014-01-31 02:31 - 2014-01-31 02:31 - 01134408 _____ () C:\WINDOWS\Minidump\013114-15093-01.dmp
2014-01-31 02:22 - 2014-01-31 02:23 - 01109808 _____ () C:\WINDOWS\Minidump\013114-14984-01.dmp
2014-01-31 02:12 - 2014-01-31 02:12 - 01115792 _____ () C:\WINDOWS\Minidump\013114-14546-01.dmp
2014-01-30 15:41 - 2014-01-30 15:41 - 01131608 _____ () C:\WINDOWS\Minidump\013014-17812-01.dmp
2014-01-30 13:09 - 2014-01-30 13:09 - 00000000 _____ () C:\WINDOWS\Minidump\013014-19296-01.dmp
2014-01-30 11:09 - 2014-01-30 11:09 - 01165256 _____ () C:\WINDOWS\Minidump\013014-19828-01.dmp
2014-01-29 18:33 - 2014-01-29 18:33 - 01134320 _____ () C:\WINDOWS\Minidump\012914-17671-01.dmp
2014-01-29 09:37 - 2014-01-29 09:37 - 01165408 _____ () C:\WINDOWS\Minidump\012914-18109-01.dmp
2014-01-28 17:43 - 2014-01-28 17:43 - 01138784 _____ () C:\WINDOWS\Minidump\012814-17875-01.dmp
2014-01-28 11:26 - 2014-01-28 11:26 - 01138912 _____ () C:\WINDOWS\Minidump\012814-18609-01.dmp
2014-01-27 18:29 - 2014-01-27 18:29 - 01159320 _____ () C:\WINDOWS\Minidump\012714-18171-01.dmp
2014-01-27 12:00 - 2014-01-27 12:00 - 00000139 _____ () C:\Users\Haroon\Downloads\heysel_comm.ram
2014-01-27 11:30 - 2014-01-27 11:30 - 00052809 _____ () C:\Users\Haroon\Downloads\2013-07-17-drama-between-quid-and-prince.html
2014-01-27 11:30 - 2014-01-27 11:30 - 00027633 _____ () C:\Users\Haroon\Downloads\2013-07-25-quidditch-savior-and-boss-bming-korando.html
2014-01-27 11:30 - 2014-01-27 11:30 - 00013120 _____ () C:\Users\Haroon\Downloads\2013-07-26-ufam-elvin.html
2014-01-27 11:13 - 2014-01-27 11:13 - 01158144 _____ () C:\WINDOWS\Minidump\012714-17656-01.dmp
2014-01-27 09:21 - 2014-01-27 09:21 - 01160568 _____ () C:\WINDOWS\Minidump\012714-17078-01.dmp
2014-01-26 19:18 - 2014-01-26 19:18 - 01166048 _____ () C:\WINDOWS\Minidump\012614-25296-01.dmp
2014-01-25 22:25 - 2014-01-25 22:25 - 00003172 _____ () C:\WINDOWS\System32\Tasks\{2DA1915A-8CDE-4347-BF42-ECEDD2F1A12F}
2014-01-25 20:50 - 2014-02-16 19:46 - 00000000 ____D () C:\Users\Haroon\AppData\Roaming\Skype
2014-01-25 20:50 - 2014-01-25 20:50 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ____D () C:\Users\Haroon\AppData\Local\Skype
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 20:49 - 2014-01-25 20:49 - 35670176 _____ (Skype Technologies S.A.) C:\Users\Haroon\Downloads\SkypeSetupFull.exe
2014-01-25 17:56 - 2014-01-25 17:56 - 01132160 _____ () C:\WINDOWS\Minidump\012514-18140-01.dmp
2014-01-24 17:44 - 2014-01-24 17:44 - 01161520 _____ () C:\WINDOWS\Minidump\012414-18843-01.dmp
2014-01-24 15:28 - 2014-01-24 15:28 - 01160040 _____ () C:\WINDOWS\Minidump\012414-18359-01.dmp
2014-01-24 13:00 - 2014-01-24 13:00 - 01165760 _____ () C:\WINDOWS\Minidump\012414-29562-01.dmp
2014-01-23 22:58 - 2014-01-23 23:13 - 00000024 _____ () C:\Users\Haroon\random.dat
2014-01-23 22:58 - 2014-01-23 22:58 - 00000045 _____ () C:\Users\Haroon\jagex_cl_runescape_LIVE.dat
2014-01-23 22:58 - 2014-01-23 22:58 - 00000000 ____D () C:\Users\Haroon\jagexcache
2014-01-23 22:57 - 2014-01-23 22:57 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\ProgramData\Sun
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-23 22:56 - 2014-01-23 22:56 - 00921000 _____ (Oracle Corporation) C:\Users\Haroon\Downloads\chromeinstall-7u51.exe
2014-01-23 17:47 - 2013-12-27 18:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-23 17:47 - 2013-12-27 18:42 - 00033056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-23 17:41 - 2014-01-23 17:41 - 01138784 _____ () C:\WINDOWS\Minidump\012314-19406-01.dmp
2014-01-23 11:15 - 2014-01-23 11:15 - 01162864 _____ () C:\WINDOWS\Minidump\012314-25734-01.dmp
2014-01-22 20:29 - 2014-01-22 20:29 - 01133944 _____ () C:\WINDOWS\Minidump\012214-19875-01.dmp
2014-01-22 17:18 - 2014-01-22 17:18 - 00000000 _____ () C:\WINDOWS\Minidump\012214-16609-01.dmp
2014-01-22 11:12 - 2014-01-22 11:13 - 01138864 _____ () C:\WINDOWS\Minidump\012214-27515-01.dmp
2014-01-21 22:08 - 2014-01-21 22:08 - 00003188 _____ () C:\WINDOWS\System32\Tasks\{2BBFEB0F-6743-4524-BF66-7495557288E3}
2014-01-21 20:50 - 2014-01-21 20:50 - 00000000 ____D () C:\Users\Haroon\AppData\Local\Blizzard Entertainment
2014-01-21 19:37 - 2014-01-21 19:37 - 01132832 _____ () C:\WINDOWS\Minidump\012114-16781-01.dmp
 
==================== One Month Modified Files and Folders =======
 
2014-02-18 00:48 - 2014-02-18 00:48 - 00017549 _____ () C:\Users\Haroon\Downloads\FRST.txt
2014-02-18 00:48 - 2014-02-18 00:48 - 00000000 ____D () C:\FRST
2014-02-18 00:46 - 2014-02-18 00:46 - 02152448 _____ (Farbar) C:\Users\Haroon\Downloads\FRST64.exe
2014-02-18 00:46 - 2014-01-01 22:32 - 00003930 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9FD5CE31-66B9-4725-82CC-AB3301CBAC5D}
2014-02-18 00:42 - 2013-12-31 18:27 - 00000916 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-18 00:13 - 2014-01-01 15:48 - 01391124 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-18 00:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-17 15:04 - 2013-12-31 19:57 - 00004976 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for HaroonpC-Haroon HaroonpC
2014-02-17 14:33 - 2014-01-01 14:34 - 00000000 ____D () C:\Users\Haroon\AppData\Roaming\Mumble
2014-02-17 13:35 - 2013-12-31 20:32 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-17 13:34 - 2013-12-31 20:32 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-16 23:46 - 2014-02-16 23:45 - 39401336 _____ (Apple Inc.) C:\Users\Haroon\Downloads\QuickTimeInstaller.exe
2014-02-16 19:46 - 2014-01-25 20:50 - 00000000 ____D () C:\Users\Haroon\AppData\Roaming\Skype
2014-02-15 14:12 - 2013-12-31 18:27 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1698802669-18766098-3983175076-1002
2014-02-15 13:11 - 2013-12-31 18:27 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-15 13:10 - 2013-10-17 21:57 - 00003474 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update1
2014-02-15 13:10 - 2013-10-17 21:57 - 00003464 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update2
2014-02-15 13:09 - 2013-12-31 18:20 - 00000062 _____ () C:\Users\Haroon\AppData\Roaming\sp_data.sys
2014-02-15 00:27 - 2013-12-31 18:27 - 00000912 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 00:27 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-15 00:24 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-15 00:11 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-14 20:11 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-14 17:18 - 2014-01-14 16:41 - 00162304 ___SH () C:\Users\Haroon\Downloads\Thumbs.db
2014-02-14 11:52 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-14 11:31 - 2014-02-14 11:31 - 01142752 _____ () C:\WINDOWS\Minidump\021414-24859-01.dmp
2014-02-14 11:31 - 2014-01-01 16:21 - 00000000 ____D () C:\WINDOWS\Minidump
2014-02-14 11:30 - 2014-01-01 16:21 - 665800082 _____ () C:\WINDOWS\MEMORY.DMP
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-14 11:24 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 10:37 - 2013-12-31 18:27 - 00003888 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-13 10:37 - 2013-12-31 18:27 - 00003652 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 03:21 - 2013-12-31 18:19 - 00000000 ____D () C:\Users\Haroon\AppData\Local\Packages
2014-02-13 02:55 - 2014-02-13 02:55 - 01422848 _____ () C:\Users\Haroon\Downloads\ABO.ppt
2014-02-13 02:55 - 2014-02-13 02:55 - 00208384 _____ () C:\Users\Haroon\Downloads\Blood Groups.ppt
2014-02-12 04:50 - 2014-02-12 04:50 - 01115960 _____ () C:\WINDOWS\Minidump\021214-15484-01.dmp
2014-02-08 22:50 - 2014-02-08 22:50 - 01141824 _____ () C:\WINDOWS\Minidump\020814-15156-01.dmp
2014-02-08 00:39 - 2014-02-08 00:39 - 01141976 _____ () C:\WINDOWS\Minidump\020814-14906-01.dmp
2014-02-07 12:28 - 2014-02-07 12:28 - 00688992 _____ (Swearware) C:\Users\Haroon\Downloads\dds.com
2014-02-06 23:20 - 2014-02-06 23:20 - 00001615 _____ () C:\Users\Haroon\Documents\bmguz.txt
2014-02-06 20:33 - 2014-02-06 20:30 - 144492296 _____ (Intel Corporation) C:\Users\Haroon\Downloads\Win64_15338.exe
2014-02-06 20:21 - 2014-02-06 20:21 - 00000000 ____D () C:\Users\Haroon\SystemRequirementsLab
2014-02-06 20:21 - 2014-02-06 20:21 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-06 20:21 - 2014-01-01 15:52 - 00000000 ____D () C:\Users\Haroon
2014-02-06 12:16 - 2014-02-13 20:04 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 11:30 - 2014-02-13 20:05 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 11:30 - 2014-02-13 20:05 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 11:12 - 2014-02-13 20:05 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 11:07 - 2014-02-13 20:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 11:06 - 2014-02-13 20:05 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 20:04 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 10:56 - 2014-02-13 20:04 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 10:53 - 2013-11-14 12:45 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-06 10:49 - 2014-02-13 20:04 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 10:48 - 2014-02-13 20:04 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 10:48 - 2014-02-13 20:04 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 10:38 - 2014-02-13 20:05 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 10:32 - 2014-02-13 20:04 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 10:20 - 2014-02-13 20:04 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 10:17 - 2014-02-13 20:04 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 10:11 - 2014-02-13 20:04 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 10:01 - 2014-02-13 20:04 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 10:00 - 2014-02-13 20:05 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 09:57 - 2014-02-13 20:05 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 09:57 - 2014-02-13 20:04 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 09:52 - 2014-02-13 20:05 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 09:52 - 2014-02-13 20:04 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 09:50 - 2014-02-13 20:04 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 09:47 - 2014-02-13 20:04 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 09:46 - 2014-02-13 20:04 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 09:25 - 2014-02-13 20:04 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 09:25 - 2014-02-13 20:04 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 09:24 - 2014-02-13 20:04 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 09:22 - 2014-02-13 20:04 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 09:13 - 2014-02-13 20:05 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 09:09 - 2014-02-13 20:04 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 09:03 - 2014-02-13 20:04 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 08:55 - 2014-02-13 20:04 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 08:41 - 2014-02-13 20:04 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 08:40 - 2014-02-13 20:04 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 08:36 - 2014-02-13 20:05 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 08:34 - 2014-02-13 20:04 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-06 00:28 - 2014-02-06 00:28 - 01138136 _____ () C:\WINDOWS\Minidump\020614-14593-01.dmp
2014-02-05 22:32 - 2013-12-31 18:20 - 00000000 ___RD () C:\Users\Haroon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-05 22:32 - 2013-12-31 18:20 - 00000000 ___RD () C:\Users\Haroon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-05 22:31 - 2014-02-05 22:31 - 01140456 _____ () C:\WINDOWS\Minidump\020514-47281-01.dmp
2014-02-05 22:31 - 2013-08-22 14:44 - 00484248 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-05 22:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-05 22:24 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-05 02:13 - 2014-02-05 02:13 - 01135064 _____ () C:\WINDOWS\Minidump\020514-13781-01.dmp
2014-02-05 00:58 - 2014-02-05 00:58 - 01135280 _____ () C:\WINDOWS\Minidump\020514-13390-01.dmp
2014-02-05 00:52 - 2014-02-05 00:49 - 00001564 _____ () C:\Users\Haroon\Desktop\Shutdown.lnk
2014-02-05 00:46 - 2014-02-05 00:46 - 01068696 _____ () C:\WINDOWS\Minidump\020514-14187-01.dmp
2014-02-05 00:33 - 2014-02-05 00:33 - 01051136 _____ () C:\Users\Haroon\Downloads\MicrosoftFixit55017.msi
2014-02-05 00:18 - 2014-02-05 00:18 - 01138168 _____ () C:\WINDOWS\Minidump\020514-13281-01.dmp
2014-02-05 00:18 - 2013-11-14 04:34 - 00006528 _____ () C:\WINDOWS\PFRO.log
2014-02-05 00:18 - 2013-04-25 23:18 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-02-04 23:50 - 2013-04-25 23:18 - 00000000 ____D () C:\ProgramData\McAfee
2014-02-04 23:02 - 2014-02-04 23:02 - 01112912 _____ () C:\WINDOWS\Minidump\020414-13781-01.dmp
2014-02-04 15:40 - 2014-02-04 15:39 - 01193808 _____ () C:\WINDOWS\Minidump\020414-14000-01.dmp
2014-02-03 15:55 - 2013-12-31 18:54 - 00000000 ____D () C:\Users\Haroon\Documents\StarCraft II
2014-02-03 13:26 - 2014-02-03 13:26 - 01115728 _____ () C:\WINDOWS\Minidump\020314-14031-01.dmp
2014-02-02 19:46 - 2014-02-02 19:46 - 01171696 _____ () C:\WINDOWS\Minidump\020214-14250-01.dmp
2014-02-02 14:20 - 2014-02-02 14:20 - 01164384 _____ () C:\WINDOWS\Minidump\020214-15218-01.dmp
2014-02-02 14:09 - 2014-02-02 14:09 - 00000042 _____ () C:\Users\Haroon\Documents\ibbi.txt
2014-02-02 14:08 - 2012-07-26 08:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-02-02 14:06 - 2012-07-26 05:37 - 00000000 ____D () C:\Users\Default.migrated
2014-02-02 13:46 - 2014-02-02 13:46 - 01134144 _____ () C:\WINDOWS\Minidump\020214-13796-01.dmp
2014-02-02 02:20 - 2014-02-02 02:20 - 01107880 _____ () C:\WINDOWS\Minidump\020214-14640-01.dmp
2014-02-02 02:13 - 2014-02-02 02:13 - 01131776 _____ () C:\WINDOWS\Minidump\020214-14203-01.dmp
2014-02-02 02:05 - 2014-02-02 02:05 - 01108880 _____ () C:\WINDOWS\Minidump\020214-15453-01.dmp
2014-02-02 01:50 - 2014-02-02 01:50 - 01115848 _____ () C:\WINDOWS\Minidump\020214-14968-01.dmp
2014-02-02 01:33 - 2014-02-02 01:33 - 00001123 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\Users\Haroon\AppData\Roaming\Malwarebytes
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-02 01:33 - 2014-02-02 01:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-02-02 01:29 - 2014-02-02 01:29 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Haroon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-31 20:15 - 2014-01-31 20:14 - 01160216 _____ () C:\WINDOWS\Minidump\013114-13906-01.dmp
2014-01-31 20:06 - 2014-01-31 20:06 - 01110960 _____ () C:\WINDOWS\Minidump\013114-15000-01.dmp
2014-01-31 19:24 - 2014-01-31 19:24 - 01136368 _____ () C:\WINDOWS\Minidump\013114-14656-01.dmp
2014-01-31 17:44 - 2014-01-31 17:44 - 01163424 _____ () C:\WINDOWS\Minidump\013114-14359-01.dmp
2014-01-31 13:03 - 2014-01-31 13:03 - 01110336 _____ () C:\WINDOWS\Minidump\013114-15187-01.dmp
2014-01-31 12:14 - 2014-01-31 12:14 - 01159224 _____ () C:\WINDOWS\Minidump\013114-17156-01.dmp
2014-01-31 02:31 - 2014-01-31 02:31 - 01134408 _____ () C:\WINDOWS\Minidump\013114-15093-01.dmp
2014-01-31 02:23 - 2014-01-31 02:22 - 01109808 _____ () C:\WINDOWS\Minidump\013114-14984-01.dmp
2014-01-31 02:12 - 2014-01-31 02:12 - 01115792 _____ () C:\WINDOWS\Minidump\013114-14546-01.dmp
2014-01-30 20:47 - 2013-08-22 15:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 20:47 - 2013-08-22 15:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 15:41 - 2014-01-30 15:41 - 01131608 _____ () C:\WINDOWS\Minidump\013014-17812-01.dmp
2014-01-30 13:09 - 2014-01-30 13:09 - 00000000 _____ () C:\WINDOWS\Minidump\013014-19296-01.dmp
2014-01-30 11:09 - 2014-01-30 11:09 - 01165256 _____ () C:\WINDOWS\Minidump\013014-19828-01.dmp
2014-01-29 22:44 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-01-29 18:33 - 2014-01-29 18:33 - 01134320 _____ () C:\WINDOWS\Minidump\012914-17671-01.dmp
2014-01-29 09:37 - 2014-01-29 09:37 - 01165408 _____ () C:\WINDOWS\Minidump\012914-18109-01.dmp
2014-01-28 17:43 - 2014-01-28 17:43 - 01138784 _____ () C:\WINDOWS\Minidump\012814-17875-01.dmp
2014-01-28 11:26 - 2014-01-28 11:26 - 01138912 _____ () C:\WINDOWS\Minidump\012814-18609-01.dmp
2014-01-27 18:29 - 2014-01-27 18:29 - 01159320 _____ () C:\WINDOWS\Minidump\012714-18171-01.dmp
2014-01-27 12:00 - 2014-01-27 12:00 - 00000139 _____ () C:\Users\Haroon\Downloads\heysel_comm.ram
2014-01-27 11:30 - 2014-01-27 11:30 - 00052809 _____ () C:\Users\Haroon\Downloads\2013-07-17-drama-between-quid-and-prince.html
2014-01-27 11:30 - 2014-01-27 11:30 - 00027633 _____ () C:\Users\Haroon\Downloads\2013-07-25-quidditch-savior-and-boss-bming-korando.html
2014-01-27 11:30 - 2014-01-27 11:30 - 00013120 _____ () C:\Users\Haroon\Downloads\2013-07-26-ufam-elvin.html
2014-01-27 11:13 - 2014-01-27 11:13 - 01158144 _____ () C:\WINDOWS\Minidump\012714-17656-01.dmp
2014-01-27 09:21 - 2014-01-27 09:21 - 01160568 _____ () C:\WINDOWS\Minidump\012714-17078-01.dmp
2014-01-26 19:18 - 2014-01-26 19:18 - 01166048 _____ () C:\WINDOWS\Minidump\012614-25296-01.dmp
2014-01-25 22:25 - 2014-01-25 22:25 - 00003172 _____ () C:\WINDOWS\System32\Tasks\{2DA1915A-8CDE-4347-BF42-ECEDD2F1A12F}
2014-01-25 20:50 - 2014-01-25 20:50 - 00002713 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ____D () C:\Users\Haroon\AppData\Local\Skype
2014-01-25 20:50 - 2014-01-25 20:50 - 00000000 ____D () C:\ProgramData\Skype
2014-01-25 20:49 - 2014-01-25 20:49 - 35670176 _____ (Skype Technologies S.A.) C:\Users\Haroon\Downloads\SkypeSetupFull.exe
2014-01-25 17:56 - 2014-01-25 17:56 - 01132160 _____ () C:\WINDOWS\Minidump\012514-18140-01.dmp
2014-01-24 17:44 - 2014-01-24 17:44 - 01161520 _____ () C:\WINDOWS\Minidump\012414-18843-01.dmp
2014-01-24 15:28 - 2014-01-24 15:28 - 01160040 _____ () C:\WINDOWS\Minidump\012414-18359-01.dmp
2014-01-24 13:00 - 2014-01-24 13:00 - 01165760 _____ () C:\WINDOWS\Minidump\012414-29562-01.dmp
2014-01-23 23:13 - 2014-01-23 22:58 - 00000024 _____ () C:\Users\Haroon\random.dat
2014-01-23 22:58 - 2014-01-23 22:58 - 00000045 _____ () C:\Users\Haroon\jagex_cl_runescape_LIVE.dat
2014-01-23 22:58 - 2014-01-23 22:58 - 00000000 ____D () C:\Users\Haroon\jagexcache
2014-01-23 22:57 - 2014-01-23 22:57 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-01-23 22:57 - 2014-01-23 22:57 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\ProgramData\Sun
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-23 22:57 - 2014-01-23 22:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-23 22:56 - 2014-01-23 22:56 - 00921000 _____ (Oracle Corporation) C:\Users\Haroon\Downloads\chromeinstall-7u51.exe
2014-01-23 17:48 - 2014-01-01 15:47 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-01-23 17:47 - 2013-08-22 14:46 - 00328209 _____ () C:\WINDOWS\setupact.log
2014-01-23 17:41 - 2014-01-23 17:41 - 01138784 _____ () C:\WINDOWS\Minidump\012314-19406-01.dmp
2014-01-23 11:15 - 2014-01-23 11:15 - 01162864 _____ () C:\WINDOWS\Minidump\012314-25734-01.dmp
2014-01-22 20:29 - 2014-01-22 20:29 - 01133944 _____ () C:\WINDOWS\Minidump\012214-19875-01.dmp
2014-01-22 17:18 - 2014-01-22 17:18 - 00000000 _____ () C:\WINDOWS\Minidump\012214-16609-01.dmp
2014-01-22 11:13 - 2014-01-22 11:12 - 01138864 _____ () C:\WINDOWS\Minidump\012214-27515-01.dmp
2014-01-21 22:08 - 2014-01-21 22:08 - 00003188 _____ () C:\WINDOWS\System32\Tasks\{2BBFEB0F-6743-4524-BF66-7495557288E3}
2014-01-21 20:50 - 2014-01-21 20:50 - 00000000 ____D () C:\Users\Haroon\AppData\Local\Blizzard Entertainment
2014-01-21 20:37 - 2013-12-31 18:54 - 00000000 ____D () C:\Program Files (x86)\StarCraft II
2014-01-21 19:37 - 2014-01-21 19:37 - 01132832 _____ () C:\WINDOWS\Minidump\012114-16781-01.dmp
2014-01-21 02:53 - 2014-01-01 22:42 - 01179576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-01-21 02:53 - 2014-01-01 22:42 - 01048152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-01-19 07:38 - 2014-02-02 14:07 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
 
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Haroon\jagex_cl_runescape_LIVE.dat
C:\Users\Haroon\random.dat
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-16 16:53
 
==================== End Of Log ============================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-02-2014
Ran by Haroon at 2014-02-18 00:48:45
Running from C:\Users\Haroon\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
Adobe Reader XI (11.0.06) (x32 Version: 11.0.06 - Adobe Systems Incorporated)
ASUS Console (Version: 1.0.3 - ASUS)
ASUS Instant Key (x32 Version: 1.1.3 - ASUS)
ASUS Live Update (x32 Version: 3.2.6 - ASUS)
ASUS Power4Gear Hybrid (Version: 3.0.6 - ASUS)
ASUS Screen Saver (Version: 1.0.1 - ASUS)
ASUS Smart Gesture (x32 Version: 2.2.5 - ASUS)
ASUS Splendid Video Enhancement Technology (x32 Version: 2.01.0018 - ASUS)
ASUS USB Charger Plus (x32 Version: 3.1.7 - ASUS)
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.)
ASUS Video Magic (x32 Version: 6.0.5005 - CyberLink Corp.) Hidden
ASUS WebStorage Sync Agent (x32 Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4924.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (x32 Version: 2.0.12.310 - ASUSTEK)
ATK Package (x32 Version: 1.0.0030 - ASUS)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.)
CyberLink MediaEspresso 6.5 (x32 Version: 6.5.3718_45957 - CyberLink Corp.) Hidden
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.5817a - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Intel® Management Engine Components (x32 Version: 9.0.10.1372 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 10.18.10.3308 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (x32 Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee SiteAdvisor (x32 Version: 3.6.135 - McAfee, Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - en-us (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mumble 1.2.4 (x32 Version: 1.2.4 - Thorvald Natvig)
MyBitCast 2.0 (x32 Version: 2.0 - ASUS)
NVIDIA Control Panel 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2 (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (x32 Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (x32 Version: 8.11.201.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.13 (x32 Version: 6.13.104 - Skype Technologies S.A.)
StarCraft II (x32 Version:  - Blizzard Entertainment)
System Requirements Lab for Intel (x32 Version: 4.5.22.0 - Husdawg, LLC)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (x32 Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (09/17/2013 1.0.0.186) (Version: 09/17/2013 1.0.0.186 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (x32 Version: 2.42.0 - ASUS)
 
==================== Restore Points  =========================
 
02-02-2014 13:57:42 Scheduled Checkpoint
05-02-2014 19:24:35 Windows Update
13-02-2014 20:06:12 Windows Update
 
==================== Hosts content: ==========================
 
2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0924495E-1056-49F1-80CB-814529206638} - System32\Tasks\ASUS Console => C:\Program Files\ASUS\ASUS Console\ASUS Console Starter.exe [2013-08-16] (ASUSTek Computer Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {14175B97-14ED-4E3B-83DD-8CD7D93C2917} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {35157422-A6D6-4704-937E-8AA853ECECFC} - System32\Tasks\Microsoft Office 15 Sync Maintenance for HaroonpC-Haroon HaroonpC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-15] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {383F596B-D0DE-4A11-AFDB-2123AC61C84F} - System32\Tasks\ASUS Patch for Touch Panel => C:\ProgramData\AsTouchPanel\AsPatchTouchPanel64.exe [2013-01-09] (ASUSTek Computer INC.)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {48F99BA2-05F0-4834-8F4A-18CB8446C5B7} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-09] ()
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5B2B334C-C177-4E2A-8840-44EE63A20595} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-17] (Microsoft Corporation)
Task: {60F63561-0055-4B4B-B981-0EFAC1229E38} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {83733CBF-6E26-4B0C-B21A-56D467FFD5F0} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8A38C954-501A-4073-B252-D413C30E828A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-31] (Microsoft Corporation)
Task: {8B4F6BBC-50E1-4335-88AA-E4762A4D9274} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-09-23] (AsusTek)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9318AEFD-F560-41EC-A1F6-A574ADFFFAB8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {9DB33072-1DC9-43DB-A7C6-8FB5E108DB49} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-08-29] (ASUS)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A94DA73D-BAAA-471C-94DF-0E8132F03357} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2013-08-29] (ASUSTek Computer Inc.)
Task: {AC0279EB-5327-4610-8C63-7927EBC7AF77} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-08-19] (ASUS)
Task: {B6C7B30B-0DED-4280-9583-E54EC93BA07F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-08-16] (ASUSTeK Computer Inc.)
Task: {C68B593D-56AC-4E83-89A5-7A31B933A715} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {CD43C9F2-C58D-4205-83FC-074A2FB2660B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-31] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D15B2870-0B86-4834-A06C-E1542F0B0F43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-31] (Google Inc.)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FAE13491-7650-4562-989D-E740FEE04EC4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-08-28] (ASUSTeK Computer Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-29 15:01 - 2013-08-29 15:01 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-01-15 12:52 - 2014-01-15 12:52 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2013-09-07 00:48 - 2013-09-07 00:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 00:45 - 2013-09-07 00:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 00:52 - 2013-09-07 00:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-12-31 18:30 - 2013-12-31 18:30 - 00393384 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll
2014-01-15 12:51 - 2014-01-15 12:51 - 00520872 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r64.dll
2013-12-31 18:31 - 2013-12-31 18:32 - 01286272 _____ () C:\Program Files\Microsoft Office 15\root\office15\PPRESOURCES.DLL
2013-12-10 08:13 - 2013-12-19 20:33 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-08-19 16:16 - 2013-08-19 16:16 - 00015440 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-08-16 09:03 - 2013-08-16 09:03 - 00023040 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2013-10-17 22:00 - 2009-04-17 10:01 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2013-04-27 09:24 - 2013-04-27 09:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2013-12-10 08:13 - 2013-12-19 20:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-17 21:38 - 2013-06-23 19:05 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-01-15 12:52 - 2014-01-15 12:52 - 08866472 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-02-03 23:39 - 2014-02-01 23:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-03 23:39 - 2014-02-01 23:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-03 23:39 - 2014-02-01 23:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-03 23:39 - 2014-02-01 23:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-03 23:39 - 2014-02-01 23:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-03 23:39 - 2014-02-01 23:42 - 13616456 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/17/2014 01:34:49 PM) (Source: System Restore) (User: )
Description: Failed to create restore point (Process = C:\WINDOWS\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).
 
Error: (02/16/2014 11:46:38 PM) (Source: MsiInstaller) (User: HaroonpC)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/16/2014 07:40:38 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (02/15/2014 04:42:03 PM) (Source: Application Hang) (User: )
Description: The program SC2.exe version 2.1.0.28667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 16ec
 
Start Time: 01cf2a516e16afe7
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe
 
Report Id: 184bb5d7-9660-11e3-bedd-240a64b28268
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/14/2014 09:39:49 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (02/13/2014 00:12:04 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (02/13/2014 10:42:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/13/2014 10:42:01 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageCode', value: 'GUID') in key 'HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219'
 
Error: (02/13/2014 02:41:48 AM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (02/10/2014 01:57:56 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
 
System errors:
=============
Error: (02/17/2014 11:07:14 PM) (Source: DCOM) (User: HaroonpC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/17/2014 10:41:12 PM) (Source: DCOM) (User: HaroonpC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/17/2014 01:37:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/16/2014 04:55:03 PM) (Source: DCOM) (User: HaroonpC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/16/2014 04:54:16 PM) (Source: DCOM) (User: HaroonpC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/16/2014 04:46:18 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/15/2014 05:45:49 PM) (Source: DCOM) (User: HaroonpC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/15/2014 05:45:19 PM) (Source: DCOM) (User: HaroonpC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (02/15/2014 02:13:43 PM) (Source: DCOM) (User: HaroonpC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (02/15/2014 02:13:13 PM) (Source: DCOM) (User: HaroonpC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
 
Microsoft Office Sessions:
=========================
Error: (02/17/2014 01:34:49 PM) (Source: System Restore)(User: )
Description: C:\WINDOWS\system32\svchost.exe -k netsvcsWindows Update0x81000101
 
Error: (02/16/2014 11:46:38 PM) (Source: MsiInstaller)(User: HaroonpC)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/16/2014 07:40:38 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (02/15/2014 04:42:03 PM) (Source: Application Hang)(User: )
Description: SC2.exe2.1.0.2866716ec01cf2a516e16afe74294967295C:\Program Files (x86)\StarCraft II\Versions\Base28667\SC2.exe184bb5d7-9660-11e3-bedd-240a64b28268
 
Error: (02/14/2014 09:39:49 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (02/13/2014 00:12:04 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (02/13/2014 10:42:01 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/13/2014 10:42:01 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)
 
Error: (02/13/2014 02:41:48 AM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
Error: (02/10/2014 01:57:56 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 33%
Total physical RAM: 8075.18 MB
Available physical RAM: 5340.88 MB
Total Pagefile: 16267.18 MB
Available Pagefile: 13121.18 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:372.26 GB) (Free:304.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 5B98F280)
 
Partition: GPT Partition Type
==================== End Of Log ============================


#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 18 February 2014 - 09:01 AM

Greetings Haroon,

Can you tell me if your computer shuts down properly if you attempt that from Safe Mode?

Please do these things.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Haroon\jagex_cl_runescape_LIVE.dat
C:\Users\Haroon\random.dat
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Shutdown in Safe Mode?
  • AdwCleaner log
  • Junkware log
  • Fixlist

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 18 February 2014 - 10:36 AM

Hi Gary,

 

I was able to shutdown in safe mode. However getting to safe mode took a really long time - the initial restart took roughly 10+ mins. Shutting down in safe mode took less than 15 seconds. 

 

# AdwCleaner v3.019 - Report created 18/02/2014 at 15:18:49
# Updated 17/02/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Haroon - HAROONPC
# Running from : C:\Users\Haroon\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\WINDOWS\SysWOW64\AI_RecycleBin
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Key Deleted : HKLM\Software\caphyon
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v32.0.1700.107
 
[ File : C:\Users\Haroon\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1744 octets] - [18/02/2014 15:16:55]
AdwCleaner[S0].txt - [1681 octets] - [18/02/2014 15:18:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1741 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 x64
Ran by Haroon on 18/02/2014 at 15:27:22.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/02/2014 at 15:30:32.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-02-2014
Ran by Haroon at 2014-02-18 15:33:00 Run:1
Running from C:\Users\Haroon\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS
C:\Users\Haroon\jagex_cl_runescape_LIVE.dat
C:\Users\Haroon\random.dat
*****************
 
C:\ProgramData\SetStretch.exe => Moved successfully.
C:\ProgramData\SetStretch.VBS => Moved successfully.
C:\Users\Haroon\jagex_cl_runescape_LIVE.dat => Moved successfully.
C:\Users\Haroon\random.dat => Moved successfully.
 
==== End of Fixlog ====


#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 18 February 2014 - 11:54 AM

Hi Haroon,

Let's follow up on our Safe Mode "success". Please do this now.

===================================================

Clean Boot
--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time - Windows 8 swipe the right side and click Search icon
  • Type msconfig and press Enter
  • If you are prompted for an administrator password or for a confirmation, type the password, or provide confirmation
  • In the System Configuration Utility dialog box, click Selective Startup on the General tab
  • Click to clear the Load Startup Items check box
  • Click the Services tab
  • Click to select the Hide All Microsoft Services check box
  • Click Disable All, and then click OK
  • When you are prompted, click Restart and boot into Normal Mode
  • Attempt to shut down your computer
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Did your computer shut down properly?
  • Did your computer boot in a normal amount of time?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 19 February 2014 - 09:39 AM

Hi Gary,

 

After I applied the changes in msconfig the computer took a long time to restart - over 5 minutes. The subsequent shutdown afterwards took over 5 minutes too and the computer came back on after shutdown. 

 

Normally shutdown goes like this:

1) Windows + X -> Shutdown

2) Shutdown screen appears

3) Screen goes black

[5-10 minutes]

4) Keys briefly light up (backlit keyboard) 

5) Computer turns back on (Black screen though) [fast]

6) I click somewhere with my mouse so the I return to desktop.



#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 19 February 2014 - 10:11 AM

Hi Haroon,

We need to do some troubleshooting. Please do this.

===================================================

Troubleshooting in Clean Boot Environment

--------------------
  • While in a Clean Boot Environment place a check mark in half of the unchecked items and reboot your computer
  • If your symptoms reappear, uncheck an item, reboot your computer and see if your symptoms disappear. Repeat the process as necessary
  • If your symptoms do not appear, check an additional item, reboot your computer and see if your symptoms reappear. Repeat the process as necessary
  • List the program causing your difficulties in your reply
===================================================

Things I would like to see in your next reply. :thumbsup2:
  • Results?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 23 February 2014 - 06:42 PM

Hi Gary, sorry for the long time posting a reply.

 

I did this process and even with all items unchecked the laptop will still turn on after shutdown. 



#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 23 February 2014 - 08:40 PM

Please run this program. If one step doesn't complete properly simply move on to the next step.

===================================================

Windows Repair (All in One)

--------------------
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Download Windows Repair (All in One) and save it to your desktop
  • Double click the icon and select Run
  • Continually click Next, then Finish
  • Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22001645.gif

  • Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22001646.gif

  • Go to Step 4 and under "System Restore" click on Create button:

p22001644.gif

  • Go to Start Repairs tab and click Start button.

p22001166.gif

  • Please leave the default settings as is
  • Click on box next to the Restart System when Finished. Then click on Start
  • Your computer will reboot upon completion
  • Copy and paste the contents of the following log in your reply:

C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt


===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • All in One log
  • Any difference?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,532 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:10:38 PM

Posted 27 February 2014 - 10:01 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Skydie

Skydie
  • Topic Starter

  • Members
  • 353 posts
  • OFFLINE
  •  
  • Local time:07:38 AM

Posted 28 February 2014 - 04:11 AM

Hi Gary,

 

After running the above steps and then turning off the computer it still came back on.

 

 
System Variables
--------------------------------------------------------------------------------
OS: Windows 8.1
OS Architecture: 64-bit
OS Version: 6.3.9600
OS Service Pack: 
Computer Name: HAROONPC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Haroon
Current Profile SID: S-1-5-21-1698802669-18766098-3983175076-1002
Current Profile Classes: S-1-5-21-1698802669-18766098-3983175076-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Haroon\AppData\Local
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:22:24
 
Process Count: 75
Commit Total: 2.44 GB
Commit Limit: 15.89 GB
Commit Peak: 2.93 GB
Handle Count: 22446
Kernel Total: 508.53 MB
Kernel Paged: 352.72 MB
Kernel Non Paged: 155.81 MB
System Cache: 5.96 GB
Thread Count: 806
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.89 GB
Memory Used: 1.84 GB(23.3301%)
Memory Avail.: 6.05 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.89 GB
Memory Used: 1.54 GB(19.5014%)
Memory Avail.: 6.35 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Start (25/02/2014 16:13:23)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (25/02/2014 16:13:23)
   Running Repair Under Current User Account
   Done (25/02/2014 16:13:26)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (25/02/2014 16:13:26)
   Running Repair Under System Account
   Done (25/02/2014 16:13:52)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (25/02/2014 16:13:52)
   Running Repair Under System Account
   Done (25/02/2014 16:14:09)
 
03 - Register System Files
   Start (25/02/2014 16:14:09)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:14:20)
 
04 - Repair WMI
   Start (25/02/2014 16:14:20)
   Running Repair Under Current User Account
   Done (25/02/2014 16:18:57)
 
05 - Repair Windows Firewall
   Start (25/02/2014 16:18:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:19:30)
 
06 - Repair Internet Explorer
   Start (25/02/2014 16:19:30)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:19:43)
 
07 - Repair MDAC/MS Jet
   Start (25/02/2014 16:19:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:19:47)
 
08 - Repair Hosts File
   Start (25/02/2014 16:19:47)
   Running Repair Under System Account
   Done (25/02/2014 16:19:50)
 
09 - Remove Policies Set By Infections
   Start (25/02/2014 16:19:50)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:19:54)
 
11 - Repair Icons
   Start (25/02/2014 16:19:54)
   Running Repair Under Current User Account
   Done (25/02/2014 16:19:56)
 
12 - Repair Winsock & DNS Cache
   Start (25/02/2014 16:19:57)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:05)
 
14 - Repair Proxy Settings
   Start (25/02/2014 16:20:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:10)
 
16 - Repair Windows Updates
   Start (25/02/2014 16:20:10)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:19)
 
17 - Repair CD/DVD Missing/Not Working
   Start (25/02/2014 16:20:19)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (25/02/2014 16:20:19)
 
18 - Repair Volume Shadow Copy Service
   Start (25/02/2014 16:20:19)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:24)
 
20 - Repair MSI (Windows Installer)
   Start (25/02/2014 16:20:24)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:32)
 
22.01 - Repair bat Association
   Start (25/02/2014 16:20:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:37)
 
22.02 - Repair cmd Association
   Start (25/02/2014 16:20:37)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:42)
 
22.03 - Repair com Association
   Start (25/02/2014 16:20:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:46)
 
22.04 - Repair Directory Association
   Start (25/02/2014 16:20:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:51)
 
22.05 - Repair Drive Association
   Start (25/02/2014 16:20:51)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:20:55)
 
22.06 - Repair exe Association
   Start (25/02/2014 16:20:55)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:00)
 
22.07 - Repair Folder Association
   Start (25/02/2014 16:21:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:05)
 
22.08 - Repair inf Association
   Start (25/02/2014 16:21:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:09)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (25/02/2014 16:21:09)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:14)
 
22.10 - Repair msc Association
   Start (25/02/2014 16:21:14)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:18)
 
22.11 - Repair reg Association
   Start (25/02/2014 16:21:18)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:23)
 
22.12 - Repair scr Association
   Start (25/02/2014 16:21:23)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:28)
 
23 - Repair Windows Safe Mode
   Start (25/02/2014 16:21:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:32)
 
24 - Repair Print Spooler
   Start (25/02/2014 16:21:32)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:45)
 
25 - Restore Important Windows Services
   Start (25/02/2014 16:21:45)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:54)
 
26 - Set Windows Services To Default Startup
   Start (25/02/2014 16:21:54)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (25/02/2014 16:21:59)
 
27 - Repair Windows 8 App Store
   Start (25/02/2014 16:21:59)
   Running Repair Under System Account
   Running Repair Under Current User Account
   Done (25/02/2014 16:22:18)
 
28 - Repair Windows 8 Component Store
   Start (25/02/2014 16:22:18)
   Running Repair Under Current User Account
   Done (25/02/2014 16:35:16)
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (25/02/2014 16:35:16)
   Total Repair Time: 00:21:55
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users