OS Load/Repair/Blue Screen Loop

Thanks in advance for the help. I was having some issues with google redirect and various viruses and malware, so I ran a combination of PC Tools Spyware Doctor and Malwarebytes on top of my Trend Micro Titanium. Malwarebytes found a few minor things and fixed them, and PC Tools found at least 4 high risk trojans. I ran the fix there and rebooted, and since then I cannot get back to my desktop even in Safe Mode. I've tried Safe Mode, Safe Mode with Networking, and Safe Mode with Command Prompt as well as attempted to do a system restore (which fails), but all this does is create a loop of attempted repairs and restarts. I see the blue screen of death error flash anywhere from 1-5 seconds before the loop is initiated again. Basically, the end result is the suggestion to simply shut down the computer.

I wanted to post the dds and other prerequisite programs to generate the logs you need, but I'm unsure of how to do this since I can't use my computer. I do have access to a second computer in case I need to save any of these programs to flash drives.

Appreciate the help.

Windows 7 Operating System
Trend Micro Titanium
Malwarebytes
PC Tools Spyware Doctor

Lets give it a try. You will need a USB Flash drive.

For x32 (x86) bit systems download Farbar Recovery Scan Tool and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:

• Restart the computer.
• As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
• Click on Repair your computer menu item.
• Select US as the keyboard language settings, and then click Next.
• Select the operating system you want to repair, and then click Next.
• Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt

• Select Command Prompt
• In the command window type in notepad and press Enter.
• The notepad opens. Under File menu select Open.
• Select "Computer" and find your flash drive letter and close the notepad.
• In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  Note: Replace letter e with the drive letter of your flash drive.
• The tool will start to run.
• When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the flash drive. Please copy and paste it to your reply.

Thanks for the reply! Really appreciate your time and help.

One quick question. I'm running Windows 7 Home Premium 64-bit, but on this step (Select the operating system you want to repair, and then click Next.), I don't get the option to choose my OS to repair. My menus go from selecting "US" to selecting my user account.

I downloaded the 64-bit version of Farbar, but nothing happens when I enter i:\frst64.exe. It just brings up a new prompt of X:\windows\system32> Does system32 mean I should have grabbed the 32-bit/x86 version of Farbar?

Thanks for the reply! Really appreciate your time and help.

One quick question. I'm running Windows 7 Home Premium 64-bit, but on this step (Select the operating system you want to repair, and then click Next.), I don't get the option to choose my OS to repair. My menus go from selecting "US" to selecting my user account.

I downloaded the 64-bit version of Farbar, but nothing happens when I enter i:\frst64.exe. It just brings up a new prompt of X:\windows\system32> Does system32 mean I should have grabbed the 32-bit/x86 version of Farbar?

If you use a 64-bit system, then FRST64.exe is the right program. Please recheck if I: is the USB drive letter and try again.

I changed flash drives and got it to work. Here is the log. Thanks!

Scan result of Farbar Recovery Scan Tool Version: 15-03-2012
Ran by SYSTEM at 15-08-2012 16:14:03
Running from M:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [8158240 2009-10-02] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" [163568 2010-09-24] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [390720 2011-02-01] (Acronis)
HKLM\...\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe -set Silent "1" SplashURL "" [1111568 2011-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [197152 2011-02-10] (Trend Micro Inc.)
HKLM-x32\...\Run: [Dell DataSafe Online] "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m [1807600 2009-11-13] ()
HKLM-x32\...\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL [x]
HKLM-x32\...\Run: [SAOB Monitor] C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe [2536448 2010-11-16] (Acronis)
HKLM-x32\...\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [5546376 2011-02-01] (Acronis)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI [1600984 2011-09-01] (PC Tools)
HKLM-x32\...\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [247760 2011-09-01] (Threat Expert Ltd.)
HKU\Technicyst Fix\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-08] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

==================== Services (Whitelisted) ======

2 AcrSch2Svc; "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe" [1112240 2011-02-01] (Acronis)
3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [250056 2012-08-03] (Adobe Systems Incorporated)
2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3246040 2011-05-24] (Acronis)
2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [462184 2011-08-31] (Apple Inc.)
2 Browser Defender Update Service; "C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe" [337872 2011-09-01] (Threat Expert Ltd.)
2 CodeMeter.exe; "C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe" [2304912 2011-07-06] (WIBU-SYSTEMS AG)
2 McShield; "C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe" [199272 2011-12-06] (McAfee, Inc.)
2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [208536 2011-12-06] (McAfee, Inc.)
2 mfevtp; "C:\Windows\system32\mfevtps.exe" [161168 2011-11-18] (McAfee, Inc.)
3 Microsoft Office Groove Audit Service; "C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe" [64856 2009-02-26] (Microsoft Corporation)
3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [113120 2012-07-29] (Mozilla Foundation)
2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [4948992 2009-07-17] (Native Instruments GmbH)
2 sdAuxService; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [371472 2011-02-18] (PC Tools)
2 sdCoreService; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [1117144 2011-09-01] (PC Tools)
3 WMZuneComm; "C:\Program Files\Zune\WMZuneComm.exe" [306416 2010-09-24] (Microsoft Corporation)
2 wscsvc; "C:\Windows\system32\wscsvc.dll" [97280 2010-12-21] (Microsoft Corporation)
3 ZuneNetworkSvc; "C:\Program Files\Zune\ZuneNss.exe" [8251120 2010-09-24] (Microsoft Corporation)
3 ZuneWlanCfgSvc; C:\Windows\system32\ZuneWlanCfgSvc.exe [467696 2010-09-24] (Microsoft Corporation)
2 0242461333814782mcinstcleanup; C:\Users\TECHNI~1\AppData\Local\Temp\024246~1.EXE -cleanup -nolog [x]
2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [x]
2 McMPFSvc; "C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [x]
2 MOBCleanup; "C:\Users\Technicyst Fix\AppData\Local\Temp\MOBCleanup.exe" [x]
3 RoxMediaDB10; "c:\Program Files (x86)\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe" [x]
2 SessionLauncher; c:\Users\ADMINI~1\AppData\Local\Temp\DX9\SessionLauncher.exe [x]
3 stllssvr; "c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe" [x]

========================== Drivers (Whitelisted) =============

3 afcdp; C:\Windows\System32\Drivers\afcdp.sys [285280 2011-05-24] (Acronis)
3 automap; C:\Windows\System32\Drivers\automap.sys [18776 2012-04-19] (Focusrite Audio Engineering Limited)
3 BridgeMP; C:\Windows\System32\DRIVERS\bridge.sys [95232 2009-07-13] (Microsoft Corporation)
3 BVRPMPR5a64; C:\Windows\System32\Drivers\BVRPMPR5a64.sys [35840 2010-06-06] (Avanquest Software)
3 cfwids; C:\Windows\System32\Drivers\cfwids.sys [65264 2011-10-15] (McAfee, Inc.)
3 COMMONFX; C:\Windows\System32\Drivers\COMMONFX.sys [123992 2010-02-23] (Creative Technology Ltd)
3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [123992 2010-02-23] (Creative Technology Ltd)
3 CT20XUT.SYS; C:\Windows\System32\drivers\CT20XUT.SYS [202840 2010-02-23] (Creative Technology Ltd.)
3 CTAUDFX; C:\Windows\System32\Drivers\CTAUDFX.sys [588888 2010-02-23] (Creative Technology Ltd)
3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [588888 2010-02-23] (Creative Technology Ltd)
3 CTEAPSFX; C:\Windows\System32\Drivers\CTEAPSFX.sys [187480 2010-02-23] (Creative Technology Ltd)
3 CTEAPSFX.SYS; C:\Windows\System32\drivers\CTEAPSFX.SYS [187480 2010-02-23] (Creative Technology Ltd)
3 CTEDSPFX; C:\Windows\System32\Drivers\CTEDSPFX.sys [287832 2010-02-23] (Creative Technology Ltd)
3 CTEDSPFX.SYS; C:\Windows\System32\drivers\CTEDSPFX.SYS [287832 2010-02-23] (Creative Technology Ltd)
3 CTEDSPIO; C:\Windows\System32\Drivers\CTEDSPIO.sys [158296 2010-02-23] (Creative Technology Ltd)
3 CTEDSPIO.SYS; C:\Windows\System32\drivers\CTEDSPIO.SYS [158296 2010-02-23] (Creative Technology Ltd)
3 CTEDSPSY; C:\Windows\System32\Drivers\CTEDSPSY.sys [338520 2010-02-23] (Creative Technology Ltd)
3 CTEDSPSY.SYS; C:\Windows\System32\drivers\CTEDSPSY.SYS [338520 2010-02-23] (Creative Technology Ltd)
3 CTERFXFX; C:\Windows\System32\Drivers\CTERFXFX.sys [116312 2010-02-23] (Creative Technology Ltd)
3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [116312 2010-02-23] (Creative Technology Ltd)
3 CTSBLFX; C:\Windows\System32\Drivers\CTSBLFX.sys [589912 2010-02-23] (Creative Technology Ltd)
3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [589912 2010-02-23] (Creative Technology Ltd)
3 ha10kx2k; C:\Windows\System32\Drivers\ha10kx2k.sys [1021016 2010-02-23] (Creative Technology Ltd)
0 JRAID; C:\Windows\System32\Drivers\JRAID.sys [100776 2009-07-24] (JMicron Technology Corp.)
3 L6GX; C:\Windows\System32\Drivers\L6GX64.sys [894592 2010-03-25] (Line 6)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [160280 2011-10-15] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [229528 2011-10-15] (McAfee, Inc.)
3 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [481768 2011-10-15] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [647080 2011-10-15] (McAfee, Inc.)
1 mfenlfk; C:\Windows\System32\Drivers\mfenlfk.sys [75808 2011-10-15] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [100912 2011-10-15] (McAfee, Inc.)
1 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [284648 2011-10-15] (McAfee, Inc.)
3 NvnUsbAudio; C:\Windows\System32\Drivers\NvnUsbAudio.sys [53080 2011-10-05] (Novation DMS Ltd.)
3 pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [426616 2012-04-23] (PC Tools)
0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2012-08-13] (PC Tools)
0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2012-08-13] (PC Tools)
1 pctgntdi; \??\C:\Windows\System32\drivers\pctgntdi64.sys [336512 2011-07-19] (PC Tools)
3 pctplsg; \??\C:\Windows\System32\drivers\pctplsg64.sys [92896 2011-07-19] (PC Tools)
1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [228392 2012-08-13] (PC Tools)
1 RxFilter; C:\Windows\SysWow64\Drivers\RxFilter.sys [65520 2009-06-26] (Sonic Solutions)
0 snapman; C:\Windows\System32\Drivers\snapman.sys [277088 2011-05-24] (Acronis)
2 SSPORT; C:\Windows\System32\Drivers\SSPORT.sys [11576 2009-05-08] (Samsung Electronics)
3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
3 synusb64; C:\Windows\System32\Drivers\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
0 tdrpman273; C:\Windows\System32\DRIVERS\tdrpm273.sys [1263200 2011-05-24] (Acronis)
0 timounter; C:\Windows\System32\DRIVERS\timntr.sys [970336 2011-05-24] (Acronis)
2 tmactmon; C:\Windows\System32\Drivers\tmactmon.sys [90704 2012-04-07] (Trend Micro Inc.)
2 tmcomm; C:\Windows\System32\Drivers\tmcomm.sys [144464 2012-04-07] (Trend Micro Inc.)
2 tmevtmgr; C:\Windows\System32\Drivers\tmevtmgr.sys [67664 2012-04-07] (Trend Micro Inc.)
1 tmtdi; C:\Windows\System32\Drivers\tmtdi.sys [105552 2012-04-07] (Trend Micro Inc.)
2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]

========================== NetSvcs (Whitelisted) ===========
NETSVC: imagedrv

============ One Month Created Files and Folders ==============

2012-08-13 12:41 - 2012-08-13 12:41 - 0180488 ____A (PC Tools) C:\Windows\System32\Drivers\pctplfw64.sys
2012-08-13 12:41 - 2012-08-13 12:41 - 0119688 ____A (PC Tools) C:\Windows\System32\Drivers\pctNdis-PacketFilter64.sys
2012-08-13 12:41 - 2012-08-13 12:41 - 0042968 ____A (PC Tools) C:\Windows\System32\Drivers\pctNdis-DNS64.sys
2012-08-13 12:00 - 2012-08-13 12:00 - 0002109 ____A C:\Users\Public\Desktop\PC Tools Internet Security.lnk
2012-08-13 12:00 - 2012-08-13 12:00 - 0002109 ____A C:\Users\All Users\Desktop\PC Tools Internet Security.lnk
2012-08-13 11:47 - 2011-09-01 11:39 - 2189264 ____A (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2012-08-13 11:47 - 2011-09-01 11:39 - 1533904 ____A (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2012-08-13 11:47 - 2011-09-01 11:39 - 0149456 ____A (PC Tools) C:\Windows\SGDetectionTool.dll
2012-08-13 11:47 - 2011-09-01 11:38 - 0767952 ____A C:\Windows\BDTSupport.dll
2012-08-13 11:47 - 2011-01-06 10:54 - 0002125 ____A C:\Windows\UDB.zip
2012-08-13 11:47 - 2010-08-20 09:50 - 0000882 ____A C:\Windows\RegSDImport.xml
2012-08-13 11:47 - 2010-01-22 08:44 - 0000879 ____A C:\Windows\RegISSImport.xml
2012-08-13 11:47 - 2008-11-26 11:08 - 0000131 ____A C:\Windows\IDB.zip
2012-08-13 11:45 - 2012-08-13 21:38 - 0000000 ____D C:\Program Files (x86)\PC Tools Security
2012-08-13 11:45 - 2012-08-13 11:56 - 0816016 ____A (PC Tools) C:\Windows\System32\Drivers\pctEFA64.sys
2012-08-13 11:45 - 2012-08-13 11:56 - 0452872 ____A (PC Tools) C:\Windows\System32\Drivers\pctDS64.sys
2012-08-13 11:45 - 2012-08-13 11:56 - 0141312 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-08-13 11:45 - 2012-04-23 12:36 - 0426616 ____A (PC Tools) C:\Windows\System32\Drivers\PCTCore64.sys
2012-08-13 11:45 - 2011-07-19 09:23 - 0092896 ____A (PC Tools) C:\Windows\System32\Drivers\pctplsg64.sys
2012-08-13 11:45 - 2011-07-19 09:18 - 0336512 ____A (PC Tools) C:\Windows\System32\Drivers\pctgntdi64.sys
2012-08-13 11:42 - 2012-08-13 11:43 - 0000000 ____D C:\Users\Technicyst Fix\Downloads\PC.Tools.Spyware.Doctor.2011.8.0.0.662.Incl.License.Key
2012-08-13 11:19 - 2012-08-14 21:57 - 1576472 ____A C:\Windows\ntbtlog.txt
2012-08-08 11:20 - 2012-08-08 11:20 - 0129024 ____A C:\Windows\RegBootClean64.exe
2012-08-05 11:33 - 2012-08-05 12:44 - 0000000 ____D C:\Users\Technicyst Fix\Downloads\13 GAME OF DEATH[2006][ENG][AC3 5.1][DVDRip]-KonzillaRG
2012-08-01 18:44 - 2012-08-01 18:44 - 0000000 ____D C:\Program Files\JBridge
2012-08-01 14:55 - 2012-08-01 14:59 - 0000000 ____D C:\Users\Technicyst Fix\My Documents\Ableton
2012-08-01 14:55 - 2012-08-01 14:59 - 0000000 ____D C:\Users\Technicyst Fix\Documents\Ableton
2012-08-01 14:55 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\Ableton
2012-08-01 14:55 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\Users\All Users\Application Data\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\Users\All Users\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\ProgramData\Ableton
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Focusrite_Audio_Engineeri
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Application Data\Focusrite_Audio_Engineeri
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Local\Focusrite_Audio_Engineeri
2012-07-27 22:31 - 2012-04-19 12:31 - 0018776 ____A (Focusrite Audio Engineering Limited) C:\Windows\System32\Drivers\automap.sys
2012-07-26 19:06 - 2012-07-26 19:06 - 0000954 ____A C:\Users\Public\Desktop\µTorrent.lnk
2012-07-26 19:06 - 2012-07-26 19:06 - 0000954 ____A C:\Users\All Users\Desktop\µTorrent.lnk
2012-07-26 19:06 - 2012-07-26 19:06 - 0000000 ____D C:\Program Files (x86)\uTorrent
2012-07-26 19:05 - 2012-07-26 19:05 - 0895376 ____A (BitTorrent, Inc.) C:\Users\Technicyst Fix\Downloads\uTorrent(1).exe
2012-07-24 23:05 - 2012-08-03 18:49 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-07-24 23:02 - 2012-08-13 12:00 - 2127190 ____A C:\Windows\System32\Drivers\Cat.DB
2012-07-24 23:02 - 2012-08-13 11:56 - 0228392 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-07-24 23:02 - 2012-08-13 11:45 - 0000000 ____D C:\Users\All Users\PC Tools
2012-07-24 23:02 - 2012-08-13 11:45 - 0000000 ____D C:\Users\All Users\Application Data\PC Tools
2012-07-24 23:02 - 2012-08-13 11:45 - 0000000 ____D C:\ProgramData\PC Tools
2012-07-24 23:02 - 2012-07-24 23:02 - 4165584 ____A (PC Tools) C:\Users\Technicyst Fix\Downloads\SD_Online_aff_GenericRevenueWire_207.exe
2012-07-24 23:02 - 2012-07-24 23:02 - 0725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Technicyst Fix\Downloads\SpyHunter-Installer(1).exe
2012-07-24 23:02 - 2012-07-24 23:02 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\TestApp
2012-07-24 23:02 - 2012-07-24 23:02 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\TestApp
2012-07-24 23:01 - 2012-07-24 23:01 - 0725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Technicyst Fix\Downloads\SpyHunter-Installer.exe
2012-07-24 22:58 - 2012-07-24 22:58 - 0145746 ____A C:\TDSSKiller.2.7.48.0_24.07.2012_22.58.04_log.txt

============ 3 Months Modified Files and Folders =============

2012-08-15 16:14 - 2012-04-07 18:36 - 0000000 ____D C:\FRST
2012-08-15 16:02 - 2010-04-06 18:57 - 2140393472 __ASH C:\hiberfil.sys
2012-08-15 16:02 - 2010-04-06 18:57 - 1468558 ____A C:\Windows\PFRO.log
2012-08-15 09:18 - 2010-10-23 14:30 - 396851244 ____A C:\Windows\MEMORY.DMP
2012-08-14 21:57 - 2012-08-13 11:19 - 1576472 ____A C:\Windows\ntbtlog.txt
2012-08-13 23:09 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files (x86)\Windows Portable Devices
2012-08-13 23:06 - 2009-07-14 00:32 - 0000000 ____D C:\Program Files\Windows Portable Devices
2012-08-13 21:38 - 2012-08-13 11:45 - 0000000 ____D C:\Program Files (x86)\PC Tools Security
2012-08-13 21:36 - 2011-01-20 20:44 - 0011564 ____A C:\Windows\System32\DVCState-{00000009-00000000-00000004-00001102-00000008-40071102}.rfx
2012-08-13 21:36 - 2011-01-20 20:44 - 0001044 ____A C:\Windows\System32\BMXCtrlState-{00000009-00000000-00000004-00001102-00000008-40071102}.rfx
2012-08-13 21:36 - 2011-01-20 20:44 - 0001044 ____A C:\Windows\System32\BMXBkpCtrlState-{00000009-00000000-00000004-00001102-00000008-40071102}.rfx
2012-08-13 21:36 - 2011-01-20 20:44 - 0000072 ____A C:\Windows\System32\BMXStateBkp-{00000009-00000000-00000004-00001102-00000008-40071102}.rfx
2012-08-13 21:36 - 2011-01-20 20:44 - 0000072 ____A C:\Windows\System32\BMXState-{00000009-00000000-00000004-00001102-00000008-40071102}.rfx
2012-08-13 21:36 - 2009-07-14 00:10 - 1082615 ____A C:\Windows\WindowsUpdate.log
2012-08-13 21:35 - 2012-02-04 15:47 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\MediaMonkey
2012-08-13 21:35 - 2012-02-04 15:47 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\MediaMonkey
2012-08-13 20:57 - 2012-03-28 14:42 - 0000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-08-13 12:59 - 2011-07-27 16:00 - 0000000 ____D C:\Users\Technicyst Fix\Desktop\Games
2012-08-13 12:59 - 2010-05-23 11:14 - 0000000 ___RD C:\Users\Technicyst Fix\Desktop\Misc Music Files
2012-08-13 12:57 - 2011-08-04 09:13 - 0000000 ____D C:\Users\Technicyst Fix\Desktop\Misc Albums
2012-08-13 12:41 - 2012-08-13 12:41 - 0180488 ____A (PC Tools) C:\Windows\System32\Drivers\pctplfw64.sys
2012-08-13 12:41 - 2012-08-13 12:41 - 0119688 ____A (PC Tools) C:\Windows\System32\Drivers\pctNdis-PacketFilter64.sys
2012-08-13 12:41 - 2012-08-13 12:41 - 0042968 ____A (PC Tools) C:\Windows\System32\Drivers\pctNdis-DNS64.sys
2012-08-13 12:35 - 2011-06-10 16:19 - 0000000 ____D C:\Program Files\PeerBlock
2012-08-13 12:28 - 2009-07-13 23:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-08-13 12:28 - 2009-07-13 23:45 - 0014240 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-08-13 12:18 - 2009-07-14 00:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-08-13 12:18 - 2009-07-13 23:51 - 0189850 ____A C:\Windows\setupact.log
2012-08-13 12:00 - 2012-08-13 12:00 - 0002109 ____A C:\Users\Public\Desktop\PC Tools Internet Security.lnk
2012-08-13 12:00 - 2012-08-13 12:00 - 0002109 ____A C:\Users\All Users\Desktop\PC Tools Internet Security.lnk
2012-08-13 12:00 - 2012-07-24 23:02 - 2127190 ____A C:\Windows\System32\Drivers\Cat.DB
2012-08-13 11:58 - 2011-06-10 14:05 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\uTorrent
2012-08-13 11:58 - 2011-06-10 14:05 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\uTorrent
2012-08-13 11:56 - 2012-08-13 11:45 - 0816016 ____A (PC Tools) C:\Windows\System32\Drivers\pctEFA64.sys
2012-08-13 11:56 - 2012-08-13 11:45 - 0452872 ____A (PC Tools) C:\Windows\System32\Drivers\pctDS64.sys
2012-08-13 11:56 - 2012-08-13 11:45 - 0141312 ____A (PC Tools) C:\Windows\System32\Drivers\pctwfpfilter64.sys
2012-08-13 11:56 - 2012-07-24 23:02 - 0228392 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-08-13 11:45 - 2012-07-24 23:02 - 0000000 ____D C:\Users\All Users\PC Tools
2012-08-13 11:45 - 2012-07-24 23:02 - 0000000 ____D C:\Users\All Users\Application Data\PC Tools
2012-08-13 11:45 - 2012-07-24 23:02 - 0000000 ____D C:\ProgramData\PC Tools
2012-08-13 11:43 - 2012-08-13 11:42 - 0000000 ____D C:\Users\Technicyst Fix\Downloads\PC.Tools.Spyware.Doctor.2011.8.0.0.662.Incl.License.Key
2012-08-13 10:59 - 2010-04-14 19:19 - 0088340 ____A C:\Users\Technicyst Fix\My Documents\Expenses2010New.xlsx
2012-08-13 10:59 - 2010-04-14 19:19 - 0088340 ____A C:\Users\Technicyst Fix\Documents\Expenses2010New.xlsx
2012-08-08 11:20 - 2012-08-08 11:20 - 0129024 ____A C:\Windows\RegBootClean64.exe
2012-08-08 11:20 - 2010-04-09 18:22 - 0000000 ____D C:\users\Technicyst Fix
2012-08-07 18:08 - 2012-04-08 00:29 - 0000000 __SHD C:\$RECYCLE.BIN
2012-08-05 22:38 - 2012-01-15 14:15 - 0000000 ____D C:\BigFishGamesCache
2012-08-05 22:37 - 2010-04-09 18:26 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\DataSafeOnline
2012-08-05 22:37 - 2010-04-09 18:26 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Application Data\DataSafeOnline
2012-08-05 22:37 - 2010-04-09 18:26 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Local\DataSafeOnline
2012-08-05 12:44 - 2012-08-05 11:33 - 0000000 ____D C:\Users\Technicyst Fix\Downloads\13 GAME OF DEATH[2006][ENG][AC3 5.1][DVDRip]-KonzillaRG
2012-08-03 18:49 - 2012-07-24 23:05 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-08-03 18:49 - 2012-06-14 10:26 - 0000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-08-03 18:48 - 2012-05-16 22:16 - 0378911 ____A C:\Users\Technicyst Fix\.DLMSave_back.xml
2012-08-03 18:48 - 2012-05-16 22:16 - 0084114 ____A C:\Users\Technicyst Fix\.DLMSave.xml
2012-08-03 18:48 - 2012-05-16 22:15 - 0208759 ____A C:\Users\Technicyst Fix\.DLMLogFile.txt
2012-08-03 18:48 - 2012-05-16 22:15 - 0000236 ____A C:\Users\Technicyst Fix\.DLMTempFile.txt
2012-08-03 06:42 - 2012-03-28 14:42 - 0426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-08-03 06:42 - 2012-03-28 14:42 - 0070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-08-01 18:44 - 2012-08-01 18:44 - 0000000 ____D C:\Program Files\JBridge
2012-08-01 14:59 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\My Documents\Ableton
2012-08-01 14:59 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\Documents\Ableton
2012-08-01 14:55 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\Ableton
2012-08-01 14:55 - 2012-08-01 14:55 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\Users\All Users\Application Data\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\Users\All Users\Ableton
2012-08-01 14:52 - 2012-08-01 14:52 - 0000000 ____D C:\ProgramData\Ableton
2012-07-30 12:51 - 2012-05-16 22:15 - 0001248 ____A C:\Users\Technicyst Fix\.Setting.ini
2012-07-30 12:51 - 2012-05-16 22:15 - 0000000 ___SD C:\Users\Technicyst Fix\Desktop\My eMusic
2012-07-29 13:47 - 2010-04-10 01:02 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Focusrite_Audio_Engineeri
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Application Data\Focusrite_Audio_Engineeri
2012-07-27 23:06 - 2012-07-27 23:06 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Local\Focusrite_Audio_Engineeri
2012-07-26 19:53 - 2009-07-14 00:13 - 0746256 ____A C:\Windows\System32\PerfStringBackup.INI
2012-07-26 19:06 - 2012-07-26 19:06 - 0000954 ____A C:\Users\Public\Desktop\µTorrent.lnk
2012-07-26 19:06 - 2012-07-26 19:06 - 0000954 ____A C:\Users\All Users\Desktop\µTorrent.lnk
2012-07-26 19:06 - 2012-07-26 19:06 - 0000000 ____D C:\Program Files (x86)\uTorrent
2012-07-26 19:05 - 2012-07-26 19:05 - 0895376 ____A (BitTorrent, Inc.) C:\Users\Technicyst Fix\Downloads\uTorrent(1).exe
2012-07-25 00:27 - 2009-07-14 00:08 - 0032648 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-07-24 23:02 - 2012-07-24 23:02 - 4165584 ____A (PC Tools) C:\Users\Technicyst Fix\Downloads\SD_Online_aff_GenericRevenueWire_207.exe
2012-07-24 23:02 - 2012-07-24 23:02 - 0725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Technicyst Fix\Downloads\SpyHunter-Installer(1).exe
2012-07-24 23:02 - 2012-07-24 23:02 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\TestApp
2012-07-24 23:02 - 2012-07-24 23:02 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\TestApp
2012-07-24 23:01 - 2012-07-24 23:01 - 0725440 ____A (Enigma Software Group USA, LLC.) C:\Users\Technicyst Fix\Downloads\SpyHunter-Installer.exe
2012-07-24 22:58 - 2012-07-24 22:58 - 0145746 ____A C:\TDSSKiller.2.7.48.0_24.07.2012_22.58.04_log.txt
2012-07-23 12:59 - 2010-04-11 00:32 - 0000000 ____D C:\Program Files (x86)\eMusic Download Manager
2012-07-23 12:57 - 2012-04-08 09:18 - 0001120 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 12:57 - 2012-04-08 09:18 - 0001120 ____A C:\Users\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2012-07-23 12:57 - 2012-04-04 19:09 - 0000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-07-14 07:33 - 2012-07-13 20:42 - 0013033 ____A C:\Users\Technicyst Fix\My Documents\ashlist.docx
2012-07-14 07:33 - 2012-07-13 20:42 - 0013033 ____A C:\Users\Technicyst Fix\Documents\ashlist.docx
2012-07-11 14:20 - 2012-07-11 14:20 - 1637016 ____A C:\Users\Technicyst Fix\Downloads\AmazonMP3DownloaderInstall.exe
2012-07-11 14:20 - 2012-07-11 14:20 - 0000000 ____D C:\Users\Technicyst Fix\My Documents\Amazon MP3
2012-07-11 14:20 - 2012-07-11 14:20 - 0000000 ____D C:\Users\Technicyst Fix\Documents\Amazon MP3
2012-07-11 14:20 - 2012-07-11 14:20 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\Amazon
2012-07-11 14:20 - 2012-07-11 14:20 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\Amazon
2012-07-11 14:20 - 2012-07-11 14:20 - 0000000 ____D C:\Program Files (x86)\Amazon
2012-07-11 03:25 - 2010-04-10 20:38 - 0000000 ___RD C:\Users\Technicyst Fix\Podcasts
2012-07-11 03:25 - 2010-04-09 18:25 - 0000402 __ASH C:\Users\Technicyst Fix\My Documents\desktop.ini
2012-07-11 03:25 - 2010-04-09 18:25 - 0000174 ___SH C:\Users\Technicyst Fix\Start Menu\Programs\Startup\desktop.ini
2012-07-11 03:25 - 2010-04-09 18:25 - 0000174 ___SH C:\Users\Technicyst Fix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
2012-07-11 03:23 - 2009-07-13 23:45 - 0459352 ____A C:\Windows\System32\FNTCACHE.DAT
2012-07-11 03:06 - 2010-04-09 23:58 - 0000000 ____D C:\Users\All Users\Microsoft Help
2012-07-11 03:06 - 2010-04-09 23:58 - 0000000 ____D C:\Users\All Users\Application Data\Microsoft Help
2012-07-11 03:06 - 2010-04-09 23:58 - 0000000 ____D C:\ProgramData\Microsoft Help
2012-07-11 03:06 - 2009-07-13 21:34 - 0000897 ____A C:\Windows\win.ini
2012-07-11 03:02 - 2010-04-12 16:55 - 59701280 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-07-09 21:11 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\rescache
2012-07-09 12:44 - 2011-11-02 15:14 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\McAfee Anti-Theft
2012-07-09 12:44 - 2011-11-02 15:14 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Application Data\McAfee Anti-Theft
2012-07-09 12:44 - 2011-11-02 15:14 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Local\McAfee Anti-Theft
2012-07-03 13:46 - 2012-04-08 09:18 - 0024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-22 23:45 - 2012-06-22 23:45 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Macromedia
2012-06-22 23:45 - 2012-06-22 23:45 - 0000000 ____D C:\Users\Technicyst Fix\Local Settings\Application Data\Macromedia
2012-06-22 23:45 - 2012-06-22 23:45 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Local\Macromedia
2012-06-16 12:35 - 2010-05-26 22:28 - 0000000 ____D C:\Users\Technicyst Fix\My Documents\Propellerhead Logs
2012-06-16 12:35 - 2010-05-26 22:28 - 0000000 ____D C:\Users\Technicyst Fix\Documents\Propellerhead Logs
2012-06-16 12:31 - 2010-04-13 17:36 - 0000000 ____D C:\Users\Technicyst Fix\Application Data\Propellerhead Software
2012-06-16 12:31 - 2010-04-13 17:36 - 0000000 ____D C:\Users\Technicyst Fix\AppData\Roaming\Propellerhead Software
2012-06-16 12:16 - 2012-06-16 12:16 - 0000885 ____A C:\Users\Public\Desktop\Reason.lnk
2012-06-16 12:16 - 2012-06-16 12:16 - 0000885 ____A C:\Users\All Users\Desktop\Reason.lnk
2012-06-16 12:16 - 2012-06-16 12:16 - 0000000 ____D C:\Program Files\Propellerhead
2012-06-16 11:54 - 2012-06-16 11:47 - 1105128581 ____A C:\Users\Technicyst Fix\Downloads\Reason_650_without_soundbank.zip
2012-06-14 10:26 - 2012-06-14 10:26 - 0000000 ____D C:\Users\All Users\Mozilla
2012-06-14 10:26 - 2012-06-14 10:26 - 0000000 ____D C:\Users\All Users\Application Data\Mozilla
2012-06-14 10:26 - 2012-06-14 10:26 - 0000000 ____D C:\ProgramData\Mozilla
2012-06-11 22:02 - 2012-07-11 03:06 - 3147264 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-06-11 18:45 - 2009-07-13 22:20 - 0000000 ____D C:\Windows\LiveKernelReports
2012-06-09 00:30 - 2012-07-10 20:21 - 14165504 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-06-08 23:46 - 2012-07-10 20:21 - 12868608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-06-06 00:50 - 2012-07-10 20:21 - 2003968 ____A (Microsoft Corporation) C:\Windows\System32\msxml6.dll
2012-06-06 00:50 - 2012-07-10 20:21 - 1880064 ____A (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2012-06-06 00:09 - 2012-07-10 20:21 - 1389568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2012-06-06 00:09 - 2012-07-10 20:21 - 1236992 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2012-06-02 17:19 - 2012-06-23 20:02 - 2428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 17:19 - 2012-06-23 20:02 - 0701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 17:19 - 2012-06-23 20:02 - 0057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 17:19 - 2012-06-23 20:02 - 0044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 17:19 - 2012-06-23 20:02 - 0038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 17:15 - 2012-06-23 20:02 - 2622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 17:15 - 2012-06-23 20:02 - 0099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 15:19 - 2012-06-23 20:01 - 0186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 15:15 - 2012-06-23 20:01 - 0036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-02 07:49 - 2012-07-11 03:01 - 17807360 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-06-02 07:17 - 2012-07-11 03:01 - 10924032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-06-02 07:12 - 2012-07-11 03:01 - 2311680 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-06-02 07:05 - 2012-07-11 03:01 - 1392128 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-06-02 07:05 - 2012-07-11 03:01 - 1346048 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-06-02 07:04 - 2012-07-11 03:01 - 1494528 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-06-02 07:04 - 2012-07-11 03:01 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-06-02 07:03 - 2012-07-11 03:01 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-06-02 07:01 - 2012-07-11 03:01 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-06-02 07:00 - 2012-07-11 03:01 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-06-02 06:59 - 2012-07-11 03:01 - 2144768 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-06-02 06:57 - 2012-07-11 03:01 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-06-02 06:57 - 2012-07-11 03:01 - 0096768 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-06-02 06:54 - 2012-07-11 03:01 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-06-02 04:07 - 2012-07-11 03:01 - 12314624 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-06-02 03:43 - 2012-07-11 03:01 - 9737728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-06-02 03:33 - 2012-07-11 03:01 - 1800192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-06-02 03:26 - 2012-07-11 03:01 - 1103872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-06-02 03:25 - 2012-07-11 03:01 - 1427968 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-06-02 03:25 - 2012-07-11 03:01 - 1129472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-06-02 03:23 - 2012-07-11 03:01 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-06-02 03:21 - 2012-07-11 03:01 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-06-02 03:20 - 2012-07-11 03:01 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-06-02 03:19 - 2012-07-11 03:01 - 1793024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-06-02 03:19 - 2012-07-11 03:01 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-06-02 03:17 - 2012-07-11 03:01 - 0073216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-06-02 03:16 - 2012-07-11 03:01 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-06-02 03:14 - 2012-07-11 03:01 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-06-02 00:38 - 2012-07-10 20:21 - 0152432 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2012-06-02 00:38 - 2012-07-10 20:21 - 0095088 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2012-06-02 00:37 - 2012-07-10 20:21 - 0459216 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2012-06-02 00:27 - 2012-07-10 20:21 - 0340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2012-06-02 00:27 - 2012-07-10 20:21 - 0307200 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2012-06-01 23:48 - 2012-07-10 20:21 - 0225280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2012-06-01 23:48 - 2012-07-10 20:21 - 0022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2012-06-01 23:47 - 2012-07-10 20:21 - 0219136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2012-06-01 23:42 - 2012-07-10 20:21 - 0096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2012-06-01 22:00 - 2012-05-21 15:34 - 0000000 ____D C:\Program Files (x86)\Diablo III
2012-05-25 20:16 - 2010-04-24 20:54 - 0000000 ____D C:\Program Files (x86)\Steam
2012-05-25 20:02 - 2012-05-25 20:02 - 0000000 ____D C:\Users\Technicyst Fix\My Documents\Diablo III
2012-05-25 20:02 - 2012-05-25 20:02 - 0000000 ____D C:\Users\Technicyst Fix\Documents\Diablo III
2012-05-21 15:34 - 2012-05-21 15:34 - 0000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-05-21 15:34 - 2012-05-21 15:34 - 0000000 ____D C:\Users\All Users\Application Data\Blizzard Entertainment
2012-05-21 15:34 - 2012-05-21 15:34 - 0000000 ____D C:\ProgramData\Blizzard Entertainment
2012-05-21 15:33 - 2012-05-21 15:33 - 0000000 ____D C:\Users\All Users\Battle.net
2012-05-21 15:33 - 2012-05-21 15:33 - 0000000 ____D C:\Users\All Users\Application Data\Battle.net
2012-05-21 15:33 - 2012-05-21 15:33 - 0000000 ____D C:\ProgramData\Battle.net
2012-05-21 15:32 - 2012-05-21 15:32 - 32288896 ____A (Blizzard Entertainment) C:\Users\Technicyst Fix\Downloads\Diablo-III-Setup-enUS.exe

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

========================= Memory info ======================

Percentage of memory in use: 9%
Total physical RAM: 8182.99 MB
Available physical RAM: 7384.29 MB
Total Pagefile: 8181.14 MB
Available Pagefile: 7377.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB

======================= Partitions =========================

1 Drive c: (LOCAL DISK ) (Fixed) (Total:456.6 GB) (Free:139.61 GB) NTFS
2 Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:603.59 GB) NTFS
4 Drive f: (WD Passport) (Fixed) (Total:55.87 GB) (Free:0.27 GB) NTFS
5 Drive g: (CODEMETER) (Removable) (Total:0.04 GB) (Free:0 GB) FAT32
6 Drive h: (RECOVERY) (Fixed) (Total:9.12 GB) (Free:4.05 GB) NTFS ==>[System with boot components (obtained from reading drive)]
11 Drive m: (KINGSTON) (Removable) (Total:7.5 GB) (Free:1.02 GB) FAT32
12 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 931 GB 0 B
Disk 2 No Media 0 B 0 B
Disk 3 No Media 0 B 0 B
Disk 4 No Media 0 B 0 B
Disk 5 No Media 0 B 0 B
Disk 6 Online 39 MB 0 B
Disk 7 Online 55 GB 14 MB
Disk 8 Online 7692 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 39 MB 31 KB
Partition 2 Primary 9 GB 40 MB
Partition 3 Primary 456 GB 9 GB

======================================================================================================

Disk: 0
Partition 1
Type : DE
Hidden: Yes
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 11 FAT Partition 39 MB Healthy Hidden

======================================================================================================

Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 H RECOVERY NTFS Partition 9 GB Healthy

======================================================================================================

Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C LOCAL DISK NTFS Partition 456 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 1024 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 D DATAPART1 NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 6:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 39 MB 31 KB

======================================================================================================

Disk: 6
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 8 G CODEMETER FAT32 Removable 39 MB Healthy

======================================================================================================

Partitions of Disk 7:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 55 GB 31 KB

======================================================================================================

Disk: 7
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 9 F WD Passport NTFS Partition 55 GB Healthy

======================================================================================================

Partitions of Disk 8:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 7690 MB 1044 KB

======================================================================================================

Disk: 8
Partition 1
Type : 0B
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 10 M KINGSTON FAT32 Removable 7690 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-08-07 05:20

Tap on F8 at startup to get to the advanced menu. Select Disable automatic restart on system failure. Once the BSOD occurs, write down the details and post them in your next reply.

Download MBRFix from here.

Save and extract its contents to the working computer's desktop. There are three files in the MBRFix folder. From these, only copy the MBRFix64.exe to the USB drive.

Also download the enclosed file and save it in the USB drive.  fixlist.txt   16bytes   6 downloads

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log in the flashdrive (Fixlog.txt). It will also create a file labeled MBRDUMP.txt. Copy and Paste the contents of the Fixlog.txt in your next reply, but attach the MBRDUMP.txt as it is a hex file.

BSOD Details: A problem has been detected and windows has been shut down to prevent damage to your compunter. A process or thread curcial to system operation has unexpectedly exited or been terminated. If this is the first time you've seen this Stop error screen, restart your computer. If this screen appears again, follow these steps: Check to make sure any new hw or sw is properly installed. If this is a new install, ask your hw or sw mfg for any win updates you might need. If probs continue, disable or remove any newly installed hw or sw. Disable BIOS memory options such as caching or shadowing...If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select Advanced Startup Options, and the select Safe Mode.

Technical Info:

***STOP: 0x000000F4 (0x0000000000000003,0xFFFFFA800B188B30,0xFFFFFFA800B188E10,0XFFFFF800039c3720)

Collecting data for crash dump...
Initializing disk for crash dump...
Beginning dump of physical memory.
Dumping physical memory to disk: 100
Physical memory dump complete.
Contact your sys admin or tech support group for further assistance.



Here is the Fixlog.txt:
Fix result of Farbar Recovery Scan Tool (FRST written by farbar) Version: 15-03-2012
Ran by SYSTEM at 2012-08-15 22:00:14 R:2
Running from I:\

==============================================


==== End of Fixlog ====




I did not get a generated MBRDUMP.txt file to attach for some reason.

Was the MBRFix64.exe copied to the USB drive? Please try again.

Enter the BIOS Setup Utility at startup. Browse to the SATA settings. If set to AHCI, change it to Compatible if available.

MBRFix64.exe is on the USB drive, but the MBRDUMP.txt did not generate again. Did I need to execute the MBRFix64 or should it have automatically created when I reran FRST64? I also went into my Setup SATA settings, and none of the drives showed AHCI next to them. Thanks again for your time.

MBRFix64.exe is on the USB drive, but the MBRDUMP.txt did not generate again. Did I need to execute the MBRFix64 or should it have automatically created when I reran FRST64? I also went into my Setup SATA settings, and none of the drives showed AHCI next to them. Thanks again for your time.

If MBRFix is next to FRST64, all you have to do is to run FRST64 and click on the Fix button. Post the report (FRST.txt)it will produce.

MBRFix64.exe is on the USB drive, but the MBRDUMP.txt did not generate again. Did I need to execute the MBRFix64 or should it have automatically created when I reran FRST64? I also went into my Setup SATA settings, and none of the drives showed AHCI next to them. Thanks again for your time.

If MBRFix is next to FRST64, all you have to do is to run FRST64 and click on the Fix button. Post the report (FRST.txt)it will produce.

Got it to work for some reason this time. Thanks for being patient

Here is the converted hex file from the MBRDUMP.txt

Do not copy and paste its contents. Rather attach the file to your reply as it is a hex file.

Here is what generated. Hope this helps.  MBRDUMP.txt   512bytes   5 downloads

Download the enclosed file  fixlist.txt   65bytes   8 downloads

Save it in the USB drive next to FRST, overwriting the existing one.

Insert the USB drive into the ailing computer.

Now please enter System Recovery Options and run FRST64 as you did before, except that this time around, press the Fix button just once and wait.

The tool will make a log in the flashdrive (Fixlog.txt). Copy and Paste the contents of the Fixlog.txt in your next reply.

BTW, if successful, a file will be copied to the flash drive (MEMORY.DMP). Zip and attach the file to your reply.