Jump to content

Windows 7 Black Screen Virus/ Can't boot into safe mode


Recommended Posts

I've tried reading around for solutions and it seems that most people start with entering safemode and running antimalware from there. The problem is I cannot enter safemode or safemode with command prompt or networking so I can't run malwarebytes. I have an alienware aurora running windows 7 SP1 and for some reason, when i try to boot from the install disk, there is no option to repair! i'm freaking out, because i have very important data i must recover and any help would be GREATLY appreciated. thanks!

 

 

is there anything i can do with the Farbar Recovery Scan Tool x64 by the way?

Link to post
Share on other sites

Welcome to the forum, here's how we deal with that malware:

  • Please download Farbar Recovery Scan Tool and save it to a flash drive.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    Plug the flash drive into the infected PC.

  • If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

    If you are using Vista or Windows 7 enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:

    • Restart the computer.
    • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
    • Use the arrow keys to select the Repair your computer menu item.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account an click Next.
    Note: In case you can not enter System Recovery Options by using F8 method, you can use Windows installation disc, or make a repair disc. Any Windows installation disc or a repair disc made on another computer can be used.

    To make a repair disk on Windows 7 consult: http://www.sevenforums.com/tutorials/2083-system-repair-disc-create.html

    To enter System Recovery Options by using Windows installation disc:

    • Insert the installation disc.
    • Restart your computer.
    • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
    • Click Repair your computer.
    • Select US as the keyboard language settings, and then click Next.
    • Select the operating system you want to repair, and then click Next.
    • Select your user account and click Next.
  • On the System Recovery Options menu you will get the following options:
      • Startup Repair

        System Restore

        Windows Complete PC Restore

        Windows Memory Diagnostic Tool

        Command Prompt

        Select Command Prompt

        Once in the Command Prompt:

    • In the command window type in notepad and press Enter.
    • The notepad opens. Under File menu select Open.
    • Select "Computer" and find your flash drive letter and close the notepad.
    • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter

      Note: Replace letter e with the drive letter of your flash drive.

    • The tool will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
MrC
Link to post
Share on other sites

i should note that it ends up with a black screen with a cursor, nothing else. i've left this running for about an hour and nothing changed.

 

 

the original virus i had inverted all of my colors and tried to uninstall my antivirus/malware removal programs. i tried doing a system restore and after it completed, it just hangs on the black screen with the movable cursor

Link to post
Share on other sites

here is the FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013

Ran by SYSTEM on MININT-1NEEDSF on 05-10-2013 06:37:35
Running from O:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Command Center Controllers] - C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-18] (Alienware)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [Trend Micro Titanium] - C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1374328 2013-05-29] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] - C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [209712 2013-02-04] (Trend Micro Inc.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [237693 2009-02-03] (Creative Technology Ltd)
HKLM-x32\...\Run: [sPIRunE] - C:\Windows\\SysWOW64\SPIRunE.dll [18432 2009-07-27] (Creative Technology Ltd.)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [LaCie Shortcut Startup] - C:\Program Files (x86)\LaCie\Shortcut Button\LaCieShortcutTrayApp.exe [274432 2009-09-01] (LaCie)
HKLM-x32\...\Run: [KORG USB-MIDI Driver] - C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe [393616 2011-03-30] (KORG Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] - C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [sDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\Nicholas\...\Run: [LaCie Backup] - C:\Program Files (x86)\LaCie\Backup Software\\LaCieBackup.exe [2600960 2007-12-03] (LaCie SA)
HKU\Nicholas\...\Run: [iSUSPM Startup] - c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe [221184 2004-06-14] (InstallShield Software Corporation)
HKU\Nicholas\...\Run: [Google Update] - C:\Users\Nicholas\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-10] (Google Inc.)
HKU\Nicholas\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4270640 2013-03-19] ()
HKU\Nicholas\...\Run: [steam] - C:\Program Files (x86)\Steam\steam.exe [1814440 2013-09-21] (Valve Corporation)
HKU\Nicholas\...\Policies\system: [EnableLUA] 1
IMEO\cuemix fx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\mfwakeys.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\mfwakeys64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu audio console.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu audio setup 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu cuemix console 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu smpte console.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu smpte setup 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
Startup: C:\Users\Nicholas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall Webroot RunOnce.lnk
ShortcutTarget: Uninstall Webroot RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Services (Whitelisted) =================
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2010-10-13] (Adobe Systems)
S2 BWH32S; C:\Program Files (x86)\BUFFALO\clientmgrv\bin\BWH32S.exe [126328 2009-07-09] (BUFFALO INC.)
S2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
S2 OxygenAudioDevMon; C:\Program Files (x86)\M-Audio\Oxygen\AudioDevMon.exe [1632776 2010-03-04] (M-Audio)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-06-15] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2028864 2011-12-08] (TuneUp Software)
S2 XTUService; C:\Program Files (x86)\Common Files\Intel\Intel Extreme Tuning Utility\PerfTuneService.exe [30944 2009-07-27] (Intel Corporation)
S2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [x]
 
==================== Drivers (Whitelisted) ====================
 
S3 Bufeap; C:\Windows\System32\DRIVERS\bufeap64.sys [18944 2010-07-05] (BUFFALO INC.)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-11-12] (UB658)
S3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25720 2011-03-25] ()
S2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS [27096 2009-07-09] (Intel Corporation)
S2 IOCBIOS; C:\ProgramData\Intel\Extreme Tuning Utility\IOCbios\64bit\IOCBIOS.SYS [27096 2009-07-09] (Intel Corporation)
S3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 mio; C:\Windows\System32\DRIVERS\mio.sys [14928 2010-10-13] (Dell/Alienware)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 OXYGEN; C:\Windows\System32\DRIVERS\MAudioOxygen.sys [134664 2010-03-04] (M-Audio)
S3 pfc; C:\Windows\SysWow64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
S0 SI3132; C:\Windows\System32\DRIVERS\SI3132.sys [90664 2009-07-29] (Silicon Image, Inc)
S0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [22056 2009-07-29] (Silicon Image, Inc)
S0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [17448 2009-07-29] (Silicon Image, Inc)
S1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [108584 2012-12-21] (Trend Micro Inc.)
S0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [174016 2012-12-21] (Trend Micro Inc.)
S0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [46392 2012-08-24] (Trend Micro Inc.)
S1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [77184 2012-12-21] (Trend Micro Inc.)
S1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [11856 2010-11-29] (TuneUp Software)
S3 ucgnsta; C:\Windows\System32\DRIVERS\ucgnstax.sys [987648 2009-08-05] (Ralink Technology Corp.)
S3 cpuz135; \??\C:\Users\Nicholas\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [x]
S3 MFWAMIDI64; system32\drivers\MFWAMIDI64.sys [x]
S3 MFWAWAVE64; system32\drivers\MFWAWAVE64.sys [x]
S3 motubus; system32\drivers\MotuBus64.sys [x]
S3 MotuFWA64; system32\drivers\Motufwa64.sys [x]
S3 pfc; system32\drivers\pfc.sys [x]
S2 TMAgent; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-05 06:37 - 2013-10-05 06:37 - 00000000 ____D C:\FRST
2013-10-05 03:34 - 2013-10-05 03:34 - 00000000 ____D C:\Users\Nicholas\AppData\Local\IsolatedStorage
2013-09-30 04:53 - 2013-09-30 04:56 - 00000000 ____D C:\Users\Nicholas\Desktop\New folder
2013-09-30 04:37 - 2013-09-30 04:37 - 00272144 _____ C:\Users\Nicholas\Documents\SGTA50000
2013-09-30 04:22 - 2013-09-30 04:35 - 00331776 _____ C:\Users\Nicholas\Desktop\SGTA50000
2013-09-28 03:53 - 2012-01-04 17:00 - 00190752 _____ (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe
2013-09-28 03:49 - 2013-09-28 03:49 - 30669224 _____ (Oracle Corporation) C:\Users\Nicholas\Downloads\jre-7u40-windows-x64.exe
2013-09-28 03:49 - 2013-09-28 03:49 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Nicholas\Downloads\Shockwave_Installer_Slim(6).exe
2013-09-28 03:48 - 2013-09-28 03:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-28 03:47 - 2013-09-28 03:47 - 00001032 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-28 03:47 - 2013-09-28 03:47 - 00001032 _____ C:\ProgramData\Desktop\VLC media player.lnk
2013-09-27 21:19 - 2013-09-27 21:19 - 00058016 _____ C:\Users\Nicholas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-27 21:16 - 2013-09-27 21:17 - 00282080 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-27 20:59 - 2013-09-27 20:59 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-27 20:54 - 2013-09-12 03:58 - 29337376 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 11274528 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-09-27 20:54 - 2013-09-12 03:58 - 09281032 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 07648000 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 02970400 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 02367264 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6432723.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432723.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00681760 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00603424 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00458528 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00317472 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00168616 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-09-27 20:54 - 2013-09-12 03:58 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-27 20:54 - 2013-06-16 07:38 - 00196384 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2013-09-27 20:54 - 2013-06-16 07:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\NVIDIA
2013-09-27 20:48 - 2013-08-20 08:33 - 00039200 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2013-09-27 20:48 - 2013-08-20 08:32 - 00028448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2013-09-27 20:41 - 2013-09-27 20:41 - 00101044 _____ C:\Users\Nicholas\Documents\cc_20130927_184139.reg
2013-09-27 20:39 - 2013-09-27 20:39 - 04369632 _____ (Piriform Ltd) C:\Users\Nicholas\Downloads\ccsetup406.exe
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Users\Nicholas\AppData\Local\M-Audio
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\ProgramData\M-Audio
2013-09-27 19:50 - 2013-09-27 19:50 - 00000000 ____D C:\ProgramData\AVID
2013-09-27 19:49 - 2013-09-27 19:49 - 00000000 ____D C:\Users\Nicholas\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10
2013-09-27 19:44 - 2013-09-27 19:45 - 16465549 _____ C:\Users\Nicholas\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10.zip
2013-09-24 00:43 - 2013-09-24 00:43 - 12788656 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.3.0 (1).exe
2013-09-24 00:42 - 2013-09-24 00:42 - 12788656 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.3.0.exe
2013-09-20 03:46 - 2013-09-20 03:46 - 12675896 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.2.2 (1).exe
2013-09-20 03:45 - 2013-09-20 03:46 - 12675896 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.2.2.exe
2013-09-13 14:44 - 2013-09-13 14:44 - 32093736 _____ (Opera Software ASA) C:\Users\Nicholas\Downloads\Opera_16.0.1196.73_Setup.exe
2013-09-13 14:44 - 2013-09-13 14:44 - 00001095 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-13 14:44 - 2013-09-13 14:44 - 00001095 _____ C:\ProgramData\Desktop\Opera.lnk
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Users\Nicholas\AppData\Roaming\Opera Software
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Opera Software
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-12 03:17 - 2013-09-12 03:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 02:18 - 2013-08-10 00:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-09-12 02:18 - 2013-08-10 00:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-09-12 02:18 - 2013-08-10 00:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-09-12 02:18 - 2013-08-10 00:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-09-12 02:18 - 2013-08-10 00:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-09-12 02:18 - 2013-08-10 00:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-09-12 02:18 - 2013-08-10 00:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-09-12 02:18 - 2013-08-09 22:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-12 02:18 - 2013-08-09 22:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-12 02:18 - 2013-08-09 22:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-12 02:18 - 2013-08-09 22:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-09-12 02:18 - 2013-08-09 22:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-12 02:18 - 2013-08-09 21:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-09-12 02:18 - 2013-08-09 21:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-09-11 23:38 - 2013-08-07 20:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-09-11 23:38 - 2013-08-01 21:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-09-11 23:38 - 2013-08-01 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-09-11 23:38 - 2013-08-01 21:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2013-09-11 23:38 - 2013-08-01 21:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2013-09-11 23:38 - 2013-08-01 21:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2013-09-11 23:38 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2013-09-11 23:38 - 2013-08-01 21:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2013-09-11 23:38 - 2013-08-01 21:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2013-09-11 23:38 - 2013-08-01 21:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-09-11 23:38 - 2013-08-01 20:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-09-11 23:38 - 2013-08-01 20:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-09-11 23:38 - 2013-08-01 20:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-09-11 23:38 - 2013-08-01 20:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-09-11 23:38 - 2013-08-01 20:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2013-09-11 23:38 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2013-09-11 23:38 - 2013-08-01 19:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-09-11 23:38 - 2013-08-01 19:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-09-11 23:38 - 2013-08-01 19:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-09-11 23:38 - 2013-08-01 19:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-09-11 23:38 - 2013-08-01 19:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 19:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 19:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-09-11 23:38 - 2013-08-01 19:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-09-11 23:38 - 2013-07-25 21:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-09-11 23:38 - 2013-07-25 21:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-09-11 23:38 - 2013-07-25 20:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-09-11 23:38 - 2013-07-25 20:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-09-09 01:00 - 2013-09-09 01:00 - 00234544 _____ C:\Windows\RegBootClean64.exe
 
==================== One Month Modified Files and Folders =======
 
2013-10-05 07:02 - 2013-04-19 23:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-05 06:37 - 2013-10-05 06:37 - 00000000 ____D C:\FRST
2013-10-05 06:34 - 2013-03-10 00:19 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3319450469-3659752436-2706004232-1000UA.job
2013-10-05 06:24 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-05 06:24 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-05 06:19 - 2009-07-14 00:10 - 01073710 _____ C:\Windows\WindowsUpdate.log
2013-10-05 06:15 - 2010-03-23 16:54 - 00000000 ____D C:\ProgramData\NVIDIA
2013-10-05 06:15 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-05 05:05 - 2013-08-15 22:31 - 00000000 ____D C:\ProgramData\Trend Micro
2013-10-05 05:02 - 2011-12-06 23:22 - 00032266 _____ C:\Windows\PFRO.log
2013-10-05 04:56 - 2013-08-15 22:32 - 00000000 ____D C:\Program Files\Trend Micro
2013-10-05 04:56 - 2013-03-19 19:22 - 00000000 ____D C:\ProgramData\PMB Files
2013-10-05 04:56 - 2012-09-03 13:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-05 04:56 - 2011-09-02 00:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-10-05 04:56 - 2010-03-25 18:02 - 00000000 ____D C:\users\Nicholas
2013-10-05 04:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-05 04:55 - 2012-10-11 16:49 - 00000000 ___RD C:\Users\Nicholas\Dropbox
2013-10-05 04:53 - 2013-05-23 18:59 - 00000000 ____D C:\Program Files (x86)\Steam
2013-10-05 04:24 - 2013-03-19 19:23 - 00000000 ____D C:\Users\Nicholas\AppData\Local\PMB Files
2013-10-05 04:02 - 2013-08-15 22:37 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Trend Micro
2013-10-05 03:53 - 2010-03-25 18:02 - 00000000 ____D C:\Users\Nicholas\AppData\Local\SoftThinks
2013-10-05 03:34 - 2013-10-05 03:34 - 00000000 ____D C:\Users\Nicholas\AppData\Local\IsolatedStorage
2013-09-30 04:56 - 2013-09-30 04:53 - 00000000 ____D C:\Users\Nicholas\Desktop\New folder
2013-09-30 04:37 - 2013-09-30 04:37 - 00272144 _____ C:\Users\Nicholas\Documents\SGTA50000
2013-09-30 04:35 - 2013-09-30 04:22 - 00331776 _____ C:\Users\Nicholas\Desktop\SGTA50000
2013-09-28 03:59 - 2010-03-23 16:34 - 00000000 ____D C:\Program Files\Java
2013-09-28 03:56 - 2010-03-25 18:29 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-09-28 03:54 - 2010-03-27 14:03 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Adobe
2013-09-28 03:52 - 2012-09-04 01:43 - 01095080 _____ (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-09-28 03:52 - 2011-11-04 04:51 - 00973736 _____ (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-09-28 03:49 - 2013-09-28 03:49 - 30669224 _____ (Oracle Corporation) C:\Users\Nicholas\Downloads\jre-7u40-windows-x64.exe
2013-09-28 03:49 - 2013-09-28 03:49 - 07912440 _____ (Adobe Systems Inc.) C:\Users\Nicholas\Downloads\Shockwave_Installer_Slim(6).exe
2013-09-28 03:48 - 2013-09-28 03:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-28 03:48 - 2010-03-25 18:13 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Mozilla
2013-09-28 03:47 - 2013-09-28 03:47 - 00001032 _____ C:\Users\Public\Desktop\VLC media player.lnk
2013-09-28 03:47 - 2013-09-28 03:47 - 00001032 _____ C:\ProgramData\Desktop\VLC media player.lnk
2013-09-28 03:45 - 2013-04-07 14:58 - 00000000 ____D C:\Users\Nicholas\AppData\Roaming\vlc
2013-09-28 03:34 - 2010-03-25 18:13 - 00000000 ____D C:\Users\Nicholas\AppData\Roaming\Mozilla
2013-09-28 02:48 - 2012-10-11 16:47 - 00000000 ____D C:\Users\Nicholas\AppData\Roaming\Dropbox
2013-09-28 02:43 - 2009-07-14 00:13 - 00792654 _____ C:\Windows\System32\PerfStringBackup.INI
2013-09-28 00:34 - 2013-03-10 00:19 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3319450469-3659752436-2706004232-1000Core.job
2013-09-27 23:49 - 2011-06-25 02:16 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Native Instruments
2013-09-27 23:49 - 2011-06-22 20:03 - 00000000 ____D C:\Users\Nicholas\Documents\Native Instruments
2013-09-27 23:49 - 2011-06-22 18:58 - 00000000 ____D C:\Program Files\Common Files\Native Instruments
2013-09-27 21:19 - 2013-09-27 21:19 - 00058016 _____ C:\Users\Nicholas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-09-27 21:18 - 2011-12-06 14:29 - 00037262 _____ C:\Windows\setupact.log
2013-09-27 21:17 - 2013-09-27 21:16 - 00282080 _____ C:\Windows\System32\FNTCACHE.DAT
2013-09-27 20:59 - 2013-09-27 20:59 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-09-27 20:59 - 2010-03-23 16:53 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-09-27 20:53 - 2013-09-27 20:53 - 00000000 ____D C:\NVIDIA
2013-09-27 20:41 - 2013-09-27 20:41 - 00101044 _____ C:\Users\Nicholas\Documents\cc_20130927_184139.reg
2013-09-27 20:39 - 2013-09-27 20:39 - 04369632 _____ (Piriform Ltd) C:\Users\Nicholas\Downloads\ccsetup406.exe
2013-09-27 20:39 - 2011-11-04 06:17 - 00000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-09-27 20:39 - 2011-11-04 06:17 - 00000824 _____ C:\ProgramData\Desktop\CCleaner.lnk
2013-09-27 20:39 - 2011-11-04 06:17 - 00000000 ____D C:\Program Files\CCleaner
2013-09-27 20:21 - 2013-05-24 13:13 - 00003460 _____ C:\Windows\System32\Tasks\PCDEventLauncherTask
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\Users\Nicholas\AppData\Local\M-Audio
2013-09-27 20:02 - 2013-09-27 20:02 - 00000000 ____D C:\ProgramData\M-Audio
2013-09-27 19:53 - 2011-11-28 17:38 - 00000000 ____D C:\Program Files (x86)\M-Audio
2013-09-27 19:53 - 2011-01-23 14:44 - 00000000 ____D C:\Program Files\M-Audio
2013-09-27 19:50 - 2013-09-27 19:50 - 00000000 ____D C:\ProgramData\AVID
2013-09-27 19:49 - 2013-09-27 19:49 - 00000000 ____D C:\Users\Nicholas\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10
2013-09-27 19:45 - 2013-09-27 19:44 - 16465549 _____ C:\Users\Nicholas\Downloads\Install_M-Audio_Fast_Track_Pro_6.1.10.zip
2013-09-24 00:43 - 2013-09-24 00:43 - 12788656 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.3.0 (1).exe
2013-09-24 00:43 - 2013-07-17 00:23 - 00001241 _____ C:\Users\Public\Desktop\Horizon.lnk
2013-09-24 00:43 - 2013-07-17 00:23 - 00001241 _____ C:\ProgramData\Desktop\Horizon.lnk
2013-09-24 00:42 - 2013-09-24 00:42 - 12788656 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.3.0.exe
2013-09-20 04:08 - 2013-02-17 16:02 - 00000000 ____D C:\ProgramData\PCDr
2013-09-20 04:08 - 2013-02-17 16:01 - 00000000 ____D C:\Program Files\AlienAutopsy
2013-09-20 04:02 - 2013-04-19 23:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-20 04:02 - 2012-05-04 16:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-20 04:02 - 2011-05-24 07:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-20 03:46 - 2013-09-20 03:46 - 12675896 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.2.2 (1).exe
2013-09-20 03:46 - 2013-09-20 03:45 - 12675896 _____ (Daring Development Inc.                                     ) C:\Users\Nicholas\Downloads\Horizon.Setup.v2.7.2.2.exe
2013-09-13 14:44 - 2013-09-13 14:44 - 32093736 _____ (Opera Software ASA) C:\Users\Nicholas\Downloads\Opera_16.0.1196.73_Setup.exe
2013-09-13 14:44 - 2013-09-13 14:44 - 00001095 _____ C:\Users\Public\Desktop\Opera.lnk
2013-09-13 14:44 - 2013-09-13 14:44 - 00001095 _____ C:\ProgramData\Desktop\Opera.lnk
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Users\Nicholas\AppData\Roaming\Opera Software
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Opera Software
2013-09-13 14:44 - 2013-09-13 14:44 - 00000000 ____D C:\Program Files (x86)\Opera
2013-09-13 07:22 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-09-12 03:58 - 2013-09-27 20:54 - 29337376 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 25256224 _____ (NVIDIA Corporation) C:\Windows\System32\nvcompiler.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 22102304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 13628208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 11274528 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2013-09-12 03:58 - 2013-09-27 20:54 - 09281032 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 07720576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 07648000 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 06329552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 02970400 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 02789152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 02367264 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvenc.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 02007328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 01884448 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6432723.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 01511712 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6432723.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 01222824 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00681760 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00603424 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00586016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00515360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00458528 _____ (NVIDIA Corporation) C:\Windows\System32\nvEncodeAPI64.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00388384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00317472 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00168616 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2013-09-12 03:58 - 2013-09-27 20:54 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2013-09-12 03:58 - 2013-06-05 11:40 - 12947360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2013-09-12 03:58 - 2013-06-05 11:40 - 02630304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2013-09-12 03:58 - 2013-06-05 11:40 - 01412832 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2013-09-12 03:58 - 2010-12-15 08:10 - 00022814 _____ C:\Windows\System32\nvinfo.pb
2013-09-12 03:58 - 2010-03-23 19:05 - 15901448 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2013-09-12 03:58 - 2010-03-23 19:05 - 15703688 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2013-09-12 03:58 - 2010-03-23 19:05 - 02986672 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2013-09-12 03:17 - 2013-09-12 03:17 - 00571168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2013-09-12 02:25 - 2011-01-07 23:49 - 06599968 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2013-09-12 02:25 - 2011-01-07 23:49 - 03452192 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2013-09-12 02:25 - 2011-01-07 23:48 - 00920864 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2013-09-12 02:25 - 2011-01-07 23:48 - 00219424 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2013-09-12 02:25 - 2009-11-10 17:03 - 00063776 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2013-09-12 02:18 - 2013-07-21 17:57 - 00000000 ____D C:\Windows\System32\MRT
2013-09-12 02:15 - 2010-03-25 18:35 - 79143768 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-09-11 17:06 - 2013-06-14 17:12 - 03361114 _____ C:\Windows\System32\nvcoproc.bin
2013-09-09 06:02 - 2010-12-16 14:10 - 00000000 ____D C:\Users\Nicholas\Downloads\Adobe Audition v1.5
2013-09-09 04:49 - 2013-07-25 12:35 - 00000000 ____D C:\Users\Nicholas\Documents\DVDFab9
2013-09-09 04:49 - 2010-12-15 07:56 - 00000000 ____D C:\Users\Nicholas\Documents\DVDFab
2013-09-09 03:24 - 2011-06-22 18:49 - 00000000 ____D C:\Users\Nicholas\AppData\Local\Spectrasonics
2013-09-09 01:00 - 2013-09-09 01:00 - 00234544 _____ C:\Windows\RegBootClean64.exe
2013-09-08 22:17 - 2009-07-13 21:34 - 00450429 ____R C:\Windows\System32\Drivers\etc\hosts.20130927-174924.backup
 
Some content of TEMP:
====================
C:\Users\Nicholas\AppData\Local\Temp\vlc-2.0.8-win32.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
52
Restore point made on: 2013-05-12 11:41:04
Restore point made on: 2013-05-23 18:59:21
Restore point made on: 2013-06-01 00:51:00
Restore point made on: 2013-06-02 20:49:43
Restore point made on: 2013-06-04 21:49:07
Restore point made on: 2013-06-04 21:59:13
Restore point made on: 2013-06-14 17:37:20
Restore point made on: 2013-06-14 18:07:21
Restore point made on: 2013-06-15 07:08:02
Restore point made on: 2013-06-15 11:41:17
Restore point made on: 2013-06-15 12:25:33
Restore point made on: 2013-06-15 12:32:05
Restore point made on: 2013-06-15 14:11:15
Restore point made on: 2013-06-18 04:26:19
Restore point made on: 2013-06-18 04:32:51
Restore point made on: 2013-06-28 03:31:14
Restore point made on: 2013-07-17 00:31:16
Restore point made on: 2013-07-17 21:09:35
Restore point made on: 2013-07-17 21:11:05
Restore point made on: 2013-07-17 21:25:32
Restore point made on: 2013-07-18 05:58:47
Restore point made on: 2013-07-18 05:59:56
Restore point made on: 2013-07-18 06:12:52
Restore point made on: 2013-07-21 17:57:30
Restore point made on: 2013-07-22 13:33:46
Restore point made on: 2013-07-22 13:48:29
Restore point made on: 2013-07-22 15:37:48
Restore point made on: 2013-07-22 18:26:27
Restore point made on: 2013-07-22 19:49:06
Restore point made on: 2013-07-22 19:50:41
Restore point made on: 2013-07-24 23:01:49
Restore point made on: 2013-07-25 12:33:23
Restore point made on: 2013-07-26 20:03:16
Restore point made on: 2013-07-31 00:47:41
Restore point made on: 2013-08-15 21:53:15
Restore point made on: 2013-08-16 00:28:12
Restore point made on: 2013-08-23 00:34:56
Restore point made on: 2013-08-23 04:15:58
Restore point made on: 2013-08-23 04:22:23
Restore point made on: 2013-08-23 04:38:10
Restore point made on: 2013-09-03 05:10:02
Restore point made on: 2013-09-11 00:05:38
Restore point made on: 2013-09-12 02:14:10
Restore point made on: 2013-09-20 05:10:48
Restore point made on: 2013-09-27 19:52:40
Restore point made on: 2013-09-27 21:07:13
Restore point made on: 2013-09-28 03:52:03
Restore point made on: 2013-09-28 03:58:02
Restore point made on: 2013-09-28 03:59:14
Restore point made on: 2013-09-28 04:03:09
Restore point made on: 2013-10-05 00:14:47
Restore point made on: 2013-10-05 04:47:12
 
==================== Memory info =========================== 
 
Percentage of memory in use: 7%
Total physical RAM: 16374.99 MB
Available physical RAM: 15140.96 MB
Total Pagefile: 16373.14 MB
Available Pagefile: 15115.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:1389 GB) (Free:317.66 GB) NTFS
Drive d: (DATAPART1) (Fixed) (Total:931.51 GB) (Free:763.56 GB) NTFS
Drive e: (EASTWEST CCC) (Fixed) (Total:931.51 GB) (Free:154.15 GB) NTFS
Drive g: (CD_ROM) (CDROM) (Total:4.94 GB) (Free:0 GB) CDFS
Drive h: (RECOVERY) (Fixed) (Total:8.22 GB) (Free:0.18 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive l: (LACIE) (Fixed) (Total:931.48 GB) (Free:180.17 GB) NTFS
Drive o: (KINGSTON) (Removable) (Total:14.89 GB) (Free:14.88 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1397 GB) (Disk ID: 5BB6E660)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-707591667712) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: DDF87676)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 54AA30C2)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (Size: 931 GB) (Disk ID: 4C6FD64D)
Partition 1: (Active) - (Size=931 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Active) - (Size=15 GB) - (Type=0B)
 
 
LastRegBack: 2013-09-24 01:50
 
==================== End Of Log ============================
Link to post
Share on other sites

Not seeing much but give this a try.......

Please download the attached fixlist.txt and copy it to your flashdrive.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

On Vista or Windows 7: Now please enter System Recovery Options. (as you did before)

Run FRST64 or FRST (which ever one you're using) and press the Fix button just once and wait.

The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

See if the computer boots normally now and if so..........run MBAR

Link to post
Share on other sites

i ran the fix, but it didn't work. black screen still. here is the fix log.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2013

Ran by SYSTEM at 2013-10-05 07:21:48 Run:1
Running from O:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
HKLM\...\RunOnce: [*Restore] - C:\Windows\System32\rstrui.exe /runonce [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [Launcher] - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks)
IMEO\cuemix fx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\mfwakeys.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\mfwakeys64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu audio console.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu audio setup 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu cuemix console 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu smpte console.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
IMEO\motu smpte setup 64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
ShortcutTarget: Dropbox.lnk ->  (No File)
LastRegBack: 2013-09-24 01:50
*****************
 
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\*Restore => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\Launcher => Value deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\cuemix fx.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mfwakeys.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mfwakeys64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\motu audio console.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\motu audio setup 64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\motu cuemix console 64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\motu smpte console.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\motu smpte setup 64.exe => Key deleted successfully.
ShortcutTarget: Dropbox.lnk ->  (No File) not found.
DEFAULT hive was successfully copied to System32\config\HiveBackup
DEFAULT hive was successfully restored from registry back up.
SAM hive was successfully copied to System32\config\HiveBackup
SAM hive was successfully restored from registry back up.
SECURITY hive was successfully copied to System32\config\HiveBackup
SECURITY hive was successfully restored from registry back up.
SOFTWARE hive was successfully copied to System32\config\HiveBackup
SOFTWARE hive was successfully restored from registry back up.
SYSTEM hive was successfully copied to System32\config\HiveBackup
SYSTEM hive was successfully restored from registry back up.
 
==== End of Fixlog ====

 

 

i might add that this virus was started because i got a notification of a free trend micro upgrade. I believe the installer was called TrendMicro_Installer.exe. but i am aassuming this installer was actually a virus.

 

also, i tried doing a system restore from and old restore point and this popped up.

jeJEtqN.jpg

Link to post
Share on other sites

just tried that. still hangs.

 

 

 

i'm so puzzled as to why it is doing this. i'm guessing my only option now is to do a clean restore?

 

 

can i take out my main hard drive, and copy all of the data files that i need and THEN do a restore?

 

also, if i'm doing a restore, do i need to wipe out all of my external hard drives as well?

Link to post
Share on other sites

Try Boot Logging:


Boot Logging
To start boot logging, hit F8 repeatedly during startup until the Windows Advanced Options appear on the screen. Select "Enable Boot Logging" and press enter. Select the appropriate Windows installation and press enter. The computer will now attempt to start up Windows.
Note If you see the "Windows did not successfully start..." screen, you will need to select "Normal Mode" and then immediately press F8 to bring up the Advanced Options Menu.
When/if the startup process is interrupted, you can retrieve the boot log (c:\windows\ntbtlog.txt) using the RC/CP (type ntbtlog.txt).

 

MrC

Link to post
Share on other sites

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.