BSoD Problem, Can't get into safe mode too

[enma]

2013-06-19 00:58 - 2013-06-19 01:00 - 00309400 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeavfk.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00178840 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeapfk.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00118416 ____A (McAfee, Inc.) C:\Windows\System32\MfeOtlkAddin.dll
2013-06-19 00:58 - 2013-06-19 01:00 - 00106112 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mferkdet.sys
2013-06-19 00:58 - 2013-06-19 01:00 - 00090576 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MfeOtlkAddin.dll
2013-06-19 00:58 - 2013-06-19 01:00 - 00010288 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfeclnk.sys
2013-06-19 00:58 - 2013-06-19 00:59 - 00339392 ____A (McAfee, Inc.) C:\Windows\System32\Drivers\mfewfpk.sys
2013-06-19 00:58 - 2013-06-19 00:59 - 00177680 ____A (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
2013-06-19 00:58 - 2013-06-19 00:58 - 00000000 ____D C:\Program Files\Common Files\McAfee
2013-06-19 00:58 - 2013-03-11 10:12 - 00000000 ____D C:\ProgramData\McAfee
2013-06-19 00:58 - 2009-10-22 05:07 - 00024168 ____A (McAfee, Inc.) C:\Windows\SysWOW64\MFEOtlk.dll
2013-06-19 00:57 - 2013-03-11 10:11 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-06-18 23:00 - 2013-03-11 22:56 - 00000000 ____D C:\Users\asus\Downloads\Video
2013-06-18 04:19 - 2013-06-18 04:19 - 00000000 ____D C:\Users\asus\AppData\Local\Chromium
2013-06-18 04:16 - 2013-06-18 04:16 - 00000000 ____D C:\Users\asus\AppData\Roaming\Sports Interactive
2013-06-18 04:16 - 2013-06-18 04:16 - 00000000 ____D C:\Users\asus\AppData\Local\Sports Interactive
2013-06-18 04:16 - 2013-03-29 18:57 - 00000000 ____D C:\Users\asus\AppData\Local\SKIDROW
2013-06-18 01:35 - 2013-03-13 06:40 - 00000000 ____D C:\Users\asus\AppData\Roaming\DAEMON Tools Lite
2013-06-18 00:19 - 2013-03-12 00:36 - 00002258 ____A C:\Windows\System32\ServiceFilter.ini
2013-06-17 22:10 - 2013-06-17 22:10 - 00000000 ____A C:\Windows\setuperr.log
2013-06-17 03:56 - 2013-06-17 03:56 - 00001124 ____A C:\Users\Public\Desktop\WD Drive Utilities.lnk
2013-06-17 03:55 - 2013-06-17 03:55 - 00005472 ____A C:\Windows\DPINST.LOG
2013-06-17 03:55 - 2013-06-17 03:55 - 00000000 ____D C:\Program Files (x86)\Western Digital
2013-06-16 23:40 - 2013-06-16 23:40 - 00000219 ____A C:\Users\asus\Desktop\Dota 2.url
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2013-06-15 23:27 - 2013-06-15 23:27 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2013-06-15 20:08 - 2013-06-15 20:08 - 00023069 ____A C:\Users\asus\Downloads\[isoHunt] Need For Speed Hot Pursuit Limited Edition v.1.0.2.0 2010 PC RePack ?? Spieler.torrent
2013-06-15 17:24 - 2013-03-15 02:35 - 00000000 ____D C:\Users\asus\Documents\Activision
2013-06-15 02:04 - 2013-03-12 04:03 - 00000000 ____D C:\Users\asus\AppData\Local\Adobe
2013-06-15 01:49 - 2013-03-12 03:57 - 00000000 ____D C:\Program Files\Adobe
2013-06-15 01:36 - 2013-03-12 03:57 - 00000000 ____D C:\Users\asus\AppData\Roaming\Adobe
2013-06-15 01:36 - 2013-03-11 09:56 - 00000000 ____D C:\ProgramData\Adobe
2013-06-14 07:09 - 2013-04-20 16:48 - 00000000 ____D C:\Users\asus\AppData\Roaming\Azureus
2013-06-14 03:26 - 2013-03-11 09:28 - 00000000 ____D C:\users\asus
2013-06-14 03:25 - 2013-06-14 03:25 - 00000965 ____A C:\Users\Public\Desktop\Dishonored.lnk
2013-06-14 03:08 - 2013-04-09 03:13 - 00000000 ____D C:\Program Files (x86)\Kansei
2013-06-14 02:27 - 2013-06-14 02:27 - 00001017 ____A C:\Users\UpdatusUser\Desktop\Cool Beans NFO Creator.lnk
2013-06-14 02:27 - 2013-06-14 02:27 - 00001017 ____A C:\Users\asus\Desktop\Cool Beans NFO Creator.lnk
2013-06-14 02:27 - 2013-06-14 02:27 - 00000000 ____D C:\Program Files (x86)\Cool Beans NFO Creator
2013-06-14 02:26 - 2013-06-14 02:26 - 00591337 ____A C:\Users\asus\Downloads\nfo01.exe
2013-06-13 23:03 - 2013-04-20 08:12 - 00000000 ____D C:\Users\asus\AppData\Roaming\Origin
2013-06-13 23:03 - 2013-04-20 08:08 - 00000000 ____D C:\ProgramData\Origin
2013-06-13 23:02 - 2013-04-20 08:12 - 00000000 ____D C:\Users\asus\AppData\Local\Origin
2013-06-13 23:02 - 2013-04-20 08:08 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-13 04:57 - 2013-06-13 04:57 - 30411385 ____A C:\Users\asus\Downloads\Untitled-1.psd
2013-06-13 04:30 - 2013-04-14 06:32 - 00000132 ____A C:\Users\asus\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-06-12 22:55 - 2013-06-12 22:54 - 209715200 ____A C:\Users\asus\Downloads\[Nitro+] Saya no Uta.part2.rar
2013-06-12 06:48 - 2013-03-11 23:47 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-12 06:48 - 2013-03-11 23:47 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 06:47 - 2013-06-19 22:17 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 06:43 - 2013-06-19 22:17 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 06:43 - 2013-06-19 22:17 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 06:43 - 2013-06-19 22:17 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 06:38 - 2013-06-12 06:38 - 209715200 ____A C:\Users\asus\Downloads\[Nitro+] Saya no Uta.part1.rar
2013-06-12 05:28 - 2013-06-12 05:28 - 06296935 ____A C:\Users\asus\Downloads\[Nitro+] Saya no Uta.part3.rar
2013-06-12 01:47 - 2013-06-12 01:47 - 00000000 ____D C:\Users\asus\AppData\Roaming\UTAU
2013-06-11 22:42 - 2013-06-11 22:42 - 00000874 ____A C:\Users\Public\Desktop\µTorrent.lnk
2013-06-11 22:34 - 2013-06-01 03:11 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2013-06-11 01:30 - 2013-06-11 01:30 - 00000636 ____A C:\Users\Public\Desktop\osu!.lnk
2013-06-11 01:27 - 2013-06-11 01:27 - 00000000 ____D C:\Users\asus\AppData\Roaming\Downloaded Installations
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\asus\AppData\Roaming\Samsung
2013-06-11 01:16 - 2013-06-11 01:16 - 00000000 ____D C:\Users\asus\AppData\Local\Samsung
2013-06-11 01:07 - 2013-06-11 01:07 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2013-06-11 00:06 - 2013-06-11 00:00 - 23279036 ____A C:\Users\asus\Downloads\Subway-Surfers.zip
2013-06-08 20:18 - 2013-03-12 02:50 - 00000000 ____D C:\Users\asus\AppData\Roaming\Audacity
2013-06-07 21:36 - 2013-06-07 21:36 - 00000754 ____A C:\Users\Public\Desktop\Jet Set Radio.lnk
2013-06-07 20:39 - 2013-06-07 20:37 - 00000000 ____D C:\Program Files (x86)\Machinarium
2013-06-07 20:37 - 2013-06-07 20:37 - 00001054 ____A C:\Users\UpdatusUser\Desktop\Machinarium.lnk
2013-06-07 20:37 - 2013-06-07 20:37 - 00001054 ____A C:\Users\asus\Desktop\Machinarium.lnk
2013-06-07 00:46 - 2013-06-06 05:13 - 00000000 ____D C:\ProgramData\Skype
2013-06-07 00:45 - 2013-06-06 05:13 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-06-07 00:31 - 2013-06-07 00:31 - 00000000 ____D C:\Users\asus\AppData\Roaming\Microsoft Games
2013-06-07 00:28 - 2013-06-07 00:28 - 00001007 ____A C:\Users\UpdatusUser\Desktop\GameSpy Arcade.lnk
2013-06-06 07:03 - 2013-06-06 07:03 - 00000840 ____A C:\Users\Public\Desktop\Remember Me.lnk
2013-06-06 05:14 - 2013-06-06 05:14 - 00002515 ____A C:\Users\Public\Desktop\Skype.lnk
2013-06-06 04:53 - 2013-03-30 18:52 - 00000000 ____D C:\Users\asus\AppData\Local\Facebook
2013-06-06 04:44 - 2013-06-06 04:44 - 00000819 ____A C:\Users\asus\Downloads\512D25A1977862E1C7ACCA224E11A52FCC5AA373.torrent
2013-06-05 23:53 - 2013-06-05 20:40 - 00000000 ____D C:\Users\asus\AppData\Roaming\EVDO_Haier
2013-06-05 04:09 - 2013-06-05 04:08 - 00033995 ____A C:\Users\asus\Downloads\[kat.ph]syndicate.skidrow.torrent
2013-06-05 04:06 - 2013-06-05 04:06 - 00005059 ____A C:\Users\asus\Downloads\[kat.ph]call.of.duty.modern.warfare.3.mp.crack.skidrow.torrent
2013-06-05 04:06 - 2013-06-05 04:06 - 00000642 ____A C:\Users\asus\Downloads\[kat.ph]skidrow.updated.call.of.duty.4.crack.torrent
2013-06-04 22:44 - 2013-06-01 03:20 - 00001502 ____A C:\Users\asus\Desktop\RuLEZ.txt
2013-06-03 18:15 - 2013-06-03 18:15 - 00708168 ____A (Microsoft Corporation) C:\Windows\System32\WinUSBCoInstaller.dll
2013-06-03 18:15 - 2013-06-03 18:15 - 00203672 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudmdm.sys
2013-06-03 18:15 - 2013-06-03 18:15 - 00103448 ____A (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\System32\Drivers\ssudbus.sys

==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-06-26 21:55:49
Restore point made on: 2013-06-27 05:50:06

[enma]

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=Y:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {default}
resumeobject            {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
displayorder            {default}
toolsdisplayorder       {memdiag}
timeout                 30

Windows Boot Loader
-------------------
identifier              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {5f8c60b2-8aed-11e2-83fd-9237e3e45600}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {5f8c60b2-8aed-11e2-83fd-9237e3e45600}
device                  ramdisk=[C:]\Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\Winre.wim,{5f8c60b3-8aed-11e2-83fd-9237e3e45600}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\Winre.wim,{5f8c60b3-8aed-11e2-83fd-9237e3e45600}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {5f8c60b0-8aed-11e2-83fd-9237e3e45600}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {5f8c60b3-8aed-11e2-83fd-9237e3e45600}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\5f8c60b2-8aed-11e2-83fd-9237e3e45600\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 16%
Total physical RAM: 3981.48 MB
Available physical RAM: 3314.02 MB
Total Pagefile: 3979.63 MB
Available Pagefile: 3314.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (SYSTEMS) (Fixed) (Total:97.56 GB) (Free:18.47 GB) NTFS (Disk=0 Partition=2)
Drive e: (Data) (Fixed) (Total:600.98 GB) (Free:151 GB) NTFS (Disk=0 Partition=3)
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive g: (MAMA DOC) (Removable) (Total:3.73 GB) (Free:3.72 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 699 GB) (Disk ID: 2BFB4DC8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=98 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=601 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0B)


LastRegBack: 2013-06-26 07:37

==================== End Of Log ============================

There is no "Addition.txt" in my usb drive. where can i find it?

[essexboy]

Hi first I will remove the McAfee active drivers, if that fails I will then uninstall Avast.  The additional txt will only appear if FRST is run from safe mode

You can attach files like FRST and that will make it easier for you

Download the attached fixlist.txt to the same USB as FRST
Run FRST as before and press fix.
On completion of the fix try a normal boot

[enma]

so, i guess like this?
1. Download the fixlist to the same directory as FRST64
2. scan using FRST
3. click fix
4. after the fix was complete, try to boot normally

[enma]

Ummm, i tried to boot using the windows 7 x64 RC, but it won't skip the "Startup Repair". it won't cancel. any help?

[enma]

"Startup Repair" issue passed. it wast just attempting to.
anyway, i scanned it using FRST, then run the Fix button. it says it fixed successfully
Fixlog.txt is attached
then, like you told me, try to normal boot. the bluescreen still appears. what's the next step?

[essexboy]

OK now I will uninstall Avast

Download the attached fixlist.txt to the same USB as frst
Run frst as before and press fix.
Again retry windows on completion

[enma]

boot normally was a success! thanks alot! but i have several questions
1. do i have to uninstall mcafee using it's uninstall utility since the drivers was deleted?
2. do i have to uninstall avast using it's Rejzor's uninstall utility since the drivers was deleted?
new FRST.txt was attached
new Fixlog.txt attached

[enma]

Umm, one question. it seems that my windows didn't detect the Realtek driver. so the Windows Audio Service says it was disabled. does a reboot fix this?
EDIT = The audio issue fixed after a reboot . i used McAfee Removal Tool to uninstall the remains of mcafee, and i used RejZor's avast cleanup tool. currently reinstalling avast 7 free and malwarebytes free. is there anything that you recommend?

[essexboy]

Nope, it looks as though you had  the rogue update before it was pulled.  Is the system OK now ?

[enma]

yes, currently installed avast! 7 free with malwarebytes anti-malware free installed. but i do have one question, why was the "Engine & Virus Definitions Update" won't run? it stucks in "Initializing, Please Wait...". currently running 7.0.1474.0. screenshot is attached.
may i ask? my friend gave me a pirated malwarebytes... do i have to use mbam-clean.exe to uninstall it?
Edit = is it safe for me to reboot at this state? because i want to remove the pirated mbam from my laptop and install the free one.

[essexboy]

Yes uninstall with  mbam-clean.exe

Any specific reason why you are using V7 Avast ?

As I damaged Avast in the uninstall I would recommend a fresh install

Lets reinstall Avast

Download Uninstall Utility to your Desktop.
Download the correct version of Avast 
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

• Run aswClear
• It will offer to reboot to safe mode .. Accept that

• Once it has rebooted to safe mode
• In the Select Product to Uninstall dropdown choose the version of Avast that is on your system.
  
• Press Uninstall
  
• Once complete reboot your system to Normal Mode
  
• Reinstall Avast

----------

[enma]

i have used RejZor's avast cleanup Tool... since it cleaned more than the uninstall utility. i used mbam clean tool utility too. the reason why i am using avast 7 is i still have the installer. i renewed my licence last night. the "Rogue Update" damaged my system while i was using avast 8... so the one you're damaging is avast 8. the avast 8 was uninstalled very soon after normal booting was successful. mcafee too. so i rebooted, then install avast 7. at that time i'm afraid of getting infected so i didn't turn the internet on.
Edit = i installed avast 8.0.1489 (clean download from the website), registered it with my new license, then i click on "Update Engine & Virus Definitions". it's still stuck. what is causing this problem? also i found a bug that the tools (Secureline, browser clean up, etc.) options disappeared and reappeared very fast. in idle too.

[enma]

It seems that the "Rogue Update" caused many errors in other application, such as nVidia driver. my nVidia control panel was screwed up. the auto-update was showing errors that it had to auto-terminate itself. the nVidia Settings stopped working too. now i'm trying to update the driver into the latest version, using nVidia GeForce Experience. by the way, are there any other informations about that rogue update caused?