Still black screen with pointer. I ran another scan, here's the log:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014
Ran by SYSTEM on MINWINPC on 14-07-2014 11:39:49
Running from H:\
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.The only official download link for FRST:
Download link for 32-Bit version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-11] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2009-03-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7212576 2009-03-10] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-03-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-24] (CANON INC.)
HKLM-x32\...\Run: [IdeaNotesUser] => C:\Program Files (x86)\DDNI\Lenovo Idea Notes\DDNIMSGUser.exe [221872 2009-08-24] (Digital Delivery Networks, Inc.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-08-09] (InstallShield Software Corporation)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [218408 2008-12-03] (CyberLink Corp.)
HKLM-x32\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\utility.exe [5604168 2009-01-22] (Lenovo(beijing) Limited)
HKLM-x32\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8847360 2008-12-22] (Lenovo (Beijing) Limited)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [542632 2013-01-31] (Lavasoft)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [140640 2010-03-02] (CANON INC.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => "C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" /logon
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe [40368 2011-08-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ad-Aware Antivirus] => "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-03] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] ATTENTION! ====> ZeroAccess?
HKU\Ben\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\Ben\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\Ben\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Guest\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Maura\...\Run: [SmileboxTray] => C:\Users\Maura\AppData\Roaming\Smilebox\SmileboxTray.exe [325448 2012-05-15] (Smilebox, Inc.)
HKU\Maura\...\Run: [swg] => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\Maura\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
Startup: C:\Users\Maura\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
ShellIconOverlayIdentifiers: VeriFace Enc -> {771C7324-DA80-49D3-8017-753B0AF60951} => No File
ShellIconOverlayIdentifiers-x32: EnhancedStorageShell -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => No File
BootExecute: autocheck autochk * autocheck lsdelete
==================== Services (Whitelisted) =================
S2 Ad-Aware Service; C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [1236336 2013-03-17] (Lavasoft Limited)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-28] (AVAST Software)
S2 Diskeeper; C:\Program Files\Diskeeper Corporation\Diskeeper\DKService.exe [1813272 2008-11-24] (Diskeeper Corporation)
S2 IGRS; C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe [32768 2008-02-14] (Lenovo Group Limited)
S2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [155856 2014-06-26] (McAfee, Inc.)
S4 McciCMService; C:\Program Files (x86)\Common Files\Motive\McciCMService.exe [303104 2008-02-14] (Motive Communications, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S2 SBAMSvc; C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [3677000 2012-09-20] (GFI Software)
S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 System_Repair_UpdateMonitor; C:\Program Files\Lenovo\OneKey App\System Repair\UpdateMonitor.exe [434176 2008-09-27] (Lenovo Group Limited)
==================== Drivers (Whitelisted) ====================
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-01-28] (AVAST Software)
S1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-01-28] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-01-28] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-01-28] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-01-28] (AVAST Software)
S1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-01-28] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-28] ()
S1 funfrm; C:\Windows\System32\Drivers\funfrm.sys [69136 2009-06-17] ()
S0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-03-27] (GFI Software)
S0 LPCFilter; C:\Windows\SysWOW64\DRIVERS\LPCFilter.sys [32040 2008-05-07] (COMPAL ELECTRONIC INC.)
S3 usbsmi; C:\Windows\System32\DRIVERS\SMIksdrv.sys [183424 2009-01-23] (SMI)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-14 11:12 - 2014-07-14 11:12 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-07-14 09:10 - 2014-07-14 11:13 - 00000000 ____D () C:\FRST
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 11:09 - 2012-09-28 07:32 - 05989776 _____ (Apple, Inc.) C:\Windows\System32\usbaaplrc.dll
2014-07-07 11:09 - 2012-09-28 07:32 - 00053760 _____ (Apple, Inc.) C:\Windows\System32\Drivers\usbaapl64.sys
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-24 10:47 - 2014-06-24 10:48 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
==================== One Month Modified Files and Folders =======
2014-07-14 11:13 - 2014-07-14 09:10 - 00000000 ____D () C:\FRST
2014-07-14 11:12 - 2014-07-14 11:12 - 00000000 ____D () C:\Windows\System32\config\HiveBackup
2014-07-14 07:37 - 2009-05-08 22:16 - 00000066 ___SH () C:\_PartitionInfo
2014-07-14 07:37 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 07:37 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-14 07:37 - 2006-11-02 07:22 - 00003216 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 16:46 - 2014-01-28 14:29 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 16:21 - 2009-05-08 22:12 - 00000282 _____ () C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job
2014-07-11 16:10 - 2013-04-19 12:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 15:12 - 2009-06-17 00:56 - 01528020 _____ () C:\Windows\WindowsUpdate.log
2014-07-11 11:56 - 2008-01-20 19:26 - 00748954 _____ () C:\Windows\PFRO.log
2014-07-08 10:11 - 2014-07-08 10:11 - 10603008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 02:46 - 2011-09-23 15:35 - 00010792 _____ () C:\Windows\System32\spsys.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000809 _____ () C:\Windows\setupact.log
2014-07-07 11:33 - 2014-07-07 11:33 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-07 11:17 - 2006-11-02 04:46 - 00773288 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-07-07 11:09 - 2014-07-07 11:09 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-07-07 10:45 - 2014-01-28 14:29 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 04:47 - 2013-03-27 17:42 - 00001739 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-07-07 04:47 - 2009-06-17 01:26 - 23378820 _____ () C:\FaceProv.log
2014-07-07 04:46 - 2010-12-23 13:21 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-07-03 17:12 - 2006-11-02 07:42 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-28 10:40 - 2014-06-28 10:40 - 10625117 _____ () C:\Users\Ben\Downloads\Craigslist pics.zip
2014-06-25 11:27 - 2009-12-30 12:23 - 00000000 ____D () C:\Users\Ben\AppData\Local\CrashDumps
2014-06-25 10:40 - 2014-01-28 14:29 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-25 10:40 - 2014-01-28 14:29 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-24 10:48 - 2014-06-24 10:47 - 06697108 _____ () C:\Users\Ben\Downloads\Pics.zip
2014-06-23 13:58 - 2014-01-27 14:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
Some content of TEMP:
====================
C:\Users\Ben\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Ben\AppData\Local\Temp\_is9B41.exe
C:\Users\Maura\AppData\Local\Temp\contentDATs.exe
C:\Users\Maura\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Maura\AppData\Local\Temp\SearchWithGoogleUpdate.exe
C:\Users\Maura\AppData\Local\Temp\symlcsv1.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 2007.8 MB
Available physical RAM: 1495.64 MB
Total Pagefile: 1799.73 MB
Available Pagefile: 1483.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:252.95 GB) (Free:152.6 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Lenovo) (Fixed) (Total:30.38 GB) (Free:28.43 GB) NTFS
Drive e: () (Fixed) (Total:14.65 GB) (Free:3.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive h: (2008_03_29_2201) (Removable) (Total:7.55 GB) (Free:7.33 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 04AC1E08)
Partition 1: (Active) - (Size=253 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=30 GB) - (Type=OF Extended)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 8 GB) (Disk ID: 00086FA3)
Partition 1: (Active) - (Size=8 GB) - (Type=07 NTFS)
LastRegBack: 2014-07-11 15:15
==================== End Of Log ============================