Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black screen with cursor after running Malwarebytes


  • This topic is locked This topic is locked
33 replies to this topic

#1 hippiepaws

hippiepaws

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 26 July 2013 - 10:53 PM

After running Malwarebytes and clicking to remove 2 trojans that were found, it said to restart the computer.  Upon restarting, it said Microsoft Update ( office 2010) or something like that. Startup repair, system restore do not work.  I was able to run the Farber Recovery tool through the command prompt.  I noticed the following line, but have no idea what any of it means.  (C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.)

 

Attached is the full log from that scan:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11-04-2013 (ATTENTION: FRST version is 107 days old)
Ran by SYSTEM at 27-07-2013 23:13:07
Running from D:\
Windows 7 Professional   (X64) OS Language: English(US)
The current controlset is ControlSet002

==================== Registry (Whitelisted) ===================

HKLM\...\Run: [DellStage] "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup [207350 2011-01-25] ()
HKLM\...\Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe" [x]
HKLM\...\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [38984 2013-05-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [840768 2013-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide [205336 2011-08-12] (Logitech Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] "C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey [136512 2009-08-25] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] "C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE [124224 2010-03-25] (McAfee, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKU\Benjamins\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" [202024 2008-01-04] (Nero AG)
HKU\Benjamins\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-11-13] (Google Inc.)
HKU\Benjamins\...\Run: [AnyDVD] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [6983768 2013-03-22] (SlySoft, Inc.)
HKU\Benjamins\...\Run: [Leadertech] rundll32.exe C:\Users\Benjamins\AppData\Local\Leadertech\sbumrtce.dll,fKgbYVnVjechPryMmSwiBGbMUNJ [475136 2013-07-12] (Microsoft Corporation)
HKU\Guest\...\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2011-11-13] (Google Inc.)
HKLM\...\Runonce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [x]
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [559616 2011-10-06] (Dell)
HKLM-x32\...\Winlogon: [Shell] explorer.exe [x ] ()
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\615\G2AWinLogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Lsa: [Authentication Packages]
Lsa: [Notification Packages]
Startup: C:\Users\Benjamins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\Benjamins\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)

==================== Services (Whitelisted) ===================

2 EinsteinEMRService; "C:\SOAPe Platinum Plus\EinsteinEMRServerSetupSupport.exe" [2654208 2012-01-12] (AllianceTek Inc.)
2 McAfeeEngineService; "C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\EngineServer.exe" [20792 2010-03-25] (McAfee, Inc.)
2 McAfeeFramework; "C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe" /ServiceStart [103744 2009-08-25] (McAfee, Inc.)
2 McShield; "C:\Program Files (x86)\McAfee\VirusScan Enterprise\x64\McShield.exe" [180968 2010-03-25] (McAfee, Inc.)
2 McTaskManager; "C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe" [66880 2010-03-25] (McAfee, Inc.)
2 mfevtp; C:\Windows\system32\mfevtps.exe [79504 2010-03-25] (McAfee, Inc.)
2 WMPNetworkSvc; "C:\Program Files\Windows Media Player\wmpnetwk.exe" [x]

==================== Drivers (Whitelisted) =====================

3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
3 AnyDVD; C:\Windows\SysWow64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [118400 2013-03-23] (VSO Software)
3 LVPr2M64; C:\Windows\System32\Drivers\LVPr2M64.sys [30304 2010-05-07] ()
3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] ()
3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [24176 2012-12-14] (Malwarebytes Corporation)
3 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [97576 2010-03-25] (McAfee, Inc.)
3 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [120096 2010-03-25] (McAfee, Inc.)
0 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [469400 2010-03-25] (McAfee, Inc.)
3 mferkdet; C:\Windows\System32\Drivers\mferkdet.sys [78896 2010-03-25] (McAfee, Inc.)
1 mfetdik; C:\Windows\System32\Drivers\mfetdik.sys [84424 2010-03-25] (McAfee, Inc.)
3 PCDSRVC{D3412D80-CF3B4A27-06020200}_0; \??\c:\program files\my dell\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ====================

==================== One Month Created Files and Folders ========

2013-07-20 19:23 - 2013-07-20 19:23 - 00262144 ____N C:\Windows\Minidump\072013-28251-01.dmp
2013-07-19 19:53 - 2013-07-19 19:53 - 00262144 ____N C:\Windows\Minidump\071913-29343-01.dmp
2013-07-19 18:27 - 2013-07-19 18:27 - 00262144 ____N C:\Windows\Minidump\071913-30872-01.dmp
2013-07-19 16:13 - 2013-07-19 16:13 - 00262144 ____N C:\Windows\Minidump\071913-31075-01.dmp
2013-07-18 16:40 - 2013-07-18 16:40 - 00262144 ____N C:\Windows\Minidump\071813-32276-01.dmp
2013-07-18 14:18 - 2013-07-18 14:18 - 00262144 ____N C:\Windows\Minidump\071813-25334-01.dmp
2013-07-18 12:55 - 2013-07-18 12:55 - 00262144 ____N C:\Windows\Minidump\071813-29718-01.dmp
2013-07-17 12:15 - 2013-07-17 12:15 - 00262144 ____N C:\Windows\Minidump\071713-33384-01.dmp
2013-07-17 01:19 - 2013-07-17 01:19 - 00262144 ____N C:\Windows\Minidump\071613-36722-01.dmp
2013-07-16 22:47 - 2013-07-16 22:47 - 00262144 ____N C:\Windows\Minidump\071613-35599-01.dmp
2013-07-16 22:29 - 2013-07-16 22:29 - 00262144 ____N C:\Windows\Minidump\071613-32323-01.dmp
2013-07-16 16:02 - 2013-07-16 16:02 - 00001902 ____A C:\Windows\PFRO.log
2013-07-12 11:40 - 2013-07-16 16:05 - 00000000 ____D C:\Users\Benjamins\Local Settings\Leadertech
2013-07-12 11:40 - 2013-07-16 16:05 - 00000000 ____D C:\Users\Benjamins\Local Settings\Application Data\Leadertech
2013-07-12 11:40 - 2013-07-16 16:05 - 00000000 ____D C:\Users\Benjamins\AppData\Local\Leadertech
2013-07-10 05:09 - 2013-06-11 18:43 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-10 05:09 - 2013-06-11 18:43 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-10 05:09 - 2013-06-11 18:43 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-10 05:09 - 2013-06-11 18:43 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-10 05:09 - 2013-06-11 18:42 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-10 05:09 - 2013-06-11 18:42 - 02046976 ____N (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-10 05:09 - 2013-06-11 18:42 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-10 05:09 - 2013-06-11 18:26 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-10 05:09 - 2013-06-11 18:26 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-10 05:09 - 2013-06-11 18:26 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-10 05:09 - 2013-06-11 18:25 - 19238912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 02648576 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-10 05:09 - 2013-06-11 18:25 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-10 05:09 - 2013-06-11 17:50 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-10 05:09 - 2013-06-06 22:22 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-10 02:06 - 2013-06-04 22:34 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-07-10 02:06 - 2013-06-04 01:00 - 00624128 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll
2013-07-10 02:06 - 2013-05-06 01:03 - 01887744 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-07-10 02:06 - 2013-04-02 17:51 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-07-03 00:51 - 2013-07-03 00:51 - 00243792 ____A C:\Users\Benjamins\Downloads\Setup.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 05:04 - 2013-07-02 05:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 05:04 - 2013-07-02 05:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 05:04 - 2013-07-02 05:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 05:04 - 2013-07-02 05:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 05:04 - 2013-07-02 05:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-02 05:01 - 2013-07-02 05:07 - 00008121 ____A C:\Windows\IE10_main.log

==================== One Month Modified Files and Folders =======

2013-07-21 18:43 - 2012-02-05 04:10 - 00000000 ____D C:\SOAPe Platinum Plus
2013-07-21 18:42 - 2013-07-21 18:42 - 00262144 ____N C:\Windows\Minidump\072113-27721-01.dmp
2013-07-21 18:42 - 2012-05-03 02:36 - 00000000 ____D C:\Windows\Minidump
2013-07-20 19:23 - 2013-07-20 19:23 - 00262144 ____N C:\Windows\Minidump\072013-28251-01.dmp
2013-07-19 19:53 - 2013-07-19 19:53 - 00262144 ____N C:\Windows\Minidump\071913-29343-01.dmp
2013-07-19 18:27 - 2013-07-19 18:27 - 00262144 ____N C:\Windows\Minidump\071913-30872-01.dmp
2013-07-19 16:13 - 2013-07-19 16:13 - 00262144 ____N C:\Windows\Minidump\071913-31075-01.dmp
2013-07-18 16:40 - 2013-07-18 16:40 - 00262144 ____N C:\Windows\Minidump\071813-32276-01.dmp
2013-07-18 14:18 - 2013-07-18 14:18 - 00262144 ____N C:\Windows\Minidump\071813-25334-01.dmp
2013-07-18 12:55 - 2013-07-18 12:55 - 00262144 ____N C:\Windows\Minidump\071813-29718-01.dmp
2013-07-17 12:15 - 2013-07-17 12:15 - 00262144 ____N C:\Windows\Minidump\071713-33384-01.dmp
2013-07-17 01:19 - 2013-07-17 01:19 - 00262144 ____N C:\Windows\Minidump\071613-36722-01.dmp
2013-07-16 22:47 - 2013-07-16 22:47 - 00262144 ____N C:\Windows\Minidump\071613-35599-01.dmp
2013-07-16 22:29 - 2013-07-16 22:29 - 00262144 ____N C:\Windows\Minidump\071613-32323-01.dmp
2013-07-16 16:14 - 2009-07-13 23:45 - 00471616 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-16 16:13 - 2009-07-14 00:10 - 01518630 ____A C:\Windows\WindowsUpdate.log
2013-07-16 16:12 - 2011-03-11 20:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-16 16:12 - 2011-03-11 20:21 - 00000000 ____D C:\ProgramData\Application Data\Microsoft Help
2013-07-16 16:10 - 2009-07-13 23:45 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-16 16:10 - 2009-07-13 23:45 - 00014256 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-16 16:08 - 2009-07-13 21:34 - 00000545 ____A C:\Windows\win.ini
2013-07-16 16:05 - 2013-07-12 11:40 - 00000000 ____D C:\Users\Benjamins\Local Settings\Leadertech
2013-07-16 16:05 - 2013-07-12 11:40 - 00000000 ____D C:\Users\Benjamins\Local Settings\Application Data\Leadertech
2013-07-16 16:05 - 2013-07-12 11:40 - 00000000 ____D C:\Users\Benjamins\AppData\Local\Leadertech
2013-07-16 16:04 - 2011-03-11 01:02 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-07-16 16:04 - 2011-03-11 01:02 - 00000000 ____D C:\ProgramData\Application Data\HP Photo Creations
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default\Local Settings\SoftThinks
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default\Local Settings\Application Data\SoftThinks
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default\AppData\Local\SoftThinks
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default User\Local Settings\SoftThinks
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default User\Local Settings\Application Data\SoftThinks
2013-07-16 16:04 - 2011-03-11 00:01 - 00000000 ____D C:\Users\Default User\AppData\Local\SoftThinks
2013-07-16 16:04 - 2011-03-07 10:59 - 00000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2013-07-16 16:04 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2013-07-16 16:04 - 2009-07-13 22:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-07-16 16:03 - 2012-10-12 21:16 - 00000000 ____D C:\Program Files\iTunes
2013-07-16 16:03 - 2012-10-12 21:16 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-07-16 16:03 - 2011-11-27 20:18 - 00000000 ____D C:\Program Files\Microsoft IntelliPoint
2013-07-16 16:03 - 2011-11-09 01:01 - 00000900 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-16 16:03 - 2011-05-26 01:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-07-16 16:02 - 2013-07-16 16:02 - 00001902 ____A C:\Windows\PFRO.log
2013-07-16 16:02 - 2013-04-18 02:19 - 00070336 ____A C:\Windows\setupact.log
2013-07-16 16:02 - 2009-07-14 00:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-16 15:39 - 2013-01-12 03:26 - 00000346 ____A C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-07-16 15:33 - 2011-11-09 01:01 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-16 15:29 - 2012-09-17 20:59 - 00000000 ____D C:\QUARANTINE
2013-07-16 15:16 - 2012-04-16 18:53 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-16 13:28 - 2011-03-11 21:17 - 00000000 ____D C:\Users\Benjamins\My Documents\Outlook Files
2013-07-16 13:28 - 2011-03-11 21:17 - 00000000 ____D C:\Users\Benjamins\Documents\Outlook Files
2013-07-13 17:59 - 2011-03-21 01:05 - 00002028 ____A C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2013-07-13 17:59 - 2011-03-21 01:05 - 00002028 ____A C:\ProgramData\Desktop\Adobe Acrobat X Pro.lnk
2013-07-13 16:50 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-12 23:17 - 2011-03-11 06:01 - 00000000 ____D C:\Users\Benjamins\Application Data\Skype
2013-07-12 23:17 - 2011-03-11 06:01 - 00000000 ____D C:\Users\Benjamins\AppData\Roaming\Skype
2013-07-12 21:35 - 2012-06-09 16:20 - 00002185 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-12 21:35 - 2012-06-09 16:20 - 00002185 ____A C:\ProgramData\Desktop\Google Chrome.lnk
2013-07-12 16:02 - 2011-04-07 01:01 - 00000000 ____D C:\Users\Benjamins\Application Data\Dropbox
2013-07-12 16:02 - 2011-04-07 01:01 - 00000000 ____D C:\Users\Benjamins\AppData\Roaming\Dropbox
2013-07-12 11:40 - 2011-08-15 19:36 - 00000000 ____D C:\Users\Benjamins\Local Settings\Application Data\{3DB80963-3281-4001-9DCE-4640792A543F}
2013-07-12 11:40 - 2011-08-15 19:36 - 00000000 ____D C:\Users\Benjamins\Local Settings\{3DB80963-3281-4001-9DCE-4640792A543F}
2013-07-12 11:40 - 2011-08-15 19:36 - 00000000 ____D C:\Users\Benjamins\AppData\Local\{3DB80963-3281-4001-9DCE-4640792A543F}
2013-07-10 09:24 - 2011-04-07 01:05 - 00000000 ___RD C:\Users\Benjamins\Dropbox
2013-07-10 09:23 - 2013-03-23 00:24 - 00000040 ___SH C:\ProgramData\Application Data\.zreglib
2013-07-10 09:23 - 2013-03-23 00:24 - 00000040 ___SH C:\ProgramData\.zreglib
2013-07-10 05:37 - 2013-03-14 05:04 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-10 05:37 - 2013-03-14 05:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-10 05:35 - 2009-07-14 02:47 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-10 05:35 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-10 05:35 - 2009-07-14 00:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-10 05:16 - 2009-07-14 00:13 - 00905562 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-10 05:11 - 2011-03-13 15:02 - 78185248 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-07-03 00:51 - 2013-07-03 00:51 - 00243792 ____A C:\Users\Benjamins\Downloads\Setup.exe
2013-07-02 06:03 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-07-02 05:26 - 2011-03-07 12:07 - 00000000 ____D C:\Windows\Panther
2013-07-02 05:23 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-02 05:07 - 2013-07-02 05:01 - 00008121 ____A C:\Windows\IE10_main.log
2013-07-02 05:04 - 2013-07-02 05:04 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 05:04 - 2013-07-02 05:04 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 05:04 - 2013-07-02 05:04 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 05:04 - 2013-07-02 05:04 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 05:04 - 2013-07-02 05:04 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 05:04 - 2013-07-02 05:04 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 05:04 - 2013-07-02 05:04 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 05:04 - 2013-07-02 05:04 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-01 19:36 - 2012-08-10 23:22 - 00052224 ____A C:\Users\Benjamins\My Documents\interview email.msg
2013-07-01 19:36 - 2012-08-10 23:22 - 00052224 ____A C:\Users\Benjamins\Documents\interview email.msg
2013-07-01 17:16 - 2013-05-14 10:45 - 00000000 ____D C:\Users\Benjamins\Desktop\David

ZeroAccess:
C:\$Recycle.Bin\S-1-5-21-3760072223-1040210630-2226411395-1001\$94f2d50098ec889c8c871c4221dd838d
C:\$Recycle.Bin\S-1-5-21-3760072223-1040210630-2226411395-1001\$94f2d50098ec889c8c871c4221dd838d\L
C:\$Recycle.Bin\S-1-5-21-3760072223-1040210630-2226411395-1001\$94f2d50098ec889c8c871c4221dd838d\U

==================== Known DLLs (Whitelisted) =================

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe IS MISSING <==== ATTENTION!.
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-05 13:21:51
Restore point made on: 2013-07-09 13:09:59
Restore point made on: 2013-07-10 05:01:17
Restore point made on: 2013-07-16 13:23:08

==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 6143.3 MB
Available physical RAM: 5396.57 MB
Total Pagefile: 6141.45 MB
Available Pagefile: 5384.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB

==================== Partitions =============================

1 Drive c: (OS) (Fixed) (Total:1384.98 GB) (Free:991.85 GB) NTFS
2 Drive d: (STORE N GO) (Removable) (Total:3.72 GB) (Free:3.66 GB) FAT32
3 Drive e: (RECOVERY) (Fixed) (Total:12.25 GB) (Free:5.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

  Disk ###  Status         Size     Free     Dyn  Gpt
  --------  -------------  -------  -------  ---  ---
  Disk 0    Online         1397 GB      0 B        
  Disk 1    Online         3821 MB      0 B        
  Disk 2    No Media           0 B      0 B        
  Disk 3    No Media           0 B      0 B        
  Disk 4    No Media           0 B      0 B        
  Disk 5    No Media           0 B      0 B        

Partitions of Disk 0:
===============

Disk ID: C648A420

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    OEM                 39 MB    31 KB
  Partition 2    Primary             12 GB    40 MB
  Partition 3    Primary           1384 GB    12 GB

==================================================================================

Disk: 0
Partition 1
Type  : DE
Hidden: Yes
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 8                      FAT    Partition     39 MB  Healthy    Hidden 

=========================================================

Disk: 0
Partition 2
Type  : 07
Hidden: No
Active: Yes

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 1     E   RECOVERY     NTFS   Partition     12 GB  Healthy           

=========================================================

Disk: 0
Partition 3
Type  : 07
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 2     C   OS           NTFS   Partition   1384 GB  Healthy           

=========================================================

Partitions of Disk 1:
===============

Disk ID: 74F2E25D

  Partition ###  Type              Size     Offset
  -------------  ----------------  -------  -------
  Partition 1    Primary           3817 MB  4032 KB

==================================================================================

Disk: 1
Partition 1
Type  : 0C
Hidden: No
Active: No

  Volume ###  Ltr  Label        Fs     Type        Size     Status     Info
  ----------  ---  -----------  -----  ----------  -------  ---------  --------
* Volume 3     D   STORE N GO   FAT32  Removable   3817 MB  Healthy           

=========================================================
============================== MBR Partition Table ==================

==============================
Partitions of Disk 0:
===============
Disk ID: C648A420

Partition 1:
=========
Hex: 00010100DEFE3F043F00000086390100
Active: NO
Type: DE
Size: 39 MB

Partition 2:
=========
Hex: 8019150507FEFFFF0040010000F08701
Active: YES
Type: 07 (NTFS)
Size: 12 GB

Partition 3:
=========
Hex: 00FEFFFF07FEFFFF0030890100401FAD
Active: NO
Type: 07 (NTFS)
Size: -711915995136 byte

==============================
Partitions of Disk 1:
===============
Disk ID: 74F2E25D

Partition 1:
=========
Hex: 000001010C49CAC9801F0000804D7700
Active: NO
Type: 0C
Size: 4 GB

Last Boot: 2013-07-13 02:20

==================== End Of Log =============================

 

 

ANY help or advice for me would be GREATLY appreciated.

 

Thank you!


Edited by hamluis, 27 July 2013 - 09:34 AM.
Moved from Win 7 to Malware Removal Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 11:28 AM

hippiepaws,

:welcome: to Bleeping Computer.

My name is Jason and I'll be helping you with your computer problems. You can call me by my screename jntkwx or Jason is fine.

Some things to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please do not attach logs or put logs in code or quote boxes (unless explicitly asked to)
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can also help.
  • Do not run anything while running a fix.
  • If you don't understand a step, please ask for clarification before continuing with any future steps.

Click on the Watch Topic button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Note to others: The instructions here are intended for the person who began this topic. If you need help, please create your own topic in the appropriate forum.



FRST
Boot back into System Recovery Options and run FRST.
Type the following in the edit box after "Search:"

explorer.exe

Click Search button and post the log (Search.txt) it makes to your reply.


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)


#3 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:11 PM

Hello Jason,
Thank you very much for taking time to help.

I entered explorer.exe in frst and hit search. It runs for about 8 minutes, but then the screen then says monitor going to sleep and goes black. I then plugged the flash drive into another computer, but the notes for the scan are empty.

#4 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 07:15 PM

That's odd. It shouldn't be taking that long to search.  Try it again. If the monitor goes to sleep, just move the mouse, that should wake it back up.


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)


#5 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:21 PM

Once the screen goes black, I am unable to wake it back up. This is what happens while trying to do system restore, etc. I end up with this black screen. I will try it a couple more times.

#6 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:31 PM

Unfortunately, the same thing happened three times.

#7 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 07:32 PM

This sounds like potential hardware failure with the monitor. Did this just start happening, or did it start after running Malwarebytes?


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)


#8 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:35 PM

Immediately after running Malwarebytes.

I can try plugging an old PCM into the monitor.

#9 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 07:36 PM

Just to clarify - the monitor actually goes to sleep, and you can't wake it back up?  Or do you see a black screen with a cursor (as described in the this topic's title)?


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)


#10 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:40 PM

The screen goes black, but no cursor at this point. Then, the monitor says going to sleep.

#11 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:44 PM

I tried another monitor, but it said no signal.

#12 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 07:54 PM

Is it a VGA connection or digital (DVI/HDMI)? Is it a separate graphics card?


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)


#13 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:56 PM

HDMI connection
ATIRadeon graphics card

#14 hippiepaws

hippiepaws
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:09:13 PM

Posted 28 July 2013 - 07:58 PM

FYI
When I had tried to restore the system to the last known good configuration, it also went to the black screen and did not finish the process.

#15 jntkwx

jntkwx

  • Malware Response Team
  • 4,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New England, U.S.A.
  • Local time:12:13 AM

Posted 28 July 2013 - 08:25 PM

Do you have a VGA port and cable you could try plugging into?

 

VGA ports look like:

VGA-port-support-img.jpg


Regards,
Jason


Simple and easy ways to keep your computer safe and secure on the Internet

My help is free... however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <-- (every little bit helps)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users