Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

C0000135 Blue screen at start up of windows 7


  • Please log in to reply
No replies to this topic

#1 abbeylh27

abbeylh27

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:12:26 AM

Posted 18 October 2013 - 11:03 PM

Hi there,

 

I have a computer that will not boot up and just shows me a blue screen.  I have done some reading up on this, and have run the FRST64 program that I have seen you guys request, so here it is.  Thank you for the help!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by SYSTEM on MININT-T3F7B7T on 18-10-2013 19:11:37
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2799912 2011-06-09] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\Ellen\...\Run: [SearchEngineProtection] - C:\Program Files (x86)\Gamesbar\SearchEngineProtection.exe [591248 2011-03-03] (Oberon Media )
HKU\Ellen\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19875432 2013-06-21] (Skype Technologies S.A.)
HKU\Ellen\...\Run: [RegistryKit v2.0] - C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe [172200 2012-09-17] ()
HKU\Ellen\...\Run: [RegistryKit Reminder v2.0] - C:\Program Files (x86)\Registry Kit\RegistryKitReminder.exe [172200 2012-09-17] ()

==================== Services (Whitelisted) =================

S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-28] (Advanced Micro Devices, Inc.)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-02] (McAfee, Inc.)
S2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe [138272 2012-06-15] (Symantec Corporation)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [x]

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys [1385120 2012-08-31] (Symantec Corporation)
S1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1308000.00E\ccSetx64.sys [167072 2012-06-06] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2012-08-09] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120925.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20120925.001\IDSvia64.sys [513184 2012-08-31] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120926.002\ENG64.SYS [126112 2012-09-26] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120926.002\ENG64.SYS [126112 2012-09-26] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120926.002\EX64.SYS [2084000 2012-09-26] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20120926.002\EX64.SYS [2084000 2012-09-26] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1308000.00E\SRTSP64.SYS [737952 2012-07-05] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1308000.00E\SRTSPX64.SYS [37536 2012-07-05] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NAVx64\1308000.00E\SYMDS64.SYS [451192 2011-07-25] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NAVx64\1308000.00E\SYMEFA64.SYS [1129120 2012-05-21] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-03-23] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NAVx64\1308000.00E\Ironx64.SYS [190072 2012-04-17] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1308000.00E\SYMNETS.SYS [405624 2012-04-17] (Symantec Corporation)
S3 dfg; System32\DRIVERS\dfg.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-10-18 16:53 - 2013-10-18 16:53 - 00000000 ____D C:\FRST
2013-10-09 10:32 - 2013-10-09 10:32 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Friendly Cactus
2013-10-09 10:30 - 2013-10-10 19:19 - 00000000 ____D C:\Program Files (x86)\Stranded Dreamscapes - The Prisoner Collectors Edition
2013-10-05 15:20 - 2013-10-18 11:22 - 00000000 ____D C:\Program Files (x86)\Mayan Prophecies - Cursed Island Collectors Edition
2013-09-29 17:32 - 2013-09-29 17:32 - 00002321 _____ C:\Users\Public\Desktop\Play Enigmatis - The Mists of Ravenwood Collector's Edition.lnk
2013-09-29 17:32 - 2013-09-29 17:32 - 00001338 _____ C:\Users\Public\Desktop\More Great Games.lnk
2013-09-29 17:31 - 2013-09-29 17:32 - 00000000 ____D C:\Program Files (x86)\Enigmatis - The Mists of Ravenwood Collector's Edition
2013-09-29 16:36 - 2013-09-29 16:36 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\HotLava
2013-09-26 08:02 - 2013-09-26 08:03 - 03352677 _____ C:\Users\Ellen\Downloads\jd.jpg.webarchive
2013-09-23 16:43 - 2013-09-23 16:43 - 00274888 _____ C:\Windows\Minidump\092313-20685-01.dmp
2013-09-22 16:57 - 2013-09-22 16:57 - 00002242 _____ C:\Users\Public\Desktop\Play League of Light - Dark Omens Collectors Edition.lnk
2013-09-22 16:54 - 2013-09-22 16:57 - 00000000 ____D C:\Program Files (x86)\League of Light - Dark Omens Collectors Edition
2013-09-21 15:31 - 2013-09-21 15:57 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\when_in_rome_bfg
2013-09-18 12:32 - 2013-09-18 12:32 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Boolat Games
2013-09-18 12:29 - 2013-09-18 12:29 - 00002235 _____ C:\Users\Public\Desktop\Play Dark Cases - The Blood Ruby Collectors Edition.lnk
2013-09-18 12:27 - 2013-09-18 12:29 - 00000000 ____D C:\Program Files (x86)\Dark Cases - The Blood Ruby Collectors Edition

==================== One Month Modified Files and Folders =======

2013-10-18 16:53 - 2013-10-18 16:53 - 00000000 ____D C:\FRST
2013-10-18 11:23 - 2012-05-08 05:37 - 00000000 ____D C:\Windows\System32\Macromed
2013-10-18 11:23 - 2012-02-16 09:59 - 00000000 ____D C:\users\Ellen
2013-10-18 11:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-10-18 11:23 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\AppCompat
2013-10-18 11:22 - 2013-10-05 15:20 - 00000000 ____D C:\Program Files (x86)\Mayan Prophecies - Cursed Island Collectors Edition
2013-10-18 11:22 - 2013-07-16 13:33 - 00000000 ____D C:\BigFishCache
2013-10-18 11:22 - 2013-03-13 17:52 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-18 11:22 - 2013-03-13 17:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-18 11:22 - 2013-03-01 07:51 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-10-18 11:22 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-10-18 11:22 - 2009-07-13 19:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-18 11:20 - 2012-05-14 06:38 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Skype
2013-10-10 19:19 - 2013-10-09 10:30 - 00000000 ____D C:\Program Files (x86)\Stranded Dreamscapes - The Prisoner Collectors Edition
2013-10-09 10:32 - 2013-10-09 10:32 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Friendly Cactus
2013-10-09 07:30 - 2013-08-14 12:09 - 00000000 ____D C:\Windows\System32\MRT
2013-10-06 14:15 - 2012-04-15 21:22 - 00000000 ____D C:\Users\Ellen\AppData\Local\CrashDumps
2013-10-06 10:55 - 2012-06-19 17:40 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Elephant Games
2013-10-01 16:01 - 2013-04-10 15:25 - 00000468 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2013-10-01 16:01 - 2012-05-08 05:37 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-01 16:01 - 2011-12-17 00:38 - 02061116 _____ C:\Windows\WindowsUpdate.log
2013-10-01 16:01 - 2009-07-13 21:38 - 00067584 ____S C:\Windows\bootstat(71).dat
2013-10-01 15:25 - 2013-02-26 14:00 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-01 15:15 - 2013-04-10 15:25 - 00000494 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2013-10-01 15:11 - 2009-07-13 20:45 - 00032064 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-01 15:11 - 2009-07-13 20:45 - 00032064 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-01 15:07 - 2009-07-13 21:13 - 00778834 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-01 15:03 - 2013-02-26 14:00 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-01 15:03 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-01 15:03 - 2009-07-13 20:51 - 00105045 _____ C:\Windows\setupact.log
2013-09-30 17:26 - 2012-02-16 10:02 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1B1FAFD7-1D3E-4B05-8BB2-FCFDBF917B06}
2013-09-30 08:37 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\System32\NDF
2013-09-29 17:34 - 2012-12-11 18:22 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Artifex Mundi
2013-09-29 17:32 - 2013-09-29 17:32 - 00002321 _____ C:\Users\Public\Desktop\Play Enigmatis - The Mists of Ravenwood Collector's Edition.lnk
2013-09-29 17:32 - 2013-09-29 17:32 - 00001338 _____ C:\Users\Public\Desktop\More Great Games.lnk
2013-09-29 17:32 - 2013-09-29 17:31 - 00000000 ____D C:\Program Files (x86)\Enigmatis - The Mists of Ravenwood Collector's Edition
2013-09-29 16:36 - 2013-09-29 16:36 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\HotLava
2013-09-26 08:03 - 2013-09-26 08:02 - 03352677 _____ C:\Users\Ellen\Downloads\jd.jpg.webarchive
2013-09-26 05:30 - 2010-11-20 19:47 - 00409456 _____ C:\Windows\PFRO.log
2013-09-25 14:34 - 2013-01-28 17:14 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Eipix
2013-09-25 13:03 - 2012-05-14 06:37 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-09-25 13:03 - 2011-10-14 22:23 - 00000000 ____D C:\ProgramData\Skype
2013-09-23 16:43 - 2013-09-23 16:43 - 00274888 _____ C:\Windows\Minidump\092313-20685-01.dmp
2013-09-23 16:43 - 2012-02-20 14:51 - 415584835 _____ C:\Windows\MEMORY.DMP
2013-09-23 16:43 - 2012-02-20 14:51 - 00000000 ____D C:\Windows\Minidump
2013-09-22 16:57 - 2013-09-22 16:57 - 00002242 _____ C:\Users\Public\Desktop\Play League of Light - Dark Omens Collectors Edition.lnk
2013-09-22 16:57 - 2013-09-22 16:54 - 00000000 ____D C:\Program Files (x86)\League of Light - Dark Omens Collectors Edition
2013-09-22 15:40 - 2012-11-09 12:13 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Mariaglorum
2013-09-21 16:05 - 2012-10-04 17:36 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Playrix Entertainment
2013-09-21 15:57 - 2013-09-21 15:31 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\when_in_rome_bfg
2013-09-21 13:49 - 2013-02-26 14:00 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-19 17:57 - 2012-05-08 05:37 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-19 17:57 - 2012-05-08 05:37 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-19 17:57 - 2011-10-14 22:06 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-18 18:56 - 2011-12-17 00:44 - 00773050 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-09-18 12:32 - 2013-09-18 12:32 - 00000000 ____D C:\Users\Ellen\AppData\Roaming\Boolat Games
2013-09-18 12:29 - 2013-09-18 12:29 - 00002235 _____ C:\Users\Public\Desktop\Play Dark Cases - The Blood Ruby Collectors Edition.lnk
2013-09-18 12:29 - 2013-09-18 12:27 - 00000000 ____D C:\Program Files (x86)\Dark Cases - The Blood Ruby Collectors Edition

Some content of TEMP:
====================
C:\Users\Ellen\AppData\Local\Temp\APNStub.exe
C:\Users\Ellen\AppData\Local\Temp\bfguni.exe
C:\Users\Ellen\AppData\Local\Temp\bstrapInstall.exe
C:\Users\Ellen\AppData\Local\Temp\contentDATs.exe
C:\Users\Ellen\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Ellen\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Ellen\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Ellen\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Ellen\AppData\Local\Temp\mssinstaller.exe
C:\Users\Ellen\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Ellen\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Ellen\AppData\Local\Temp\tempmessage.bfg
C:\Users\Ellen\AppData\Local\Temp\Update.exe

==================== Known DLLs (Whitelisted) ================

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!
C:\Windows\SysWOW64\LPK.dll IS MISSING <==== ATTENTION!

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

2
Restore point made on: 2013-10-01 16:01:54
Restore point made on: 2013-10-09 07:22:27

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 3561.41 MB
Available physical RAM: 2846.33 MB
Total Pagefile: 3559.55 MB
Available Pagefile: 2848.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:674.52 GB) (Free:602.08 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Recovery) (Fixed) (Total:19.95 GB) (Free:2.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32
Drive h: () (Fixed) (Total:7.45 GB) (Free:7.4 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.25 GB) (Free:0.25 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 895A24CC)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=675 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 4867BDE8)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

LastRegBack: 2013-10-10 19:20

==================== End Of Log ============================



BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users