Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

STOP: C0000135 The program can't start because %hs is missing. Try resintalling


  • This topic is locked This topic is locked
6 replies to this topic

#1 Silverlight10

Silverlight10

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 PM

Posted 21 October 2013 - 02:19 PM

Please help. I have the same problem mentioned here. I've ran FRST and here's the result:

 

 

 


 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-10-2013

Ran by SYSTEM on MININT-R0ME20P on 21-10-2013 14:15:13
Running from E:\
Windows 7 Ultimate (X86) OS Language: Spanish Modern Sort
Internet Explorer Version 9
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1721640 2010-05-28] (Synaptics Incorporated)
HKLM\...\Run: [SoundMAXPnP] - C:\Program Files\Analog Devices\Core\smax4pnp.exe [1183744 2007-02-22] (Analog Devices, Inc.)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\RunOnce: [*Restore] - C:\Windows\system32\rstrui.exe /RUNONCE [262656 2009-07-14] (Microsoft Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\Alberto\...\Run: [Google Update] - C:\Users\Alberto\AppData\Local\Google\Update\GoogleUpdate.exe [ 2010-07-02] (Google Inc.)
HKU\Alberto\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
HKU\Alberto\...\Run: [ares] - C:\Program Files\Ares\Ares.exe [ 2010-10-27] (Ares Development Group)
HKU\Patt\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [ 2009-07-14] (Microsoft Corporation)
HKU\Patt\...\Run: [ares] - C:\Program Files\Ares\Ares.exe [ 2010-10-27] (Ares Development Group)
AppInit_DLLs: c:\progra~1\browse~1\sprote~1.dll [ 2010-10-27] ()
 
========================== Services (Whitelisted) =================
 
S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-23] (SUPERAntiSpyware.com)
S2 atchksrv; C:\Program Files\Intel\AMT\atchksrv.exe [182808 2008-05-26] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
S2 NMSAccess; C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096 2010-03-05] ()
S2 UNS; C:\Program Files\Intel\AMT\UNS.exe [1464856 2008-05-26] (Intel Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 CLFS; C:\Windows\System32\CLFS.sys [249408 2009-07-14] (Microsoft Corporation)
S3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [219352 2009-06-06] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-19] (Microsoft Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismc32.sys [47488 2006-10-03] (RICOH Company, Ltd.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SCDEmu; C:\Windows\System32\Drivers\SCDEmu.sys [113336 2013-07-22] (Power Software Ltd)
S3 StarOpen; C:\Windows\System32\Drivers\StarOpen.sys [7168 2009-11-12] ()
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-10-21 14:14 - 2013-10-21 14:14 - 00000000 ____D C:\FRST
2013-10-16 14:55 - 2013-10-16 14:55 - 00022098 _____ C:\Users\Patt\Downloads\Plan de rodaje GENERAL.xlsx
2013-10-16 14:19 - 2013-10-20 19:19 - 00000000 ____D C:\Windows\System32\SPReview
2013-10-16 14:17 - 2013-10-20 19:19 - 00000000 ____D C:\1a250baf2b7e2a665ff369
2013-10-12 20:09 - 2013-10-12 20:09 - 00011358 _____ C:\Users\Patt\Downloads\Llamados CREW.xlsx
2013-10-08 18:48 - 2013-09-16 18:47 - 00000000 ____D C:\Users\Patt\Downloads\kings_of_leon_-_mechanical_bull_2013_bajatodo.net_
2013-10-02 05:59 - 2013-10-02 05:59 - 00000000 ____D C:\Windows\System32\EventProviders
 
==================== One Month Modified Files and Folders =======
 
2013-10-21 14:14 - 2013-10-21 14:14 - 00000000 ____D C:\FRST
2013-10-20 19:21 - 2010-07-02 17:49 - 00000000 ____D C:\users\Alberto
2013-10-20 19:21 - 2010-06-27 02:16 - 00000000 ____D C:\users\Patt
2013-10-20 19:20 - 2009-07-14 10:08 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2013-10-20 19:20 - 2009-07-14 10:08 - 00000000 ____D C:\Windows\ShellNew
2013-10-20 19:20 - 2009-07-14 10:08 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-20 19:20 - 2009-07-14 09:48 - 00000000 ____D C:\Windows\System32\XPSViewer
2013-10-20 19:20 - 2009-07-14 09:48 - 00000000 ____D C:\Windows\System32\es
2013-10-20 19:20 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-10-20 19:20 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-10-20 19:20 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2013-10-20 19:20 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\DVD Maker
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 __RSD C:\Windows\Media
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\TAPI
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\wfp
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\spp
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\Speech
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\MUI
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\AdvancedInstallers
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\L2Schemas
2013-10-20 19:20 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-20 19:19 - 2013-10-16 14:19 - 00000000 ____D C:\Windows\System32\SPReview
2013-10-20 19:19 - 2013-10-16 14:17 - 00000000 ____D C:\1a250baf2b7e2a665ff369
2013-10-20 19:19 - 2013-09-02 05:29 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-20 19:19 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-10-20 19:18 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-10-20 19:10 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-10-20 15:28 - 2009-07-14 10:07 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-10-20 14:44 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\LogFiles
2013-10-20 05:22 - 2010-07-02 17:53 - 00109280 _____ C:\Users\Alberto\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-17 20:13 - 2013-09-12 05:52 - 00000000 ____D C:\Users\Patt\Documents\Com 7 sem
2013-10-17 18:33 - 2013-04-09 04:19 - 00000000 ____D C:\Users\Patt\AppData\Local\Spotify
2013-10-17 18:03 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
2013-10-16 15:43 - 2011-01-17 04:36 - 00000000 ____D C:\Users\Patt\Desktop\My Shared Folder
2013-10-16 14:55 - 2013-10-16 14:55 - 00022098 _____ C:\Users\Patt\Downloads\Plan de rodaje GENERAL.xlsx
2013-10-16 14:19 - 2010-06-27 23:20 - 01530242 _____ C:\Windows\System32\PerfStringBackup.INI
2013-10-16 14:19 - 2010-06-26 19:13 - 01743615 _____ C:\Windows\WindowsUpdate.log
2013-10-16 14:12 - 2013-09-02 05:34 - 00005296 _____ C:\Windows\setupact.log
2013-10-14 20:32 - 2009-07-14 05:34 - 00009584 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-14 20:32 - 2009-07-14 05:34 - 00009584 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-14 06:03 - 2013-04-09 04:16 - 00000000 ____D C:\Users\Patt\AppData\Roaming\Spotify
2013-10-12 20:09 - 2013-10-12 20:09 - 00011358 _____ C:\Users\Patt\Downloads\Llamados CREW.xlsx
2013-10-10 06:44 - 2010-06-27 03:21 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-10 06:35 - 2013-09-03 04:07 - 78106760 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-10-10 06:35 - 2013-09-03 04:07 - 00000000 ____D C:\Windows\System32\MRT
2013-10-10 06:30 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2013-10-09 18:14 - 2010-07-30 02:10 - 00000000 ____D C:\Users\Patt\Documents\My Received Files
2013-10-09 17:01 - 2010-06-27 03:28 - 00000000 ____D C:\Users\Patt\AppData\Local\Adobe
2013-10-08 19:28 - 2013-02-05 21:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-10-08 19:28 - 2013-02-05 21:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-10-02 05:59 - 2013-10-02 05:59 - 00000000 ____D C:\Windows\System32\EventProviders
 
Some content of TEMP:
====================
C:\Users\Alberto\AppData\Local\Temp\install_reader10_es_mssa_aih.exe
C:\Users\Alberto\AppData\Local\Temp\install_reader10_es_mssa_aih_1.exe
C:\Users\Alberto\AppData\Local\Temp\install_reader10_es_mssa_aih_2.exe
C:\Users\Alberto\AppData\Local\Temp\install_reader10_es_mssa_aih_3.exe
C:\Users\Alberto\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Patt\AppData\Local\Temp\nshE0CF.tmp.exe
C:\Users\Patt\AppData\Local\Temp\ose00000.exe
C:\Users\Patt\AppData\Local\Temp\safeguard.exe
 
 
==================== Known DLLs (Whitelisted) ============
 
C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION!.
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2009-07-14 00:24] - [2010-07-11 03:41] - 0811520 ____A (Microsoft Corporation) A6E0C9720DE23A1C785788D549A3C7E0
 
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
4
Restore point made on: 2013-10-16 14:19:40
Restore point made on: 2013-10-17 18:06:05
Restore point made on: 2013-10-18 23:26:13
Restore point made on: 2013-10-20 09:00:31
 
==================== Memory info =========================== 
 
Percentage of memory in use: 21%
Total physical RAM: 2015.3 MB
Available physical RAM: 1584.82 MB
Total Pagefile: 2015.3 MB
Available Pagefile: 1590.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1943.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.79 GB) (Free:10.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (PM) (Removable) (Total:1.86 GB) (Free:1.85 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 8E132A25)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 5D837D69)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
 
 
LastRegBack: 2013-10-13 00:55
 
==================== End Of Log ============================

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 22 October 2013 - 02:00 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

 

Search for files with FRST (Recovery Environment)


In Vista or Windows 7: Boot to System Recovery Options and run FRST.

In Windows XP: Please boot to BartPe and run FRST.



Type the following in the edit box after "Search:"

LPK.dll

Click Search button and post the log (Search.txt) it makes to your reply.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Silverlight10

Silverlight10
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 PM

Posted 22 October 2013 - 04:45 PM

Thanks for answering TB-Psychotic, here is the log you requested:

 

 

 

Farbar Recovery Scan Tool (x86) Version: 19-10-2013

Ran by SYSTEM at 2013-10-22 16:37:28
Running from E:\
Boot Mode: Recovery
 
================== Search: "LPK.dll" ===================
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_abc2c1b1b8daa369\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_abda8263b8c87657\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.21402_none_aa867320d4b9809b\lpk.dll
[2013-09-03 04:16] - [2012-12-16 17:29] - 0026112 ____A (Microsoft Corporation) 1953E31A9290333FEEB28A002D92F68A
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20720_none_aa6eef2ed4cb63a3\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20553_none_aa517c7cd4e1092d\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.20498_none_aa2b3c58d4fcfa7d\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.17194_none_a99d83d1bbe314aa\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16600_none_a9faf23bbb9d8bf7\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16444_none_a9d3afe7bbba66c9\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16402_none_a9fcef03bb9bc457\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7600.16385_none_a9a96e9bbbd9f2bd\lpk.dll
[2009-07-14 00:25] - [2009-07-14 02:15] - 0026624 ____A (Microsoft Corporation) 4F154D2C9C6DF951FD6E5AABBAE6B5EE
 
=== End Of Search ===


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 23 October 2013 - 12:28 AM

Fix with FRST (Recovery Environment)


  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    AppInit_DLLs: c:\progra~1\browse~1\sprote~1.dll [ 2010-10-27] ()
    c:\progra~1\browse~1
    Replace: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll C:\Windows\System32\LPK.dll

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

Try to boot into windows and report.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Silverlight10

Silverlight10
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:17 PM

Posted 23 October 2013 - 04:42 PM

Wow, you're awesome. It's fixed.

 

Here's the log you requested:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-10-2013

Ran by SYSTEM at 2013-10-23 16:38:03 Run:1
Running from E:\
Boot Mode: Recovery
 
==============================================
 
Content of fixlist:
*****************
AppInit_DLLs: c:\progra~1\browse~1\sprote~1.dll [ 2010-10-27] ()
c:\progra~1\browse~1
Replace: C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll C:\Windows\System32\LPK.dll
*****************
 
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
c:\progra~1\browse~1 => Moved successfully.
Could not find C:\Windows\System32\LPK.dll
C:\Windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_ac0e7fd2d22636de\lpk.dll copied successfully to C:\Windows\System32\LPK.dll
 
==== End of Fixlog ====

 

Thanks! :-)



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 26 October 2013 - 06:38 AM

We´re not finished yet!

 

 

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

 

 

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 PM

Posted 30 October 2013 - 03:33 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users