Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BSOD STOP: C0000135 The program can't start because %hs is missing


  • This topic is locked This topic is locked
13 replies to this topic

#1 kiester

kiester

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 27 September 2014 - 01:09 PM

I have a system running Windows 7 x64 that had a failing hard drive. I took an image of the drive which did complete and pushed it to a new drive. After re-installing the new HDD it comes up with the BSOD STOP:c0000135 The program can't start because %hs is missing from your computer. Try reinstalling the program to fix this problem.

 

I don't want to do a full Windows install since it is for a business system that has a ton of software installed.

 

I ran an older version of FRST since, for some reason, the 64-bit one on bleepingcomputer says it isn't a valid win x86 application. The following is the log from the system. Thank you in advance for any help or advice.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-11-2013 (ATTENTION: ====> FRST version is 307 days old and could be outdated)
Ran by SYSTEM on MININT-3V2HN23 on 27-09-2014 13:11:03
Running from F:\
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [HotKeysCmds] - "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-23] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2013-12-11] (LogMeIn, Inc.)
HKLM\...\Run: [Bdagent] - C:\Program Files\Bitdefender\Bitdefender\bdagent.exe [1743088 2014-08-13] (Bitdefender)
HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\keven\...\Run: [SkyDrive] - C:\Users\keven\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-09-25] (Microsoft Corporation)
HKU\keven\...\Run: [PowerPanel Personal Edition User Interaction] - C:\Program Files (x86)\PowerPanel Personal Edition\pppeuser.exe [315392 2008-02-15] ()
HKU\keven\...\Run: [Weather] - C:\Program Files (x86)\AWS\WeatherBug\Weather.exe [1653760 2013-06-05] (AWS Convergence Technologies, Inc.)
HKU\keven\...\Run: [Bitdefender Wallet Agent] - C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe [568400 2014-08-13] (Bitdefender)
HKU\keven\...\Run: [Bitdefender Wallet] - C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe [1002048 2014-08-13] (Bitdefender)
HKU\keven\...\Run: [Bitdefender Wallet Application Agent] - C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe [615256 2014-08-13] (Bitdefender)
HKU\keven\...\Run: [Amazon Music] - C:\Users\keven\AppData\Local\Amazon Music\Amazon Music Helper.exe [6281536 2014-09-05] ()
HKU\keven\...\RunOnce: [Uninstall C:\Users\keven\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\keven\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"
HKU\keven\...\RunOnce: [Uninstall C:\Users\keven\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\keven\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714"
Startup: C:\Users\keven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk ->  (No File)
Startup: C:\Users\keven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Services (Whitelisted) =================
 
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-07-31] (Microsoft Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-18] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2014-07-18] (LogMeIn, Inc.)
S2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-12-11] (LogMeIn, Inc.)
S2 ppped; C:\Program Files (x86)\PowerPanel Personal Edition\ppped.exe [868352 2008-02-15] ()
S2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe [67320 2014-08-13] (Bitdefender)
S2 VSSERV; C:\Program Files\Bitdefender\Bitdefender\vsserv.exe [1528896 2014-08-13] (Bitdefender)
 
==================== Drivers (Whitelisted) ====================
 
S0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1260120 2014-08-13] (BitDefender)
S3 avchv; C:\Windows\System32\DRIVERS\avchv.sys [261056 2012-11-02] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [647752 2014-08-13] (BitDefender)
S1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [103504 2011-11-14] (BitDefender LLC)
S3 BDSandBox; C:\Windows\system32\drivers\bdsandbox.sys [82824 2014-07-29] (BitDefender SRL)
S0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [150256 2013-08-23] (BitDefender LLC)
S0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-12-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [419616 2014-08-13] (BitDefender S.R.L.)
S3 gdrv; \??\C:\Windows\gdrv.sys [x]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-09-27 13:10 - 2014-09-27 13:10 - 00000000 ____D C:\FRST
2014-09-27 11:26 - 2014-09-27 11:27 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2014-09-27 11:26 - 2014-09-27 11:27 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2014-09-27 11:24 - 2014-09-27 11:24 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2014-09-27 11:19 - 2014-09-27 11:19 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-09-27 11:18 - 2014-09-27 11:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2014-09-27 07:39 - 2014-09-27 07:39 - 00000000 __SHD C:\found.000
2014-09-25 16:17 - 2014-09-25 16:17 - 00285288 _____ C:\Windows\Minidump\092514-50325-01.dmp
2014-09-25 16:17 - 2014-09-25 16:17 - 00000000 ____D C:\Windows\Minidump
2014-09-25 16:16 - 2014-09-26 05:52 - 508908055 _____ C:\Windows\MEMORY.DMP
2014-09-24 07:27 - 2014-09-24 07:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files\iTunes
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files\iPod
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-09-24 07:23 - 2014-09-24 07:24 - 112794960 _____ (Apple Inc.) C:\Users\keven\Downloads\iTunes64Setup (1).exe
2014-09-24 02:39 - 2014-09-09 14:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-09-24 02:39 - 2014-09-09 13:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-23 14:02 - 2014-09-23 14:02 - 00046592 _____ C:\Users\keven\Downloads\02 One Truck Sample Annual Budget Handout.xls
2014-09-23 13:27 - 2014-09-23 13:28 - 00000000 ____D C:\Users\keven\Documents\Fax
2014-09-12 07:27 - 2014-09-12 07:27 - 11218040 _____ C:\Users\keven\Downloads\join.me.exe
2014-09-12 00:05 - 2014-08-19 10:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-09-12 00:05 - 2014-08-19 09:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 00:05 - 2014-08-18 15:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-09-12 00:05 - 2014-08-18 14:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-09-12 00:05 - 2014-08-18 14:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-09-12 00:05 - 2014-08-18 14:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 00:05 - 2014-08-18 14:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-09-12 00:05 - 2014-08-18 14:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-09-12 00:05 - 2014-08-18 14:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-09-12 00:05 - 2014-08-18 14:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-09-12 00:05 - 2014-08-18 14:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-09-12 00:05 - 2014-08-18 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-09-12 00:05 - 2014-08-18 14:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 00:05 - 2014-08-18 14:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-09-12 00:05 - 2014-08-18 14:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-09-12 00:05 - 2014-08-18 14:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-09-12 00:05 - 2014-08-18 14:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-09-12 00:05 - 2014-08-18 14:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-09-12 00:05 - 2014-08-18 14:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-09-12 00:05 - 2014-08-18 13:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 00:05 - 2014-08-18 13:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-12 00:05 - 2014-08-18 13:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-09-12 00:05 - 2014-08-18 13:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 00:05 - 2014-08-18 13:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-09-12 00:05 - 2014-08-18 13:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 00:05 - 2014-08-18 13:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 00:05 - 2014-08-18 13:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 00:05 - 2014-08-18 13:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 00:05 - 2014-08-18 13:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-09-12 00:05 - 2014-08-18 13:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-09-12 00:05 - 2014-08-18 13:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 00:05 - 2014-08-18 13:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 00:05 - 2014-08-18 13:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-09-12 00:05 - 2014-08-18 13:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 00:05 - 2014-08-18 13:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 00:05 - 2014-08-18 13:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 00:05 - 2014-08-18 13:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 00:05 - 2014-08-18 13:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-09-12 00:05 - 2014-08-18 13:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-09-12 00:05 - 2014-08-18 13:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-09-12 00:05 - 2014-08-18 13:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-09-12 00:05 - 2014-08-18 13:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 00:05 - 2014-08-18 13:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 00:05 - 2014-08-18 13:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 00:05 - 2014-08-18 13:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 00:05 - 2014-08-18 13:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-09-12 00:05 - 2014-08-18 13:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 00:05 - 2014-08-18 13:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-09-12 00:05 - 2014-08-18 13:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 00:05 - 2014-08-18 13:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 00:05 - 2014-08-18 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 00:05 - 2014-08-18 12:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-09-12 00:05 - 2014-08-18 12:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 00:05 - 2014-08-18 12:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 00:05 - 2014-08-18 12:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-09-12 00:05 - 2014-08-18 12:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 00:00 - 2014-06-26 18:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-09-12 00:00 - 2014-06-26 17:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 20:26 - 2014-08-01 03:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-09-11 20:26 - 2014-08-01 03:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 20:25 - 2014-09-04 18:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-11 20:25 - 2014-09-04 18:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-11 20:25 - 2014-07-06 18:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-09-11 20:25 - 2014-07-06 18:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-09-11 20:25 - 2014-07-06 17:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 20:25 - 2014-07-06 17:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 20:25 - 2014-07-06 17:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 20:25 - 2014-06-23 19:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-09-11 20:25 - 2014-06-23 18:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-09 14:26 - 2014-09-09 14:26 - 00056440 _____ C:\Users\keven\Desktop\Copy of money for the week2 (Autosaved).xlsm
2014-09-09 11:43 - 2014-09-09 11:43 - 00019022 _____ C:\Users\keven\Downloads\Copy of Member List.xlsx
2014-09-05 11:28 - 2014-09-12 07:27 - 00000000 ____D C:\Users\keven\AppData\Local\join.me
2014-09-05 11:28 - 2014-09-05 11:28 - 00001024 _____ C:\Users\keven\Desktop\join.me.lnk
2014-09-01 09:01 - 2014-09-01 09:01 - 00918440 _____ (Oracle Corporation) C:\Users\keven\Downloads\chromeinstall-7u67.exe
2014-09-01 09:01 - 2014-09-01 09:01 - 00004162 _____ C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-01 09:01 - 2014-07-25 09:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-01 09:01 - 2014-07-25 09:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-01 09:01 - 2014-07-25 09:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-01 09:01 - 2014-07-25 09:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
 
==================== One Month Modified Files and Folders =======
 
2014-09-27 13:10 - 2014-09-27 13:10 - 00000000 ____D C:\FRST
2014-09-27 11:27 - 2014-09-27 11:26 - 00000000 ____D C:\Windows\SysWOW64\lv-LV
2014-09-27 11:27 - 2014-09-27 11:26 - 00000000 ____D C:\Windows\SysWOW64\lt-LT
2014-09-27 11:24 - 2014-09-27 11:24 - 00000000 ____D C:\Windows\SysWOW64\manifeststore
2014-09-27 11:19 - 2014-09-27 11:19 - 00985536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-09-27 11:18 - 2014-09-27 11:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2014-09-27 07:39 - 2014-09-27 07:39 - 00000000 __SHD C:\found.000
2014-09-26 05:52 - 2014-09-25 16:16 - 508908055 _____ C:\Windows\MEMORY.DMP
2014-09-25 21:39 - 2014-02-14 16:04 - 02024039 _____ C:\Windows\WindowsUpdate.log
2014-09-25 21:19 - 2014-03-18 11:05 - 00000538 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3982237404-988123896-1026235281-1119.job
2014-09-25 21:09 - 2014-02-15 10:16 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-25 21:08 - 2014-02-15 10:16 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-25 21:00 - 2014-03-25 12:32 - 00000000 ____D C:\Program Files (x86)\PowerPanel Personal Edition
2014-09-25 16:28 - 2009-07-13 20:45 - 00031904 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-25 16:28 - 2009-07-13 20:45 - 00031904 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-25 16:19 - 2014-02-17 09:04 - 00000152 _____ C:\Windows\System32\config\netlogon.ftl
2014-09-25 16:18 - 2014-02-15 10:22 - 00012110 _____ C:\Windows\setupact.log
2014-09-25 16:18 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-09-25 16:17 - 2014-09-25 16:17 - 00285288 _____ C:\Windows\Minidump\092514-50325-01.dmp
2014-09-25 16:17 - 2014-09-25 16:17 - 00000000 ____D C:\Windows\Minidump
2014-09-25 15:07 - 2014-02-15 10:16 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-25 13:25 - 2014-03-20 13:24 - 00000000 ____D C:\ProgramData\LogMeIn
2014-09-25 08:34 - 2014-03-18 13:38 - 00000000 ___RD C:\Users\keven\OneDrive
2014-09-25 02:40 - 2014-02-17 09:25 - 00000000 ____D C:\Users\keven\Documents\Outlook
2014-09-24 19:20 - 2014-02-15 10:16 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-24 07:40 - 2009-07-13 21:13 - 00787674 _____ C:\Windows\System32\PerfStringBackup.INI
2014-09-24 07:27 - 2014-09-24 07:27 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files\iTunes
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files\iPod
2014-09-24 07:27 - 2014-09-24 07:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2014-09-24 07:24 - 2014-09-24 07:23 - 112794960 _____ (Apple Inc.) C:\Users\keven\Downloads\iTunes64Setup (1).exe
2014-09-24 07:24 - 2014-05-25 12:41 - 00000000 ____D C:\Users\keven\AppData\Local\Amazon Cloud Player
2014-09-23 14:02 - 2014-09-23 14:02 - 00046592 _____ C:\Users\keven\Downloads\02 One Truck Sample Annual Budget Handout.xls
2014-09-23 13:28 - 2014-09-23 13:27 - 00000000 ____D C:\Users\keven\Documents\Fax
2014-09-22 12:25 - 2014-02-17 11:05 - 00000979 _____ C:\Users\keven\Desktop\Dropbox.lnk
2014-09-22 12:25 - 2014-02-17 11:05 - 00000000 ___RD C:\Users\keven\Dropbox
2014-09-22 12:25 - 2014-02-17 11:04 - 00000000 ____D C:\Users\keven\AppData\Roaming\Dropbox
2014-09-16 21:21 - 2014-03-18 11:05 - 00003578 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3982237404-988123896-1026235281-1119
2014-09-15 06:06 - 2010-11-20 19:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2014-09-12 07:27 - 2014-09-12 07:27 - 11218040 _____ C:\Users\keven\Downloads\join.me.exe
2014-09-12 07:27 - 2014-09-05 11:28 - 00000000 ____D C:\Users\keven\AppData\Local\join.me
2014-09-12 01:03 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2014-09-12 00:07 - 2014-02-15 09:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-09-12 00:04 - 2014-02-15 08:42 - 00000000 ____D C:\Windows\System32\MRT
2014-09-12 00:04 - 2014-02-14 16:12 - 00779716 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 00:01 - 2014-02-15 08:42 - 101694776 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-09-12 00:00 - 2014-05-06 00:00 - 00000000 ___SD C:\Windows\System32\CompatTel
2014-09-09 14:26 - 2014-09-09 14:26 - 00056440 _____ C:\Users\keven\Desktop\Copy of money for the week2 (Autosaved).xlsm
2014-09-09 14:11 - 2014-09-24 02:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2014-09-09 13:58 - 2014-02-15 07:26 - 00056683 _____ C:\Users\keven\Desktop\Copy of money for the week2.xlsm
2014-09-09 13:47 - 2014-09-24 02:39 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-09 11:43 - 2014-09-09 11:43 - 00019022 _____ C:\Users\keven\Downloads\Copy of Member List.xlsx
2014-09-05 11:28 - 2014-09-05 11:28 - 00001024 _____ C:\Users\keven\Desktop\join.me.lnk
2014-09-04 18:10 - 2014-09-11 20:25 - 00578048 _____ (Microsoft Corporation) C:\Windows\System32\aepdu.dll
2014-09-04 18:05 - 2014-09-11 20:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\System32\aeinv.dll
2014-09-02 14:48 - 2014-07-28 07:14 - 00247305 _____ C:\Users\keven\Desktop\TRUCKLIST 7  JULY 2014.xlsx
2014-09-01 09:01 - 2014-09-01 09:01 - 00918440 _____ (Oracle Corporation) C:\Users\keven\Downloads\chromeinstall-7u67.exe
2014-09-01 09:01 - 2014-09-01 09:01 - 00004162 _____ C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-01 09:01 - 2014-07-11 09:16 - 00000000 ____D C:\Program Files (x86)\Java
2014-09-01 09:01 - 2014-06-02 11:38 - 00000000 ____D C:\ProgramData\Oracle
2014-08-28 00:17 - 2014-02-15 10:30 - 00440784 _____ C:\Windows\System32\FNTCACHE.DAT
2014-08-28 00:16 - 2014-02-15 10:30 - 00178170 _____ C:\Windows\PFRO.log
 
Some content of TEMP:
====================
C:\Users\keven\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdgkxgy.dll
C:\Users\keven\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqsbczr.dll
C:\Users\keven\AppData\Local\Temp\Install.exe
C:\Users\keven\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\keven\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\keven\AppData\Local\Temp\Offercast2802_WBV5_.exe
C:\Users\keven\AppData\Local\Temp\uninstal.exe
C:\Users\keven\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
C:\Windows\System32\WS2_32.dll IS MISSING <==== ATTENTION!
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe
[2014-05-14 21:26] - [2014-03-04 01:43] - 0455168 ____A (Microsoft Corporation) 88AB9B72B4BF3963A0DE0820B4B0B06C
 
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
C:\Windows\System32\winsrv.dll IS MISSING <==== ATTENTION!.
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 10%
Total physical RAM: 8089.75 MB
Available physical RAM: 7278.06 MB
Total Pagefile: 8087.95 MB
Available Pagefile: 7274.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:465.42 GB) (Free:386.04 GB) NTFS
Drive e: (2009.10.23_0002) (CDROM) (Total:0.26 GB) (Free:0 GB) UDF
Drive f: (Tech2) (Removable) (Total:14.76 GB) (Free:0.16 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 129E4EEF)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 15 GB) (Disk ID: CF7AF3B9)
Partition 1: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
 
 
LastRegBack: 2014-09-15 21:37
 
==================== End Of Log ============================

Edited by hamluis, 27 September 2014 - 02:02 PM.
Moved from Win 7 to Malware Remvoval Logs - Hamluis.


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 28 September 2014 - 07:55 AM

Hi there,

Start your computer in the System Recovery Options again and open FRST.
  • Write the following text into the Search: textbox:
    winsrv.dll
  • Click on the Search File(s) button.
  • When the search is finished a log file (Search.txt) is save on your flash drive.
    Copy and paste it in your next reply.


#3 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 28 September 2014 - 08:09 AM

Thanks for the response. I'm not at my shop today so I will get the report tomorrow and post the results as soon add I can.

#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 28 September 2014 - 08:23 AM

Ok.

#5 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 29 September 2014 - 09:51 AM

Here are the scan results.

 

Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by SYSTEM at 2014-09-29 10:01:14
Running from C:\
Boot Mode: Recovery
 
================== Search: "winsrv.dll" ===================
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22653_none_1501e21acc33cfc4\winsrv.dll
[2014-05-14 21:26] - [2014-04-11 18:32] - 0215552 ____A (Microsoft Corporation) BDADDE9AD8DD2BF67426C23A8874D776
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22616_none_153022a8cc10ac05\winsrv.dll
[2014-04-09 01:19] - [2014-03-04 03:08] - 0215552 ____A (Microsoft Corporation) 9A1BEE89214174AC2862344670C42B5A
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22436_none_151a7f04cc20e999\winsrv.dll
[2014-02-15 02:24] - [2013-08-28 18:21] - 0215040 ____A (Microsoft Corporation) 516D82106CAFAE156C61C5AB627A6409
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22411_none_152b1d6acc153304\winsrv.dll
[2014-02-15 02:25] - [2013-08-01 22:23] - 0215040 ____A (Microsoft Corporation) 99AACC82C6B8A8E976CA59CFD3C322EF
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22177_none_14f039eccc407b3f\winsrv.dll
[2014-02-15 02:24] - [2012-11-29 21:55] - 0215040 ____A (Microsoft Corporation) C2B1F6196C7FE1EA1BF827312B095D06
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22125_none_152448f4cc19bcdc\winsrv.dll
[2014-02-15 02:24] - [2012-10-04 09:43] - 0215040 ____A (Microsoft Corporation) CC44EBC3E04E76AABE19EB4A16663E4A
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22091_none_14d49672cc561df0\winsrv.dll
[2014-02-15 08:09] - [2014-02-15 08:09] - 0215040 ____A (Microsoft Corporation) 111AFE35DD2D423EE8E176CA7B2BBDC7
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.21738_none_151c9c12cc1efa1b\winsrv.dll
[2014-02-15 08:08] - [2014-02-15 08:08] - 0214528 ____A (Microsoft Corporation) 5AA1C7B5F471C4657BE38447BC397665
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18043_none_14830bbdb30e2246\winsrv.dll
[2014-02-15 02:24] - [2013-01-03 21:46] - 0215040 ____A (Microsoft Corporation) 0C27239FEA4DB8A2AAC9E502186B7264
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.18015_none_14a57c15b2f40121\winsrv.dll
[2014-02-15 02:24] - [2012-11-29 21:45] - 0215040 ____A (Microsoft Corporation) 9E479C2B605C25DA4971ABA36250FAEF
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17965_none_146f9457b31c5994\winsrv.dll
[2014-02-15 02:24] - [2012-10-04 09:45] - 0215040 ____A (Microsoft Corporation) 72CC564BBC70DE268784BCE91EB8A28F
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17932_none_148d033db306b9bc\winsrv.dll
[2014-02-15 08:09] - [2014-02-15 08:09] - 0215040 ____A (Microsoft Corporation) F46BBAAC1C4980F4D0DD463F190A42D3
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17625_none_149ace55b2fbf25b\winsrv.dll
[2014-02-15 08:08] - [2014-02-15 08:08] - 0214528 ____A (Microsoft Corporation) 9F761CE1C6C013120B2F0DB27D48C06F
 
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.17514_none_14a49c11b2f4bfec\winsrv.dll
[2010-11-20 19:24] - [2010-11-20 19:24] - 0214016 ____A (Microsoft Corporation) E0406AEF04B088D1C49FC78D0546F689
 
====== End Of Search ======


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 29 September 2014 - 10:35 AM

Does the computer boot into Windows again after this fix?


Please download this attached Attached File  fixlist.txt   155bytes   5 downloads and save it on the same flash drive as FRST.
  • Plug in the flash drive to the infected computer, enter the System Recovery Options and open FRST.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) is saved on the flash drive.
    Please copy and paste its contents in your next reply.


#7 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 29 September 2014 - 10:51 AM

Unfortunately the computer still has the same error. Contents of fixlog.txt are below.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-11-2013
Ran by SYSTEM at 2014-09-29 11:02:03 Run:1
Running from F:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
Replace: C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22653_none_1501e21acc33cfc4\winsrv.dll C:\Windows\System32\winsrv.dll
 
*****************
 
Could not find C:\Windows\System32\winsrv.dll.
C:\Windows\winsxs\amd64_microsoft-windows-winsrv_31bf3856ad364e35_6.1.7601.22653_none_1501e21acc33cfc4\winsrv.dll copied successfully to C:\Windows\System32\winsrv.dll
 
==== End of Fixlog ====


#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 29 September 2014 - 11:06 AM

That's what I suspected. It seems that quite some damaged is done..
So let's try this next:


Please download this attached Attached File  fixlist.txt   57bytes   6 downloads and save it on the same flash drive as FRST.
  • Plug in the flash drive to the infected computer, enter the System Recovery Options and open FRST.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) is saved on the flash drive.
    Please copy and paste its contents in your next reply.


#9 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 29 September 2014 - 11:39 AM

I'm not surprised there is a lot of damage. The hard drive was making some pretty angry noises while I was taking the image. I don't know if the tool ran right, but below is the log it printed out:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-11-2013
Ran by SYSTEM at 2014-09-29 11:46:51 Run:2
Running from F:\
Boot Mode: Recovery
==============================================
 
Content of fixlist:
*****************
CMD: sfc /scannow /offbootdir=c:\ /offwindir=c:\windows
 
*****************
 
 
=========  sfc /scannow /offbootdir=c:\ /offwindir=c:\windows =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
 
Windows Resource Protection could not perform the requested operation.
 
 
========= End of CMD: =========
 
 
==== End of Fixlog ====


#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 29 September 2014 - 01:04 PM

No it didn't run right..
Let's continue with manual replacements then and hope the best..


Start your computer in the System Recovery Options again and open FRST.
  • Write the following text into the Search: textbox:
    WS2_32.dll
  • Click on the Search File(s) button.
  • When the search is finished a log file (Search.txt) is save on your flash drive.
    Copy and paste it in your next reply.


#11 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 29 September 2014 - 02:32 PM

Farbar Recovery Scan Tool (x64) Version: 24-11-2013
Ran by SYSTEM at 2014-09-29 14:42:24
Running from F:\
Boot Mode: Recovery
 
================== Search: "ws2_32.dll" ===================
 
C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 0206848 ____A (Microsoft Corporation) 7FF15A4F092CD4A96055BA69F903E3E9
 
C:\Windows\SysWOW64\ws2_32.dll
[2010-11-20 19:23] - [2010-11-20 19:23] - 0206848 ____A (Microsoft Corporation) 7FF15A4F092CD4A96055BA69F903E3E9
 
====== End Of Search ======


#12 kiester

kiester
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:34 AM

Posted 30 September 2014 - 05:04 PM

Unfortunately my customer started rushing me so I was forced to re-install Windows. I'd have loved it if a solution could have been found, but unfortunately I have run out of time. Thank you for all of your help!



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 03 October 2014 - 08:18 AM

I'm sorry that I wasn't able to help you solve this problem quickly enough.
The system was severly damaged. Even to the point that the sfc routine to restore damaged and missing system files didn't work anymore. I hoped that we could at least do enough repairs to get the computer booting again - and then do a repair install of the operating system (i.e. inplace upgrade) without touching other installed software and data. But on the other hand it may also be possible that the other software was damaged as well by this hard drive failure. And in this case re-installing everything from scratch might have been the best option anyway..

#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 12 October 2014 - 01:20 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users