Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer won't book - LPK.dll missing


  • This topic is locked This topic is locked
6 replies to this topic

#1 jbty92

jbty92

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 11 April 2018 - 01:54 PM

Hello,

I am trying to fix a laptop that will not boot properly. It blue screens.

I ran the FRST tool on it, here are the results:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by SYSTEM on MININT-CU551CV (11-04-2018 19:51:46)
Running from f:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 9
Boot Mode: Recovery
Default: ControlSet001
[b]ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.[/b]

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [525312 2011-01-25] (IDT, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [609144 2011-04-12] (Alps Electric Co., Ltd.)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-07-27] (Intel(R) Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055816 2011-05-30] ()
HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-11-25] (Sonic Solutions)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe [514544 2010-11-17] ()
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1535112 2012-09-12] (McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [38112 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1391272 2012-01-03] (Ask)
HKLM-x32\...\Run: [GamingWonderland Search Scope Monitor] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrchMn.exe [38440 2012-02-03] (MindSpark)
HKLM-x32\...\Run: [GamingWonderland Browser Plugin Loader] => C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbrmon.exe [30096 2012-02-03] (VER_COMPANY_NAME)
HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [885760 2011-05-30] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [Microsoft Default Manager] => "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
HKLM\...\RunOnce: [*Restore] => C:\windows\System32\rstrui.exe [296960 2010-11-20] (Microsoft Corporation)
HKLM-x32\...\RunOnce: [!BingBar] => "C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0oemBingBarSetup-Partner.EXE" /C:"BBSetup.exe cabLocation=.\BingBarPartnerConfig.cab ui=false ismu=2"
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\shannbb\...\Run: [AROReminder] => C:\Program Files (x86)\ARO 2011\ARO.exe [2315120 2011-11-11] (Support.com)
HKU\shannbb\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AcfXAudioService; C:\windows\SysWOW64\ACFXAU64.dll [436736 2009-04-28] (Conexant Systems, Inc.)
S2 GamingWonderlandService; C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe [42504 2012-02-03] (COMPANYVERS_NAME)
S2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [220528 2010-08-30] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-09-10] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-07-17] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-07-17] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-07-17] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-07-27] ()
S2 SeaPort; "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe" [X]
S2 WinDefend; %ProgramFiles(x86)%\Windows Defender\mpsvc.dll [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acfva; C:\Windows\System32\DRIVERS\ACFVA64.sys [123008 2009-04-03] (Conexant Systems Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [69672 2012-07-17] (McAfee, Inc.)
S3 dgcfltr; C:\Windows\System32\DRIVERS\ACFDCP64.sys [34944 2009-04-28] (Conexant Systems, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S2 mdmxsdk; C:\Windows\System32\DRIVERS\ACFSDK64.sys [17024 2007-03-15] (Conexant)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [169320 2012-07-17] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [300392 2012-07-17] (McAfee, Inc.)
S3 mfeavfk01; no ImagePath
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [513456 2012-07-17] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [752672 2012-07-17] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106112 2012-07-17] (McAfee, Inc.)
S0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335784 2012-07-17] (McAfee, Inc.)
S2 XAudio; C:\Windows\System32\DRIVERS\ACFXAU64.sys [10240 2009-04-28] (Conexant Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-11 19:51 - 2018-04-11 19:51 - 000000000 ____D C:\FRST
2018-03-26 20:51 - 2018-03-26 20:51 - 000003288 ____N C:\bootsqm.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-26 16:45 - 2014-02-19 12:34 - 000000000 ____D C:\Program Files\Microsoft Security Client
2018-03-26 16:45 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2018-03-26 16:45 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2018-03-26 16:41 - 2012-02-18 08:29 - 000000000 ____D C:\Windows\System32\Macromed
2018-03-26 16:41 - 2011-12-31 19:49 - 000000000 ____D C:\Windows\System32\Tasks\Games
2018-03-26 16:41 - 2011-11-18 12:00 - 000000000 ____D C:\users\shannbb
2018-03-26 16:41 - 2011-11-11 21:50 - 000000000 ____D C:\Windows\ShellNew
2018-03-26 16:41 - 2011-11-11 21:50 - 000000000 ____D C:\Program Files\Windows Journal
2018-03-26 16:41 - 2011-11-11 20:07 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Windows\Offline Web Pages
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\Windows Defender
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files\DVD Maker
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-03-26 16:41 - 2009-07-14 00:32 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-03-26 16:41 - 2009-07-14 00:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 __RSD C:\Windows\Media
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\System32\NDF
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\System32\migwiz
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\System32\icsxml
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\System32\Dism
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\System32\AdvancedInstallers
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\servicing
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\schemas
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\rescache
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\L2Schemas
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\IME
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\Cursors
2018-03-26 16:41 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\System
2018-03-26 16:40 - 2017-09-18 21:16 - 000000000 ____D C:\6d2adcad0c8766621a73769d2c03
2018-03-26 16:40 - 2013-03-14 18:25 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2018-03-26 16:40 - 2013-03-14 18:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-03-26 16:40 - 2012-05-27 15:28 - 000000000 ____D C:\Program Files (x86)\I Want This
2018-03-26 16:40 - 2012-04-02 18:14 - 000000000 ____D C:\Program Files (x86)\Jewel Quest 2
2018-03-26 16:40 - 2012-04-02 18:13 - 000000000 ____D C:\Program Files (x86)\Jewel Quest
2018-03-26 16:40 - 2012-04-02 18:08 - 000000000 ____D C:\Program Files (x86)\Jewel Quest - Sleepless Star
2018-03-26 16:40 - 2012-03-09 18:26 - 000000000 ____D C:\Program Files\Dell Support Center
2018-03-26 16:40 - 2012-03-01 19:52 - 000000000 ____D C:\Program Files (x86)\Slot Quest - Under the Sea
2018-03-26 16:40 - 2012-02-12 13:16 - 000000000 ____D C:\Users\shannbb\AppData\Local\JetBingo
2018-03-26 16:40 - 2012-02-03 11:41 - 000000000 ____D C:\Program Files (x86)\bfgclient
2018-03-26 16:40 - 2011-12-28 17:37 - 000000000 ____D C:\Users\shannbb\AppData\Roaming\Sammsoft
2018-03-26 16:40 - 2011-12-28 17:36 - 000000000 ____D C:\Program Files (x86)\ARO 2011
2018-03-26 16:40 - 2011-12-28 11:07 - 000000000 ____D C:\Program Files (x86)\Ask.com
2018-03-26 16:40 - 2011-11-18 12:00 - 000000000 ___RD C:\Users\shannbb\Desktop\Play Games
2018-03-26 16:40 - 2011-11-11 20:54 - 000000000 ____D C:\Program Files (x86)\Dell DataSafe Local Backup
2018-03-26 16:40 - 2011-11-11 20:53 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\ProgramData\McAfee
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\Program Files\mcafee.com
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\Program Files\mcafee
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\Program Files\Common Files\mcafee
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\Program Files (x86)\mcafee.com
2018-03-26 16:40 - 2011-11-11 20:51 - 000000000 ____D C:\Program Files (x86)\McAfee
2018-03-26 16:40 - 2011-11-11 20:48 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-03-26 16:40 - 2011-11-11 20:48 - 000000000 ____D C:\ProgramData\Skype
2018-03-26 16:40 - 2011-11-11 20:41 - 000000000 ____D C:\Program Files\Dell Games Folder
2018-03-26 16:40 - 2011-11-11 20:41 - 000000000 ____D C:\Program Files (x86)\Dell Stage
2018-03-26 16:40 - 2011-11-11 20:40 - 000000000 ____D C:\Program Files (x86)\eBay
2018-03-26 16:40 - 2011-11-11 20:15 - 000000000 ____D C:\Program Files\DellTPad
2018-03-26 16:40 - 2011-11-11 20:13 - 000000000 ____D C:\Program Files\IDT
2018-03-26 16:40 - 2009-07-14 00:32 - 000000000 ____D C:\Windows\Downloaded Program Files
2018-03-26 16:40 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\AppCompat
2018-03-26 16:40 - 2009-07-13 22:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-03-26 16:33 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2018-03-26 16:17 - 2012-11-23 11:34 - 000000000 ____D C:\Users\shannbb\AppData\Local\Google
2018-03-26 16:17 - 2012-01-15 10:00 - 000000000 ____D C:\ProgramData\PCDr
2018-03-26 16:17 - 2011-11-11 20:53 - 000000000 ____D C:\ProgramData\Adobe
2018-03-26 16:15 - 2012-11-23 11:34 - 000000000 ____D C:\Program Files (x86)\Google
2018-03-26 16:00 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\tracing
2018-03-26 13:44 - 2009-07-13 23:45 - 000020928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-03-26 13:44 - 2009-07-13 23:45 - 000020928 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-03-26 13:43 - 2011-11-18 12:00 - 000000000 ____D C:\Users\shannbb\AppData\Local\SoftThinks
2018-03-26 13:43 - 2011-11-11 20:43 - 000000000 ____D C:\ProgramData\Sonic

Some files in TEMP:
====================
2012-02-19 00:52 - 2012-02-19 00:52 - 000357032 _____ (Ask.com) C:\Users\shannbb\AppData\Local\Temp\ApnStub.exe
2011-12-28 17:30 - 2011-12-28 17:35 - 000246440 _____ (Ask.com) C:\Users\shannbb\AppData\Local\Temp\AskSLib.dll
2012-07-01 08:23 - 2012-07-01 09:35 - 007742384 _____ (Oracle Corporation) C:\Users\shannbb\AppData\Local\Temp\fx-runtime.exe
2012-02-12 13:17 - 2004-11-12 10:41 - 000057344 _____ () C:\Users\shannbb\AppData\Local\Temp\GLFFB76.tmp.exe
2012-02-12 13:14 - 2012-02-12 13:14 - 019821424 _____ () C:\Users\shannbb\AppData\Local\Temp\JetBingoInstaller.exe
2012-01-24 14:44 - 2012-01-24 15:11 - 000310576 _____ (SweetIM Technologies Ltd.) C:\Users\shannbb\AppData\Local\Temp\JewelQuest3SDM.exe
2011-11-14 16:08 - 2011-11-14 16:08 - 000909088 _____ (Sun Microsystems, Inc.) C:\Users\shannbb\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe
2012-02-20 10:45 - 2012-02-20 10:45 - 000909600 _____ (Sun Microsystems, Inc.) C:\Users\shannbb\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
2012-10-26 10:05 - 2012-10-26 10:05 - 000912368 _____ (Sun Microsystems, Inc.) C:\Users\shannbb\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
2012-06-19 20:57 - 2012-06-19 20:57 - 000893936 _____ (Oracle Corporation) C:\Users\shannbb\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
2012-01-24 14:49 - 2012-01-24 14:49 - 000393016 _____ (SweetIM Technologies Ltd.) C:\Users\shannbb\AppData\Local\Temp\mgsqlite3.dll
2011-12-31 22:07 - 2011-12-31 20:02 - 003885224 _____ (Ask) C:\Users\shannbb\AppData\Local\Temp\setup.exe
2012-03-01 20:46 - 2012-04-06 13:57 - 000000460 _____ () C:\Users\shannbb\AppData\Local\Temp\tempmessage.bfg
2013-02-04 11:53 - 2013-02-04 12:09 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{60A89389-6ADA-4A60-B838-1CF9B515DAA5}-24.0.1312.57_23.0.1271.97_chrome_updater.exe
2013-03-02 09:50 - 2013-03-02 10:16 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{7657012A-6A73-48E9-AB4A-D19413D0CEA0}-25.0.1364.97_24.0.1312.57_chrome_updater.exe
2013-01-18 12:46 - 2013-01-19 10:55 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{8C668311-F7AF-4C81-8FFB-B962FC925452}-24.0.1312.52_23.0.1271.97_chrome_updater.exe
2013-01-30 20:33 - 2013-01-30 20:38 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{ACFDBBDF-C460-4711-AA17-B0F5A056173A}-24.0.1312.57_23.0.1271.97_chrome_updater.exe
2013-04-26 12:13 - 2013-04-26 12:34 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{B262865B-E237-4A4B-A2FE-C86341E2100C}-26.0.1410.64_chrome_installer.exe
2013-01-22 12:53 - 2013-01-22 13:29 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{B90DC0D3-EDE3-41B8-80BB-A3F83C708B6A}-24.0.1312.52_23.0.1271.97_chrome_updater.exe
2013-04-19 16:19 - 2013-04-19 16:19 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{DC094666-85F4-480D-9619-5FB596242F48}-26.0.1410.64_chrome_installer.exe
2013-02-25 20:12 - 2013-02-25 20:48 - 000000000 _____ () C:\Users\shannbb\AppData\Local\Temp\{E4140945-4460-4C72-97C2-32FA36C80C1B}-25.0.1364.97_24.0.1312.57_chrome_updater.exe

==================== Known DLLs (Whitelisted) =========================

C:\Windows\System32\LPK.dll IS MISSING <==== ATTENTION

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== Association (Whitelisted) =============


==================== Restore Points  =========================

Restore point date: 2013-06-04 15:19
Restore point date: 2013-06-13 19:46
Restore point date: 2013-06-21 12:11
Restore point date: 2013-06-28 11:42
Restore point date: 2013-07-12 12:39
Restore point date: 2013-07-19 12:10
Restore point date: 2013-07-27 11:59
Restore point date: 2013-08-02 12:40
Restore point date: 2013-08-12 17:14
Restore point date: 2013-09-19 07:51
Restore point date: 2013-09-19 08:09
Restore point date: 2013-09-24 10:52
Restore point date: 2013-09-25 07:17
Restore point date: 2013-09-25 07:52
Restore point date: 2013-09-25 08:25
Restore point date: 2013-09-26 10:52
Restore point date: 2013-11-19 18:24
Restore point date: 2013-11-23 06:04
Restore point date: 2014-01-01 14:09
Restore point date: 2014-01-01 16:55
Restore point date: 2014-02-19 12:38
Restore point date: 2014-02-19 12:42
Restore point date: 2014-04-09 01:08
Restore point date: 2014-04-14 20:56
Restore point date: 2014-04-20 11:40
Restore point date: 2014-04-20 20:37
Restore point date: 2014-05-13 23:05
Restore point date: 2014-05-16 01:00
Restore point date: 2014-05-16 22:41
Restore point date: 2014-05-17 23:41
Restore point date: 2017-09-07 22:09
Restore point date: 2017-09-09 07:00
Restore point date: 2017-09-11 09:28
Restore point date: 2017-09-11 17:01
Restore point date: 2017-09-12 08:37
Restore point date: 2017-09-15 21:34
Restore point date: 2017-09-18 21:15
Restore point date: 2017-09-19 06:11
Restore point date: 2018-03-26 16:11
Restore point date: 2018-03-26 21:35

==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 4003.18 MB
Available physical RAM: 3088.94 MB
Total Virtual: 4001.38 MB
Available Virtual: 3097.53 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:451.01 GB) (Free:362.76 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:14.65 GB) (Free:6.81 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:7.48 GB) (Free:7.48 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: BC6B83AC)
Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: E61D9823)
Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C)

LastRegBack: 2017-09-11 14:45

==================== End of FRST.txt ============================

I know very little about this, but I assume the issue is the missing LPK.dll?

If someone can tell me what to do from here I would greatly appreciate it.

 

Thank you



BC AdBot (Login to Remove)

 


#2 jbty92

jbty92
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 11 April 2018 - 02:33 PM

I ran a File Search for the LPK.dll, here is the result:

Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by SYSTEM (11-04-2018 22:14:15)
Running from f:\
Boot Mode: Recovery

================== Search Files: "LPK.dll" =============

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23807_none_12e50c0abe99a6f6\lpk.dll
[2017-09-09 06:54][2017-05-12 13:03] 000025600 _____ (Microsoft Corporation) 71ED0B7AB6D3CB42604A924598B06B97

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_12bbbfa4beb85d57\lpk.dll
[2017-09-09 06:51][2015-07-30 12:53] 000025600 _____ (Microsoft Corporation) FFE0FA7543E1B9B37352710BC8B9121C

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_12a807b2bec875e6\lpk.dll
[2013-11-23 00:05][2013-06-06 00:07] 000025600 _____ (Microsoft Corporation) 84CA3579EEB69D8E1EE67E4F721BF71C

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_1281c5a8bee46a0f\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_12ab04c4bec5c79d\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_12a15568beccd507\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_12c3c5c0beb2b3e2\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll
[2017-09-09 06:51][2015-07-30 12:55] 000025600 _____ (Microsoft Corporation) 9E2F12744DD9810961031C56FBB691F4

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll
[2013-11-23 00:05][2013-06-05 23:57] 000025600 _____ (Microsoft Corporation) CC23295DA8F7B5C53F93804D2F5D30EB

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_12360787a598d69a\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17991_none_11f44f93a5ca31a7\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_1216b853a5b01be6\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_123b293fa5942d6f\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
[2009-07-13 18:25][2009-07-13 20:11] 000025600 _____ (Microsoft Corporation) 384721EF4024890092625E20CADFAF85

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23807_none_089061b88a38e4fb\lpk.dll
[2017-09-09 06:54][2017-05-12 13:22] 000041472 _____ (Microsoft Corporation) F37631025EF7DD40C6BCB6F18F6055D3

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_086715528a579b5c\lpk.dll
[2017-09-09 06:51][2015-07-30 13:22] 000041984 _____ (Microsoft Corporation) 6399191EEE641F711E094B95B91DBA4B

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_08535d608a67b3eb\lpk.dll
[2013-11-23 00:05][2013-06-06 00:17] 000041472 _____ (Microsoft Corporation) 22FC61B8E1EBA296FF416C3678E26DD3

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22153_none_08565a728a6505a2\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 ____N (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_084cab168a6c130c\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 ____N (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_086f1b6e8a51f1e7\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 ____N (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll
[2017-09-09 06:51][2015-07-30 13:06] 000041984 _____ (Microsoft Corporation) 0365E7AED8A38CB5FFF1DFB4458C0593

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_07bb20dd7154003d\lpk.dll
[2013-11-23 00:05][2013-06-06 00:50] 000041472 _____ (Microsoft Corporation) 796B47A4B82EF1C39F13435B88834C48

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_07c20e01714f59eb\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 ____N (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_07e67eed71336b74\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 _____ (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[2009-07-13 18:38][2009-07-13 20:41] 000041984 _____ (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

C:\Windows\SysWOW64\lpk.dll
[2017-09-09 06:54][2017-05-12 13:03] 000025600 _____ (Microsoft Corporation) 71ED0B7AB6D3CB42604A924598B06B97

C:\Windows\System32\lpk.dll
[2017-09-09 06:54][2017-05-12 13:22] 000041472 _____ (Microsoft Corporation) F37631025EF7DD40C6BCB6F18F6055D3

X:\Windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[2010-11-20 04:50][2009-07-13 20:41] 000041984 _____ (Microsoft Corporation) D202223587518B13D72D68937B7E3F70

X:\Windows\System32\lpk.dll
[2010-11-20 04:50][2009-07-13 20:41] 000041984 _____ (Microsoft Corporation) D202223587518B13D72D68937B7E3F70


====== End of Search ======

I would really appreciate any help in fixing this, I'm not sure where to go from here. Thank you!



#3 jbty92

jbty92
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:11 AM

Posted 12 April 2018 - 02:37 PM

My understanding is that I need some kind of fixlist to solve the problem? If anyone can let me know how to go about doing this I would really appreciate it.



#4 polskamachina

polskamachina

  • Malware Response Team
  • 3,899 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:11 AM

Posted 14 April 2018 - 06:53 PM

Hi jbty92 :)
 
My name is polskamachina and I would like to :welcome: you to the Malware Removal Forum. I will be helping you with your malware issues.

What follows below are some ground rules for this forum.
 
I will reply as soon as possible (typically within 24-48 hours). In turn, I ask that you please respond within 72 hours. If you know you will be away longer than that, please let me know. I am in California at GMT-8 hours (Pacific Standard Time). If I do not respond to you within 48 hours, feel free to send me a private message.

Some points for you to keep in mind:

  • Do NOT run any tools unless instructed to do so.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine. Running any additional tools may detect false positives, interfere with our tools, cause unforeseen damage, or system instability.
  • Do not attach logs or use code boxes, just copy and paste the text into your replies to me.
  • I cannot see your computer. Periodically update me on the condition of your computer, and provide as much detail as you can in every post.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end.
  • NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a flash drive, anywhere except on the computer.
  • NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. Please remember to copy the entire post so you do not miss any instructions.

Please give me some time to review your situation and I will get back to you with further instructions.
 
Let me know if you have any questions.
 
polskamachina



#5 polskamachina

polskamachina

  • Malware Response Team
  • 3,899 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:11 AM

Posted 15 April 2018 - 02:15 AM

Hi jbty92,
 
You asked about a fixlist and you're going to get one. :)
 
You did a very good job running FRST from the Recovery Environment to generate your FRST log. You will be doing something very similar to process the fixlist.
 
Let's begin:

  • Insert your flash drive with the copy of FRST64 into your working computer
  • Download the attached file, fixlist.txt, to your flash drive into the same folder where FRST64 is located
  • The fix will not work if FRST64 and fixlist.txt are located in different folders
  • Eject the flash drive from your working computer
  • Insert your flash drive into your nonworking computer
  • Power on your nonworking computer and use the same procedure you used previously to enter the command prompt in the Recovery Environment
  • Directions to enter the command prompt are here if you need them
  • Once you arrive at the command prompt, type Notepad and press Enter
  • Notepad will open
  • Under the File menu select Open
  • Select Computer and find your flash drive letter and close Notepad
  • In the command window type e:\frst64 and press Enter
    Note: Replace letter e with the drive letter of your flash drive
  • When the tool opens click Yes to disclaimer
  • Click on Fix
  • The fix should only take a few seconds to complete
  • Exit the command prompt window after the you are notified that the Fix has completed
  • Restart your computer and see if it will boot normally
  • Whether it boots successfully or not, please copy and paste the contents of Fixlog.txt file which was created on your flash drive after your ran the fix

In summary I will need from you:

  • Fixlog.txt
  • Were you able to boot to Normal mode after running the fix?

Let me know if you have any questions.

 

polskamachina

Attached Files



#6 polskamachina

polskamachina

  • Malware Response Team
  • 3,899 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:11 AM

Posted 18 April 2018 - 10:17 PM

Hi jbty92 :)

 

It's been a while since you've checked in. Did you need any more help with this? If not, this topic will be closed in 48 hours.
 
Please let me know if you have any questions.
 
polskamachina



#7 polskamachina

polskamachina

  • Malware Response Team
  • 3,899 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:12:11 AM

Posted 21 April 2018 - 10:03 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users