When required to prove you are controlling the address listed in the alleged transaction, you provided a screenshot showing your address list.
To be fair, he did also provide a signature for address
1MTscp1WQz2QRBgpWPy2ctmiQ7zvXZPy5g, from which ~2600 coins were transfered.
This is completely inconsistent. If your hard drive was really erased, then you would:
1. Not have access to your Bitcoin client to take a screenshot of your address list.
2. Not have access to your operating system to determine how the Trojan horse was inserted.
3. Not have access to your wallet.dat file to determine how the electronic coins were redeemed.
How do you explain this?
EDIT:
The IP 178.177.115.229 from the Mt.Gox log did not relayed any transaction:
http://blockchain.info/ip-address/178.177.115.229He could have his wallet.dat backed up somewhere, and import it on a different computer. That would explain 1. and 3., at least.