Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Crash after update reboot!


  • This topic is locked This topic is locked
60 replies to this topic

#1 FlyerX

FlyerX

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 17 April 2011 - 06:26 PM

Hi!

Please i need urgent help, i was studying on my laptop when i decide to run windows update, and when the ssystem asked my for retart i clicked on it, but when it was restarting at the fowr starst that form the windows flag, it freezes, a flash bluescreen and restart

i tryed everything... commant promp, repair disk, safe mode...
and the worse thing is that i had two linux distribution in different partition, all three OS managed by grub2, i did like that precisely to avoid windows left me down with a useless computer and it happened.. windows is now so bad that doesnt even let me enter to my other OS

HELP please.. ill be here for any detail you need...

oh.. btw
the bluescreen says this:

technical information:

*** STOP: 0x0000007B (0x80786B58, 0xc000000D, 0x00000000, 0x00000000)

BC AdBot (Login to Remove)

 


#2 pip22

pip22

  • Banned
  • 341 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:19 AM

Posted 18 April 2011 - 10:23 AM

Read through this Microsoft article on the possible causes for STOP 0x0000007B:
http://support.microsoft.com/kb/324103

#3 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 12:02 PM

i need step by step help...

in the article says:
"This article describes issues that can cause this Stop error including boot sector viruses and device driver issues or hardware issues."

eliminatin the possible cuses:
-hardware is not the problem
i was able to use the other OSs but i need W7 because the programs, my studies depend of it

-viruses:
why? i even plug the lan cable to run update, anyway if virus are the case.... this is a laptop computer i have no way t take the HD of and to scan for viruses.. is there a way i could scan a windows partition looking for viruses from linux? and how do i repair? i have a another laptop with windows7 is there any system folder that i could remplace from a working system?

in toher words regarding viruses microsoft says:

You may receive a "Stop 0x0000007B" error message if your computer is infected with a boot-sector virus. If the problem is intermittent and you can start Windows, check your computer for viruses. If you find a virus, also check any floppy disks for viruses before you use them again.


the other option/case microsoft offers ther is:
Device Driver Issues

You may receive a "Stop 0x0000007B" error message in the following scenarios:

* A device driver that the computer boot controller needs is not configured to start during the startup process.
* A device driver that the computer boot controller needs is corrupted.
* Information in the Windows XP registry (information related to how the device drivers load during startup) is corrupted.

i can not start windows so wich is my option, microsoft only gave options in the case i could start it


i didnt update or change any driver.. may be the windows update? i dont think so because none of the update was driver updates, only securrity updates, ie8 security update, some framework stuff...

i dont know if this can help but when i try to star in a safe mode the system stop when loading the driver "CLASSPNP.SYS"

ant this last one cause catch my attention:

Other Issues
Other potential causes of a "Stop 0x0000007B" error message include:

* The boot volume is corrupted and cannot be initiated by Windows XP. If the file system is corrupted and if Windows XP cannot initiate the boot volume during the startup process, either move the drive to another computer that is running Windows XP and run the chkdsk command on that drive or try to create a parallel installation of Windows XP on the drive (in a separate folder). The Windows XP Setup program checks the integrity of the volume before it copies files, and it may fix some problems in the process.
* You are installing Windows XP on a mirrored boot partition that was created by Microsoft Windows NT 4.0. Windows XP does not support Windows NT 4.0 Ftdisk volume sets. If you are running Microsoft Windows 2000, you must convert all Ftdisk volume sets to dynamic volumes before you upgrade to Windows XP. If you are running Windows NT 4.0, break any mirrors and back up all the data on the stripe, the RAID5, or the extended volume sets before you upgrade to Windows XP. Ftdisk sets might not be accessible after the upgrade.


as i asked above, could copy any file or directory form a working laptop and paste it in mine?
help please

Edited by FlyerX, 18 April 2011 - 12:09 PM.


#4 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:19 AM

Posted 18 April 2011 - 04:05 PM

Hi FlyerX,

I'm going to assist you with your problem.

Please tell me if this is a Windows 7 x86 or x64 bit system.

#5 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 04:10 PM

Hi FlyerX,

I'm going to assist you with your problem.

Please tell me if this is a Windows 7 x86 or x64 bit system.


oh please SORRY "farbar" for my delay. i promise ill be here to answer you in order to make you no wait for me who need help

I'm going to assist you with your problem.


the most hopefully words i have heard in this 2 hours without sleep
THANKS AGAIN!


i have a x86 bit system

Edited by FlyerX, 18 April 2011 - 04:11 PM.


#6 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:19 AM

Posted 18 April 2011 - 04:15 PM

No worries abut the delay and you are welcome.:)

Download Farbar Recovery Scan Tool and save it to a flash drive.

Plug the flashdrive into the infected PC.

Enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Scan your computer's memory for errors.
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe and press Enter.
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.[/list]

#7 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 04:22 PM

ok coupple of minutes to go to a clean computer

#8 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:19 AM

Posted 18 April 2011 - 04:23 PM

Take your time.:)

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:19 PM

Posted 18 April 2011 - 05:09 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logss forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 05:18 PM

Hello, just letting you know I moved this topic to Here in the Virus, Trojan, Spyware, and Malware Removal Logss forum where it will stay.

Please remember to click the Watch Topic button at the top right and select Immediate Notification so you do not miss any replies now that you were moved.


ok

my friend

something wrong or weird have happened
my system is in spanish so i choose spanish but when i had to enter "\" i was not able to get it so i decide to restart to chose english so i have the keyboar din english and then i could choose \

but restarting i saw two options never seen, recovery windows startup (or repair dont remember) and star windows normally, since i never have see those two options alone and nothing else.... i decide to try and surprise! the 4 star that form the windows flag finished its animation and with a couple of flash in the screen it entered to my windows..

what happened here?

i still want to follow your steps to determine what happen here can i restart again and foloww your steps.. im scared this cold happen again!

in the same way the system got fixed it could get wrong again

what you think
can i continue with your steps?

#11 Farbar

Farbar

    Just Curious


  • Security Developer
  • 21,703 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Netherlands
  • Local time:01:19 AM

Posted 18 April 2011 - 05:26 PM

Great. :thumbsup:

No need to proceed with those steps, I should have tried the option but I thought that was already tried.

We will take it from there with other tools and check other possibilities. In case the computer becomes unbootable we have always the recovery tool to recover it.

  • Please download MBRCheck by clicking here and save it to your desktop.
    • Double click on the file to run it (Vista and Windows 7 users will have to confirm the UAC prompt).
    • A window will open on your desktop.
    • If an unknown bootcode is found you will have further options available to you, at this time press N then press Enter twice.
    • If nothing unusual is found just press Enter.
    • A .txt file named MBRCheck_mm.dd.yy_hh.mm.txt should appear on your desktop.
    • Please post the contents of that file in your next reply.
  • Please download OTL by OldTimer.
    • Save it to your desktop.
    • Double click on the OTL icon on your desktop.
    • Check the "Scan All Users" checkbox.
    • Check the "Standard Output".
    • Click Run Scan button.
    • Two reports will open, copy and paste them to your reply:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized

BTW: We might live in different time zones. I may have to sleep and see the logs tomorrow.

#12 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 06:12 PM

The "MBRCheck" report:

MBRCheck_04.18.11_18.56.14.txt

MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows 7 Professional
Windows Information: (build 7600), 32-bit
Base Board Manufacturer: Hewlett-Packard
BIOS Manufacturer: Hewlett-Packard
System Manufacturer: Hewlett-Packard
System Product Name: HP Compaq nc6400 (RJ815UC#ABA)
Logical Drives Mask: 0x0000003c

Kernel Drivers (total 197):
0x83243000 \SystemRoot\system32\ntkrnlpa.exe
0x8320C000 \SystemRoot\system32\halmacpi.dll
0x80BB3000 \SystemRoot\system32\kdcom.dll
0x87201000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x87279000 \SystemRoot\system32\PSHED.dll
0x8728A000 \SystemRoot\system32\BOOTVID.dll
0x87292000 \SystemRoot\system32\CLFS.SYS
0x872D4000 \SystemRoot\system32\CI.dll
0x8737F000 \SystemRoot\system32\drivers\Wdf01000.sys
0x873F0000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x87426000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x8746E000 \SystemRoot\system32\DRIVERS\WMILIB.SYS
0x87477000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x8747F000 \SystemRoot\system32\DRIVERS\pci.sys
0x874A9000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x874B4000 \SystemRoot\System32\drivers\partmgr.sys
0x874C5000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x874CD000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x874D8000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x874E8000 \SystemRoot\System32\drivers\volmgrx.sys
0x87533000 \SystemRoot\system32\DRIVERS\intelide.sys
0x8753A000 \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
0x87548000 \SystemRoot\system32\DRIVERS\pcmcia.sys
0x87576000 \SystemRoot\System32\drivers\mountmgr.sys
0x8758C000 \SystemRoot\system32\DRIVERS\atapi.sys
0x87595000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x875B8000 \SystemRoot\system32\DRIVERS\msahci.sys
0x875C2000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x875CB000 \SystemRoot\system32\drivers\fltmgr.sys
0x87400000 \SystemRoot\system32\drivers\fileinfo.sys
0x87616000 \SystemRoot\System32\Drivers\Ntfs.sys
0x87745000 \SystemRoot\System32\Drivers\msrpc.sys
0x87770000 \SystemRoot\System32\Drivers\ksecdd.sys
0x87783000 \SystemRoot\System32\Drivers\cng.sys
0x877E0000 \SystemRoot\System32\drivers\pcw.sys
0x877EE000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x87809000 \SystemRoot\system32\drivers\ndis.sys
0x878C0000 \SystemRoot\system32\drivers\NETIO.SYS
0x878FE000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x87A3A000 \SystemRoot\System32\drivers\tcpip.sys
0x87B83000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x87BB4000 \SystemRoot\system32\DRIVERS\vmstorfl.sys
0x87BBD000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x87A00000 \SystemRoot\System32\Drivers\spldr.sys
0x87A08000 \SystemRoot\System32\drivers\rdyboost.sys
0x87923000 \SystemRoot\System32\Drivers\mup.sys
0x87933000 \SystemRoot\System32\drivers\hwpolicy.sys
0x8793B000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x8796D000 \SystemRoot\system32\DRIVERS\disk.sys
0x8797E000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x879D6000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x8C807000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0x8C844000 \SystemRoot\System32\Drivers\Null.SYS
0x8C84B000 \SystemRoot\System32\Drivers\Beep.SYS
0x8C852000 \SystemRoot\System32\drivers\vga.sys
0x8C85E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x8C87F000 \SystemRoot\System32\drivers\watchdog.sys
0x8C88C000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x8C894000 \SystemRoot\system32\drivers\rdpencdd.sys
0x8C89C000 \SystemRoot\system32\drivers\rdprefmp.sys
0x8C8A4000 \SystemRoot\System32\Drivers\Msfs.SYS
0x8C8AF000 \SystemRoot\System32\Drivers\Npfs.SYS
0x8C8BD000 \SystemRoot\system32\DRIVERS\tdx.sys
0x8C8D4000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x8C8DF000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0x8C8EA000 \SystemRoot\system32\drivers\afd.sys
0x8C944000 \SystemRoot\System32\DRIVERS\netbt.sys
0x8C976000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x8C97D000 \SystemRoot\system32\DRIVERS\pacer.sys
0x8C99C000 \SystemRoot\system32\DRIVERS\inspect.sys
0x8C9B2000 \SystemRoot\system32\DRIVERS\netbios.sys
0x8C9DA000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x8C9ED000 \SystemRoot\system32\DRIVERS\termdd.sys
0x8C800000 \SystemRoot\system32\DRIVERS\ssmdrv.sys
0x8C214000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x8C255000 \SystemRoot\system32\drivers\nsiproxy.sys
0x8C25F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x8C269000 \SystemRoot\System32\drivers\discache.sys
0x8C275000 \SystemRoot\system32\drivers\csc.sys
0x8C2D9000 \SystemRoot\System32\Drivers\dfsc.sys
0x8C2F1000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x8C2FF000 \SystemRoot\system32\DRIVERS\avipbb.sys
0x8C321000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x8C342000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x8CE19000 \SystemRoot\system32\DRIVERS\igdkmd32.sys
0x8D322000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x8C354000 \SystemRoot\System32\drivers\dxgmms1.sys
0x8D3D9000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x8C38D000 \SystemRoot\system32\DRIVERS\b57nd60x.sys
0x8DA39000 \SystemRoot\system32\DRIVERS\netw5v32.sys
0x8DE4C000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0x8DE57000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x8DEA2000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x8DEB1000 \SystemRoot\system32\DRIVERS\parport.sys
0x8DEC9000 \SystemRoot\system32\drivers\tpm.sys
0x8DED5000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x8DEED000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x8DEFA000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x8DF07000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x8DF0D000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x8DF11000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x8DF1A000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x8DF27000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x8DF39000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x8DF51000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x8DF5C000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x8DF7E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x8DF96000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x8DFAD000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x8DFC4000 \SystemRoot\system32\DRIVERS\rdpbus.sys
0x8DFCE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x8DA00000 \SystemRoot\system32\DRIVERS\ks.sys
0x8DFD0000 \SystemRoot\system32\DRIVERS\umbus.sys
0x90804000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x90848000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x90859000 \SystemRoot\system32\drivers\ADIHdAud.sys
0x908A9000 \SystemRoot\system32\drivers\portcls.sys
0x908D8000 \SystemRoot\system32\drivers\drmk.sys
0x908F1000 \SystemRoot\system32\DRIVERS\AGRSM.sys
0x909F7000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x8DFDE000 \SystemRoot\system32\drivers\modem.sys
0x95260000 \SystemRoot\System32\win32k.sys
0x8DFEB000 \SystemRoot\System32\drivers\Dxapi.sys
0x8CE00000 \SystemRoot\System32\Drivers\crashdmp.sys
0x8DFF5000 \SystemRoot\System32\Drivers\dump_dumpata.sys
0x8CE0D000 \SystemRoot\System32\Drivers\dump_msahci.sys
0x8C3C9000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x8C3DA000 \SystemRoot\system32\DRIVERS\monitor.sys
0x954C0000 \SystemRoot\System32\TSDDD.dll
0x954F0000 \SystemRoot\System32\cdd.dll
0x8C3E5000 \SystemRoot\system32\drivers\luafv.sys
0x8C9C0000 \SystemRoot\system32\DRIVERS\avgntflt.sys
0x879A3000 \SystemRoot\system32\drivers\WudfPf.sys
0x8BC2A000 \SystemRoot\system32\DRIVERS\irda.sys
0x8BC48000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x8BC58000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x8BC9E000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x8BCAE000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x8BCC1000 \SystemRoot\system32\drivers\HTTP.sys
0x8BD46000 \SystemRoot\system32\DRIVERS\bowser.sys
0x8BD5F000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x8BD82000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x8BDBD000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x8BDD8000 \SystemRoot\system32\DRIVERS\parvdm.sys
0x96A3D000 \SystemRoot\system32\drivers\peauth.sys
0x96AD4000 \??\C:\Windows\system32\drivers\ScFBPNT.SYS
0x96AD7000 \SystemRoot\System32\Drivers\secdrv.SYS
0x96AE1000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x96B02000 \SystemRoot\System32\drivers\tcpipreg.sys
0x96B0F000 \SystemRoot\System32\DRIVERS\srv2.sys
0x96B5E000 \SystemRoot\System32\DRIVERS\srv.sys
0xAA66C000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xAA683000 \SystemRoot\System32\Drivers\fastfat.SYS
0xAA6AD000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0xAA6CE000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xAA6D9000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xAA6EC000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xAA6F3000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x77A10000 \Windows\System32\ntdll.dll
0x48350000 \Windows\System32\smss.exe
0x77C50000 \Windows\System32\apisetschema.dll
0x00E20000 \Windows\System32\autochk.exe
0x77BF0000 \Windows\System32\gdi32.dll
0x77BD0000 \Windows\System32\sechost.dll
0x77810000 \Windows\System32\iertutil.dll
0x776B0000 \Windows\System32\ole32.dll
0x77570000 \Windows\System32\urlmon.dll
0x774D0000 \Windows\System32\usp10.dll
0x77400000 \Windows\System32\user32.dll
0x77300000 \Windows\System32\wininet.dll
0x77B90000 \Windows\System32\ws2_32.dll
0x77270000 \Windows\System32\oleaut32.dll
0x77220000 \Windows\System32\Wldap32.dll
0x765D0000 \Windows\System32\shell32.dll
0x76570000 \Windows\System32\difxapi.dll
0x764C0000 \Windows\System32\rpcrt4.dll
0x76320000 \Windows\System32\setupapi.dll
0x76280000 \Windows\System32\advapi32.dll
0x77B80000 \Windows\System32\normaliz.dll
0x761A0000 \Windows\System32\kernel32.dll
0x76120000 \Windows\System32\comdlg32.dll
0x76050000 \Windows\System32\msctf.dll
0x75FA0000 \Windows\System32\msvcrt.dll
0x77B70000 \Windows\System32\nsi.dll
0x77B50000 \Windows\System32\imm32.dll
0x75F40000 \Windows\System32\shlwapi.dll
0x75EB0000 \Windows\System32\clbcatq.dll
0x75EA0000 \Windows\System32\psapi.dll
0x75E90000 \Windows\System32\lpk.dll
0x75E60000 \Windows\System32\imagehlp.dll
0x75DD0000 \Windows\System32\comctl32.dll
0x75DA0000 \Windows\System32\wintrust.dll
0x75C80000 \Windows\System32\crypt32.dll
0x75C50000 \Windows\System32\cfgmgr32.dll
0x75C00000 \Windows\System32\KernelBase.dll
0x75BE0000 \Windows\System32\devobj.dll
0x75BD0000 \Windows\System32\msasn1.dll

Processes (total 40):
0 System Idle Process
4 System
292 C:\Windows\System32\smss.exe
400 csrss.exe
452 C:\Windows\System32\wininit.exe
460 csrss.exe
508 C:\Windows\System32\services.exe
540 C:\Windows\System32\lsass.exe
548 C:\Windows\System32\lsm.exe
556 C:\Windows\System32\winlogon.exe
684 C:\Windows\System32\svchost.exe
780 C:\Windows\System32\svchost.exe
856 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
928 C:\Windows\System32\svchost.exe
992 C:\Windows\System32\svchost.exe
1036 C:\Windows\System32\svchost.exe
1068 C:\Windows\System32\svchost.exe
1248 C:\Windows\System32\svchost.exe
1608 C:\Windows\System32\spoolsv.exe
1676 C:\Program Files\Avira\AntiVir Desktop\sched.exe
1716 C:\Windows\System32\svchost.exe
1792 C:\Windows\System32\AEADISRV.EXE
1444 C:\Windows\System32\svchost.exe
632 C:\Windows\System32\svchost.exe
416 C:\Windows\System32\SearchIndexer.exe
1376 C:\Windows\System32\SearchProtocolHost.exe
1960 C:\Windows\System32\dwm.exe
1168 C:\Windows\explorer.exe
2096 C:\Windows\System32\taskhost.exe
2228 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
2244 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
2256 C:\Program Files\Analog Devices\Core\smax4pnp.exe
2264 C:\Windows\System32\hkcmd.exe
2968 WUDFHost.exe
3644 C:\Windows\System32\igfxsrvc.exe
3264 C:\Windows\System32\SearchFilterHost.exe
3312 C:\Windows\System32\audiodg.exe
3452 C:\Users\RONY\Desktop\MBRCheck.exe
3448 C:\Windows\System32\conhost.exe
3548 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`06500000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000000f`bf700000 (NTFS)

PhysicalDrive0 Model Number: FUJITSUMHW2080BHPL, Rev: 891F

Size Device Name MBR Status
--------------------------------------------
74 GB \\.\PhysicalDrive0 Unknown MBR code
SHA1: 51674214071B43C2E7A2F309DC222540CF033851


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

#13 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 06:14 PM

The "OTL" report:

OTL.Txt

OTL logfile created on: 4/18/2011 6:59:19 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\RONY\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Estados Unidos | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 431.00 Mb Available Physical Memory | 42.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): c:\pagefile.sys 2200 2200 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.89 Gb Total Space | 16.96 Gb Free Space | 26.97% Space Free | Partition Type: NTFS
Drive D: | 5.58 Gb Total Space | 5.38 Gb Free Space | 96.47% Space Free | Partition Type: NTFS
Drive F: | 243.98 Mb Total Space | 242.61 Mb Free Space | 99.43% Space Free | Partition Type: FAT32

Computer Name: RONY-PC | User Name: RONY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/04/18 18:57:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RONY\Desktop\OTL.exe
PRC - [2011/01/19 12:10:21 | 002,548,552 | ---- | M] (COMODO) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/19 12:09:42 | 001,803,224 | ---- | M] (COMODO) -- C:\Archivos de programa\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2010/03/02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Archivos de programa\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Archivos de programa\Avira\AntiVir Desktop\sched.exe
PRC - [2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/07/13 21:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007/02/06 11:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEADISRV.EXE


========== Modules (SafeList) ==========

MOD - [2011/04/18 18:57:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RONY\Desktop\OTL.exe
MOD - [2011/01/16 14:20:30 | 000,285,480 | ---- | M] (COMODO) -- C:\Windows\System32\guard32.dll
MOD - [2010/08/21 01:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/01/19 12:09:42 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2010/04/01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010/02/24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009/07/13 21:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Archivos de programa\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/02/06 11:44:24 | 000,069,632 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEADISRV.EXE -- (AEADIFilters)


========== Driver Services (SafeList) ==========

DRV - [2011/01/16 14:20:25 | 000,080,064 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011/01/16 14:20:23 | 000,035,768 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/16 14:20:22 | 000,236,600 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2010/10/31 07:57:40 | 000,032,936 | ---- | M] (Argotronic UG (haftungsbeschraenkt)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ArgusMonitor.sys -- (ArgusMonitor)
DRV - [2010/03/01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010/02/16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009/12/03 16:48:44 | 000,625,224 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV - [2009/07/13 21:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 21:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 21:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2009/07/13 19:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 19:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 19:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 19:12:52 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tpm.sys -- (TPM)
DRV - [2009/07/13 18:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Controlador del adaptador Intel®
DRV - [2009/05/11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/12/04 17:10:30 | 000,016,640 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2007/04/25 13:32:42 | 000,031,232 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smscirda.sys -- (SMSCIRDA)
DRV - [2000/02/08 10:33:28 | 000,016,288 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SCFBPNT.SYS -- (ScFBPNT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========



IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://latino.msn.com/
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = es-us
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 02 1F 6A 7E 31 C9 CB 01 [binary data]
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-3188878607-3264248191-2653177-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 133.11.240.56:3128

========== FireFox ==========


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/03/25 20:07:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.16\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/03/25 20:07:43 | 000,000,000 | ---D | M]

[2010/12/01 11:37:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RONY\AppData\Roaming\mozilla\Extensions
[2011/03/25 09:08:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\RONY\AppData\Roaming\mozilla\Firefox\Profiles\2xlxzimp.default\extensions
[2011/03/25 20:07:44 | 000,000,000 | ---D | M] (No name found) -- C:\Archivos de programa\Mozilla Firefox\extensions
[2010/12/28 18:29:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Archivos de programa\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) --
[2010/12/28 18:29:00 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Archivos de programa\Mozilla Firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2009/06/10 17:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [C:\Program Files\Free Video Zilla\FVZilla.exe] File not found
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [Emurayden PSX Emulator] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: E&xportar a Microsoft Excel - C:\Archivos de programa\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Archivos de programa\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.1 196.3.81.5 200.88.127.22
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Archivos de programa\Common Files\microsoft shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Archivos de programa\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Archivos de programa\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Archivos de programa\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Archivos de programa\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Archivos de programa\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/04/18 18:58:32 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\RONY\Desktop\OTL.exe
[2011/04/04 21:34:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang
[2011/04/04 21:34:34 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe
[2011/04/04 19:53:39 | 000,000,000 | ---D | C] -- C:\Intel
[2011/03/30 19:24:16 | 000,000,000 | ---D | C] -- C:\Users\RONY\AppData\Roaming\PrimoPDF
[2011/03/30 19:15:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrimoPDF
[2011/03/30 19:15:00 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Nitro PDF
[2011/03/25 20:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011/03/22 20:30:17 | 000,000,000 | ---D | C] -- C:\Users\RONY\Documents\GTA Vice City User Files
[2011/03/22 18:50:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/03/22 18:49:23 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iPod
[2011/03/22 18:49:22 | 000,000,000 | ---D | C] -- C:\Archivos de programa\iTunes
[2011/03/22 18:48:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011/03/22 18:48:05 | 000,000,000 | ---D | C] -- C:\Archivos de programa\QuickTime
[2011/03/22 18:47:49 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Apple Software Update
[2011/03/22 18:47:08 | 000,000,000 | ---D | C] -- C:\Archivos de programa\Bonjour
[2011/03/22 18:14:07 | 000,000,000 | ---D | C] -- C:\Archivos de programa\InstallShield Installation Information
[2011/03/22 17:28:14 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/03/22 17:28:14 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/03/22 17:28:12 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2011/03/22 17:28:12 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2011/03/22 17:28:12 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2011/03/22 17:28:12 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

========== Files - Modified Within 30 Days ==========

[2011/04/18 18:57:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\RONY\Desktop\OTL.exe
[2011/04/18 18:48:28 | 000,703,778 | ---- | M] () -- C:\Windows\System32\perfh00A.dat
[2011/04/18 18:48:28 | 000,626,332 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/04/18 18:48:28 | 000,137,792 | ---- | M] () -- C:\Windows\System32\perfc00A.dat
[2011/04/18 18:48:28 | 000,107,118 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/04/18 18:47:42 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 18:47:42 | 000,020,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/04/18 18:45:36 | 000,080,384 | ---- | M] () -- C:\Users\RONY\Desktop\MBRCheck.exe
[2011/04/18 18:40:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/04/18 18:40:20 | 798,564,352 | -HS- | M] () -- C:\hiberfil.sys
[2011/04/15 22:06:27 | 000,000,564 | ---- | M] () -- C:\Users\RONY\Documents\My Sharing Folders.lnk
[2011/04/15 19:21:41 | 000,094,720 | ---- | M] () -- C:\Users\RONY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/14 10:49:10 | 022,661,808 | ---- | M] () -- C:\Users\RONY\Desktop\Duran_Duran_-_Ordinary_World.avi
[2011/04/08 22:05:05 | 000,000,438 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2011/03/30 19:15:02 | 000,000,314 | ---- | M] () -- C:\Windows\primopdf.ini
[2011/03/25 20:07:46 | 000,001,884 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/22 18:14:01 | 000,054,156 | -H-- | M] () -- C:\Windows\QTFont.qfn
[2011/03/22 18:14:01 | 000,001,409 | ---- | M] () -- C:\Windows\QTFont.for
[2011/03/22 17:32:11 | 000,000,129 | ---- | M] () -- C:\Windows\System32\MRT.INI
[2011/03/21 22:54:23 | 000,000,908 | ---- | M] () -- C:\Users\RONY\Desktop\My Documents (in WD).lnk
[2011/03/20 12:07:16 | 000,110,269 | ---- | M] () -- C:\Users\RONY\comprar mas ferreteria popular.JPG

========== Files Created - No Company Name ==========

[2011/04/18 18:47:53 | 000,080,384 | ---- | C] () -- C:\Users\RONY\Desktop\MBRCheck.exe
[2011/04/17 11:56:43 | 022,661,808 | ---- | C] () -- C:\Users\RONY\Desktop\Duran_Duran_-_Ordinary_World.avi
[2011/03/30 19:15:15 | 000,180,624 | ---- | C] () -- C:\Windows\System32\Primomonnt.dll
[2011/03/25 20:07:46 | 000,001,884 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011/03/22 18:47:49 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011/03/22 18:13:35 | 000,054,156 | -H-- | C] () -- C:\Windows\QTFont.qfn
[2011/03/22 18:13:35 | 000,001,409 | ---- | C] () -- C:\Windows\QTFont.for
[2011/03/20 09:16:00 | 000,110,269 | ---- | C] () -- C:\Users\RONY\comprar mas ferreteria popular.JPG
[2011/03/04 21:41:29 | 000,055,808 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2011/02/15 20:08:34 | 000,000,129 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2011/02/10 00:03:48 | 000,000,314 | ---- | C] () -- C:\Windows\primopdf.ini
[2011/01/23 11:17:42 | 000,016,288 | ---- | C] () -- C:\Windows\System32\drivers\SCFBPNT.SYS
[2010/12/26 14:03:50 | 000,000,438 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010/12/26 14:03:50 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2040.DAT
[2010/12/06 13:59:03 | 000,000,094 | ---- | C] () -- C:\Windows\family.ini
[2010/12/02 22:18:14 | 000,094,720 | ---- | C] () -- C:\Users\RONY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/12/01 13:49:09 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/12/02 19:39:02 | 020,317,504 | ---- | C] () -- C:\Windows\System32\TrueSuiteCoInst02020000.dll
[2009/07/14 04:48:37 | 000,703,778 | ---- | C] () -- C:\Windows\System32\perfh00A.dat
[2009/07/14 04:48:37 | 000,341,432 | ---- | C] () -- C:\Windows\System32\perfi00A.dat
[2009/07/14 04:48:37 | 000,137,792 | ---- | C] () -- C:\Windows\System32\perfc00A.dat
[2009/07/14 04:48:37 | 000,041,390 | ---- | C] () -- C:\Windows\System32\perfd00A.dat
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 00:33:53 | 000,285,736 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,626,332 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,107,118 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys

< End of report >

#14 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 06:16 PM

The "Extras" report:

Extras.Txt

OTL Extras logfile created on: 4/18/2011 6:59:19 PM - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\RONY\Desktop
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Estados Unidos | Language: ENU | Date Format: M/d/yyyy

1,015.00 Mb Total Physical Memory | 431.00 Mb Available Physical Memory | 42.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 80.00% Paging File free
Paging file location(s): c:\pagefile.sys 2200 2200 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 62.89 Gb Total Space | 16.96 Gb Free Space | 26.97% Space Free | Partition Type: NTFS
Drive D: | 5.58 Gb Total Space | 5.38 Gb Free Space | 96.47% Space Free | Partition Type: NTFS
Drive F: | 243.98 Mb Total Space | 242.61 Mb Free Space | 99.43% Space Free | Partition Type: FAT32

Computer Name: RONY-PC | User Name: RONY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 2.0.Browse] -- "C:\Program Files\ACD Systems\ACDSee Pro\2.0\ACDSeeQVPro2.exe" "%1" (ACD Systems)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Free Video Zilla\FVZilla.exe" = C:\Program Files\Free Video Zilla\FVZilla.exe:*:Enabled:FVZilla -- ()


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{184E7118-0295-43C4-B72C-1D54AA75AAF7}" = Windows Live Mail
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java™ 6 Update 23
"{293C9DF5-7669-4826-BBB2-E1F182D71034}" = Nero 7 Ultra Edition
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{308B6AEA-DE50-4666-996D-0FA461719D6B}" = Apple Mobile Device Support
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AAC95F4-A30E-4EE5-A086-6F79581D0D70}" = ACDSee Pro 2
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{571700F0-DB9D-4B3A-B03D-35A14BB5939F}" = Windows Live Messenger
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{90280C0A-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional con FrontPage
"{95B012AD-3A4A-31D7-9167-5D07D2A71F47}" = Microsoft .NET Framework 4 Client Profile ESN Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.1
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{CC6B1BB4-4E06-4A5B-A166-B371B551324B}" = COMODO Internet Security
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{E6C44758-FF49-47D1-8182-65E3818ACE23}" = AuthenTec TrueSuite
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{FAE36873-1941-4076-A9A5-48812B5EA0B7}" = iTunes
"{FD6034A3-655C-49F0-B496-D4CBFD74D7A7}" = Palm Desktop by ACCESS
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AIMP2" = AIMP2
"AIMP2at" = AIMP2: Audio Tools
"ArgusMonitor" = ArgusMonitor
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVS Video Editor_is1" = AVS Video Editor 5
"AVS Video Recorder_is1" = AVS Video Recorder 2.4
"Crystal Player" = Crystal Player Professional 1.98
"DivX Setup.divx.com" = DivX Setup
"Flight Simulator 9.0" = Microsoft Flight Simulator 2004 A Century of Flight
"FLV Player" = FLV Player 2.0 (build 25)
"Free Video Zilla_is1" = Free Video Zilla
"Halo Trial" = Microsoft Halo Trial
"HDMI" = Intel® Graphics Media Accelerator Driver
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile ESN Language Pack" = Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN
"Mozilla Firefox (3.6.16)" = Mozilla Firefox (3.6.16)
"Opera 11.01.1190" = Opera 11.01
"PowerArchiver" = PowerArchiver
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"ScanCraft CS-P" = ScanCraft CS-P
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/7/2011 2:07:03 AM | Computer Name = RONY-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: ACDSeePro2.exe, versión: 2.0.238.0,
marca de tiempo: 0x47422e04 Nombre del módulo con errores: ntdll.dll, versión: 6.1.7600.16695,
marca de tiempo: 0x4cc7ab44 Código de excepción: 0xc0000005 Desplazamiento de errores:
0x0002fa7b Id. del proceso con errores: 0x15f8 Hora de inicio de la aplicación con
errores: 0x01cbf4ce99482cdb Ruta de acceso de la aplicación con errores: C:\Program
Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe Ruta de acceso del módulo con errores:
C:\Windows\SYSTEM32\ntdll.dll Id. del informe: 4142a907-60dd-11e0-92f1-0090d03fb035

Error - 4/7/2011 2:07:28 AM | Computer Name = RONY-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: ACDSeePro2.exe, versión: 2.0.238.0,
marca de tiempo: 0x47422e04 Nombre del módulo con errores: ACDSeePro2.exe, versión:
2.0.238.0, marca de tiempo: 0x47422e04 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x00652ac0 Id. del proceso con errores: 0x15f8 Hora de inicio de la aplicación
con errores: 0x01cbf4ce99482cdb Ruta de acceso de la aplicación con errores: C:\Program
Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe Ruta de acceso del módulo con errores:
C:\Program Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe Id. del informe: 5037c469-60dd-11e0-92f1-0090d03fb035

Error - 4/15/2011 6:53:57 PM | Computer Name = RONY-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: ACDSeePro2.exe, versión: 2.0.238.0,
marca de tiempo: 0x47422e04 Nombre del módulo con errores: ACDSeePro2.exe, versión:
2.0.238.0, marca de tiempo: 0x47422e04 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x0007fb6f Id. del proceso con errores: 0x2a4 Hora de inicio de la aplicación
con errores: 0x01cbfbbf9d6397cb Ruta de acceso de la aplicación con errores: C:\Program
Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe Ruta de acceso del módulo con errores:
C:\Program Files\ACD Systems\ACDSee Pro\2.0\ACDSeePro2.exe Id. del informe: 3e6cc653-67b3-11e0-b063-001b77927bd8

Error - 4/16/2011 12:45:01 AM | Computer Name = RONY-PC | Source = Application Hang | ID = 1002
Description = El programa WINWORD.EXE, versión 10.0.2627.0, dejó de interactuar
con Windows y se cerró. Para ver si hay más información disponible acerca del problema,
compruebe el historial de problemas en el panel de control Centro de actividades.

Identificador
de proceso: d58 Hora de inicio: 01cbfbef0ba4683f Hora de finalización: 16 Ruta de
acceso de la aplicación: C:\Program Files\Microsoft Office\Office10\WINWORD.EXE Identificador
de informe: 24d0cbc1-67e4-11e0-a151-001b3836fa80

Error - 4/16/2011 3:37:47 PM | Computer Name = RONY-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: NMIndexStoreSvr.exe, versión:
2.0.13.0, marca de tiempo: 0x4649d497 Nombre del módulo con errores: NMIndexStoreSvr.exe,
versión: 2.0.13.0, marca de tiempo: 0x4649d497 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x0001fbde Id. del proceso con errores: 0xd24 Hora de inicio de la aplicación
con errores: 0x01cbfc6dc0e183ee Ruta de acceso de la aplicación con errores: C:\Program
Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe Ruta de acceso del módulo con errores:
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe Id. del informe: 0145209e-6861-11e0-a151-001b3836fa80

Error - 4/16/2011 3:39:28 PM | Computer Name = RONY-PC | Source = Application Error | ID = 1000
Description = Nombre de la aplicación con errores: NMIndexStoreSvr.exe, versión:
2.0.13.0, marca de tiempo: 0x4649d497 Nombre del módulo con errores: NMIndexStoreSvr.exe,
versión: 2.0.13.0, marca de tiempo: 0x4649d497 Código de excepción: 0xc0000005 Desplazamiento
de errores: 0x0001fbde Id. del proceso con errores: 0xdc8 Hora de inicio de la aplicación
con errores: 0x01cbfc6de22f2c33 Ruta de acceso de la aplicación con errores: C:\Program
Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe Ruta de acceso del módulo con errores:
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe Id. del informe: 3d499a57-6861-11e0-a151-001b3836fa80

Error - 4/18/2011 6:05:22 PM | Computer Name = RONY-PC | Source = Avira AntiVir | ID = 4110
Description = An unknown error occurred during init of the engine! Returned error
code: 0x35

Error - 4/18/2011 6:05:22 PM | Computer Name = RONY-PC | Source = Avira AntiVir | ID = 4117
Description = The keyfile contains no valid license. The service will be stopped!

Error - 4/18/2011 6:40:38 PM | Computer Name = RONY-PC | Source = Avira AntiVir | ID = 4110
Description = An unknown error occurred during init of the engine! Returned error
code: 0x35

Error - 4/18/2011 6:40:38 PM | Computer Name = RONY-PC | Source = Avira AntiVir | ID = 4117
Description = The keyfile contains no valid license. The service will be stopped!

[ System Events ]
Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2509553).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2507618).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad acumulativa de Internet Explorer 8
para Windows 7 (KB2497640).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para .NET Framework 3.5.1 en Windows
7 x86 (KB2446709).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2506223).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2491683).

Error - 4/18/2011 6:08:16 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización para Windows 7 (KB2511250).

Error - 4/18/2011 6:08:21 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2503658).

Error - 4/18/2011 6:08:21 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2506212).

Error - 4/18/2011 6:08:21 PM | Computer Name = RONY-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Error de instalación: error de Windows al instalar la siguiente actualización,
error 0x80242016: Actualización de seguridad para Windows 7 (KB2511455).


< End of report >

#15 FlyerX

FlyerX
  • Topic Starter

  • Members
  • 134 posts
  • OFFLINE
  •  
  • Local time:06:19 PM

Posted 18 April 2011 - 06:18 PM

hi!

there you got the three reports!

i see there are problems on the boot




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users