Inactive-A Windows XP completely broken

Status
Not open for further replies.
E

esxuu

Hey guys,
My laptop is absolutely brain dead. I don't know what is wrong with it. It was running slow for a couple of weeks, and today I deleted the temp files, and it ran perfectly, but after restarting it went completely haywire, it got hung up on running start up scripts for about twenty minutes, I then tried rebooting into last working settings. That did boot in, so I ran msconfig to disable startup programs. But that went wrong, even though I was logged in as admin, it didn't let me. I then started navigating on chrome and it suddenly froze up again, but the mouse pointer was still moving.What the hell is going on??
When I boot in safe mode it is slow at the login screen...
It's only booting into safe mode, last working settings hangs too
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

===============================

Run this tool from safe mode....

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
Hey, seen as I have to boot into safe mode, and in safe mode my wireless adapter doesn't work for some reason, should I download it onto my phone and then transfer it to the laptop?
 
I ran them from an external hard drive, not C: drive if that makes a difference.
 

Attachments

  • Addition.txt
    30.2 KB · Views: 6
  • FRST.txt
    36.6 KB · Views: 1
Please observe forum rules...
All logs have to be pasted not attached.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-04-2014
Ran by UA43931 (administrator) on V0065191 on 12-04-2014 18:10:52
Running from G:\
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link for 64-Bit Version: https://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST:

==================== Processes (Whitelisted) =================

() C:\Program Files\seguridad\rto\IBM\rtosesflow.exe
() C:\Program Files\Vintegris\VinPassLogout\VinPassLogout.exe
(Citrix Systems, Inc.) C:\Program Files\Citrix\ICA Client\ssonsvr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSConfig] - C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [169984 2008-04-14] (Microsoft Corporation)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\rtonotify: C:\Program Files\seguridad\rto\IBM\rtonotify.dll ()
Winlogon\Notify\VinPassLogout: C:\Program Files\Vintegris\VinPassLogout\DLLVinLogout.dll ()
HKLM\...\Policies\Explorer: [NoMSAppLogo5ChannelNotify] 0
HKLM\...\Policies\Explorer: [NoToolbarCustomize] 0
HKLM\...\Policies\Explorer: [NoBandCustomize] 0
HKLM\...\Policies\Explorer: [NoWelcomeScreen] 1
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Home] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Fullscreen] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Tools] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Print] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Edit] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Cut] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Copy] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Paste] 0
HKU\.DEFAULT\...\Policies\Explorer: [Btn_Encoding] 0
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [NoSimpleStartMenu] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [SpecifyDefaultButtons] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Back] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Forward] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Stop] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Refresh] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Home] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Search] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Favorites] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_History] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Folders] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Fullscreen] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Tools] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_MailNews] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Size] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Print] 1
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Edit] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Discussions] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Cut] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Copy] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Paste] 2
HKU\S-1-5-21-1292428093-343818398-839522115-29857\...\Policies\Explorer: [Btn_Encoding] 2
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\FixExcel2010XP.cmd ()
Startup: C:\Documents and Settings\Default User\Start Menu\Programs\Startup\FixExcel2010XP.cmd ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://intranetbbva.es.igrupobbva/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.snapdo.com/?publisher=S...ype=ds&q={searchTerms}&installDate=13/04/2013
BHO: CSignonExplorerBHO Object - {118589B1-A016-4FC4-AB36-02EEE550CA9A} - C:\WINDOWS\system32\SignonBuHO.dll (Vintegris S.L.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll No File
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1361000746125
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
Winsock: Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\UA43931.BBVA.002\Application Data\Mozilla\Firefox\Profiles\snvolgxe.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\WINDOWS\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.1 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\drae.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-es.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-es.xml
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-22]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-07-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (backgroundPage) - C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-03-24]
CHR Extension: (Google Wallet) - C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-06]
CHR HKLM\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Documents and Settings\ua43931\Local Settings\Application Data\Torch\Plugins\TorchPlugin.crx [2014-02-06]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx [2013-10-09]

========================== Services (Whitelisted) =================

S2 6to4; C:\WINDOWS\System32\6to4svc.dll [100352 2008-04-14] (Microsoft Corporation)
S4 AVGIDSAgent; D:\Program Files\AVG\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
S4 avgwd; D:\Program Files\AVG\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S4 BlackICE; C:\Archivos de programa\ISS\issSensors\DesktopProtection\blackd.exe [851968 2004-03-16] (Internet Security Systems, Inc.)
S4 dsNcService; C:\Program Files\Juniper Networks\Common Files\dsNcService.exe [669040 2011-04-25] (Juniper Networks)
S4 EPA_GPO_PMService; C:\WINDOWS\system32\PMService.exe [81920 2005-01-21] (TerraNovum)
S2 Iprip; C:\WINDOWS\System32\iprip.dll [35328 2008-04-14] (Microsoft Corporation)
S4 JavaQuickStarterService; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [161664 2012-05-04] (Oracle Corporation)
S4 JuniperAccessService; C:\Program Files\Common Files\Juniper Networks\JUNS\dsAccessService.exe [198000 2011-04-25] (Juniper Networks, Inc.)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
S2 McAfeeEngineService; C:\Program Files\Network Associates\VirusScan\EngineServer.exe [22816 2010-10-22] (McAfee, Inc.)
S2 McAfeeFramework; C:\Program Files\Network Associates\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
S2 McShield; C:\Program Files\Network Associates\VirusScan\Mcshield.exe [147984 2010-10-22] (McAfee, Inc.)
S2 McTaskManager; C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe [66880 2010-10-22] (McAfee, Inc.)
S2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [69192 2010-10-22] (McAfee, Inc.)
S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-14] (Microsoft Corporation)
S4 PCToolsSSDMonitorSvc; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools)
S4 RapApp; C:\Archivos de programa\ISS\issSensors\DesktopProtection\RapApp.exe [688128 2003-06-20] (Internet Security Systems, Inc.)
S4 rtofirewall; C:\Program Files\seguridad\rto\IBM\rtofirewallsvc.exe [93184 2011-02-18] ()
S4 RtoSecStart; C:\Program Files\seguridad\rto\IBM\rtosecstartsrv.exe [86016 2011-02-18] ()
S4 RtoSysLog; C:\Program Files\seguridad\rto\IBM\rtosyslogservice.exe [145408 2011-02-18] ()
S4 rtousb; C:\Program Files\seguridad\rto\IBM\rtousbservice.exe [90624 2011-02-18] ()
S4 S24EventMonitor; C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [915728 2010-12-23] (Intel(R) Corporation)
S4 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282709 2011-05-27] (IDT, Inc.)
S4 tunnelguardservice; C:\Program Files\Nortel Networks\TunnelGuard\CueAgent_srv.exe [53248 2003-10-03] (Alexandria Software Consulting)
S4 WLANKEEPER; C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [375056 2010-12-23] (Intel(R) Corporation)
S4 WMCoreService; C:\Program Files\Ericsson\Mobile Broadband Drivers\WMCore\WMCore.exe [842280 2011-03-03] (Ericsson AB)

==================== Drivers (Whitelisted) ====================

S3 AESTAud; C:\WINDOWS\System32\drivers\AESTAud.sys [113664 2009-04-21] (Andrea Electronics Corporation)
S3 AtiHDAudioService; C:\WINDOWS\System32\drivers\AtihdXP3.sys [101392 2011-03-30] (Advanced Micro Devices)
S1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
S1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S4 black; C:\WINDOWS\System32\drivers\BlackDrv.sys [228837 2004-04-09] (Internet Security Systems, Inc.)
S3 btaudio; C:\WINDOWS\System32\drivers\btaudio.sys [556200 2009-11-18] (Broadcom Corporation.)
S3 BTDriver; C:\WINDOWS\System32\DRIVERS\btport.sys [37160 2010-01-14] (Broadcom Corporation.)
S3 BTKRNL; C:\WINDOWS\System32\DRIVERS\btkrnl.sys [932136 2010-07-23] (Broadcom Corporation.)
S3 BTWDNDIS; C:\WINDOWS\System32\DRIVERS\btwdndis.sys [118440 2009-11-18] (Broadcom Corporation.)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [51752 2010-07-23] (Broadcom Corporation.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 dsNcAdpt; C:\WINDOWS\System32\DRIVERS\dsNcAdpt.sys [26624 2011-04-25] (Juniper Networks)
R3 e1cexpress; C:\WINDOWS\System32\DRIVERS\e1c5132.sys [192168 2011-05-04] (Intel Corporation)
S3 e1yexpress; C:\WINDOWS\System32\DRIVERS\e1y5132.sys [244368 2008-03-27] (Intel Corporation)
R3 Eacfilt; C:\WINDOWS\System32\DRIVERS\eacfilt.sys [11113 2004-09-30] (Nortel Networks)
S3 h36wgps; C:\WINDOWS\System32\DRIVERS\h36wgps.sys [87592 2011-02-28] (Ericsson AB)
S0 HpCISSm2; C:\WINDOWS\System32\drivers\HpCISSm2.sys [29224 2010-01-26] (Hewlett-Packard Company)
R3 IFXTPM; C:\WINDOWS\System32\DRIVERS\IFXTPM.SYS [44800 2007-12-18] (Infineon Technologies AG)
S3 IPSECEXT; C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys [216459 2004-09-30] (Nortel Networks NA, Inc.)
R3 IPSECSHM; C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys [216459 2004-09-30] (Nortel Networks NA, Inc.)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [28160 2009-07-07] (http://libusb-win32.sourceforge.net)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-03-05] (Malwarebytes Corporation)
R3 Mbm4bus; C:\WINDOWS\System32\DRIVERS\Mbm4bus.sys [122824 2011-02-11] (MCCI Corporation)
S3 Mbm4mdfl; C:\WINDOWS\System32\DRIVERS\Mbm4mdfl.sys [14920 2011-02-11] (MCCI Corporation)
S3 Mbm4mdm; C:\WINDOWS\System32\DRIVERS\Mbm4mdm.sys [138952 2011-02-11] (MCCI Corporation)
S3 Mbm4mgmt; C:\WINDOWS\System32\DRIVERS\Mbm4mgmt.sys [132808 2011-02-11] (MCCI Corporation)
R3 Mbm4NNd5; C:\WINDOWS\System32\DRIVERS\Mbm4NNd5.sys [24904 2011-02-11] (MCCI Corporation)
R3 Mbm4NUn; C:\WINDOWS\System32\DRIVERS\Mbm4NUn.sys [149960 2011-02-11] (MCCI Corporation)
R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [76024 2010-10-22] (McAfee, Inc.)
S3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [91896 2010-10-22] (McAfee, Inc.)
S3 mfebopk; C:\WINDOWS\System32\drivers\mfebopk.sys [43192 2010-10-22] (McAfee, Inc.)
S0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [344712 2010-10-22] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [66536 2010-10-22] (McAfee, Inc.)
R1 mfetdik; C:\WINDOWS\System32\drivers\mfetdik.sys [64208 2010-10-22] (McAfee, Inc.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETwNx32; C:\WINDOWS\System32\DRIVERS\NETwNx32.sys [7391104 2010-12-21] (Intel Corporation)
R3 nusb3hub; C:\WINDOWS\System32\DRIVERS\nusb3hub.sys [62336 2010-12-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\WINDOWS\System32\DRIVERS\nusb3xhc.sys [141440 2010-12-10] (Renesas Electronics Corporation)
S3 RapFile; C:\WINDOWS\system32\drivers\RapFile.sys [36676 2003-06-20] (Internet Security Systems, Inc.)
S3 RapNet; C:\WINDOWS\system32\drivers\RapNet.sys [24344 2003-06-20] (Internet Security Systems, Inc.)
S2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation)
S3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1970726 2011-05-27] (IDT, Inc.)
S3 swivsp; C:\WINDOWS\System32\DRIVERS\swivspnt.sys [20352 2007-09-18] (Sierra Wireless Inc.)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [225856 2008-06-20] (Microsoft Corporation)
S0 VMSCSI; C:\WINDOWS\System32\drivers\vmscsi.sys [10880 2005-11-30] (VMware, Inc.)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 IntelIde; No ImagePath
S1 iSafeNetFilter; \??\C:\Program Files\iSafe\iSafeNetFilter.sys [X]
S3 smsmdd; system32\DRIVERS\smsmdm.sys [X]
U%8Faq%09 T8267;
U2 TMAgent;
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-12 18:10 - 2014-04-12 18:10 - 00000000 ___DC () C:\FRST
2014-04-11 17:07 - 2014-04-12 18:04 - 00000000 ____D () C:\WINDOWS\pss
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Sun
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\SystemRequirementsLab
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-04-11 15:50 - 2014-04-11 15:50 - 00000597 ____C () C:\Documents and Settings\UA43931.BBVA.002\Desktop\WinDirStat.lnk
2014-04-09 14:50 - 2014-04-09 15:24 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\vlc
2014-04-09 14:50 - 2014-04-09 14:50 - 00000726 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-04-09 14:50 - 2014-04-09 14:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-04-09 14:48 - 2014-04-09 14:48 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-07 20:18 - 2014-04-09 13:04 - 00024064 ____C () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 11:13 - 2014-04-07 11:13 - 00000876 ____C () C:\Documents and Settings\UA43931.BBVA.002\Desktop\µTorrent.lnk
2014-04-07 11:12 - 2014-04-11 16:29 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\uTorrent
2014-04-06 16:26 - 2014-04-06 16:26 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Hewlett-Packard_Developme
2014-04-06 16:20 - 2014-04-06 21:20 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\Skype
2014-04-05 12:40 - 2014-04-05 12:42 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Desktop\Holiday_Work_M2
2014-04-03 13:24 - 2014-04-06 16:25 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-03 13:23 - 2014-04-03 13:23 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-03 13:23 - 2014-03-05 09:26 - 00050648 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 13:23 - 2014-03-05 09:26 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\TuneUp Software
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\AVG2014
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-03 12:45 - 2014-04-03 12:46 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-04-03 12:45 - 2014-04-03 12:45 - 00000000 __HDC () C:\$AVG
2014-04-03 12:40 - 2014-04-11 13:27 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\MFAData
2014-04-03 12:40 - 2014-04-03 12:51 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Avg2014
2014-04-03 12:40 - 2014-04-03 12:40 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\MFAData
2014-04-01 18:25 - 2014-04-01 18:25 - 00000059 ____C () C:\Documents and Settings\UA43931.BBVA.002\Start Menu\Importar contactos....url
2014-03-31 16:47 - 2014-03-31 16:47 - 00102400 _____ () C:\WINDOWS\Minidump\Mini033114-01.dmp
2014-03-24 17:10 - 2014-04-03 13:18 - 00000000 ____D () C:\Program Files\MediaWatchV1
2014-03-20 14:29 - 2014-03-20 14:29 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Microsoft Help
2014-03-16 17:12 - 2014-03-16 17:12 - 00000000 _SHDC () C:\Documents and Settings\UA43931.BBVA.002\IECompatCache
2014-03-16 17:12 - 2014-03-16 17:12 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\Google

==================== One Month Modified Files and Folders =======

2014-04-12 18:10 - 2014-04-12 18:10 - 00000000 ___DC () C:\FRST
2014-04-12 18:06 - 2013-02-16 09:45 - 60671130 _____ () C:\WINDOWS\setupapi.log
2014-04-12 18:06 - 2011-04-07 19:20 - 00221494 _____ () C:\WINDOWS\setupact.log
2014-04-12 18:06 - 2011-04-07 17:26 - 01535139 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-12 18:05 - 2011-04-08 03:15 - 00000582 _____ () C:\WINDOWS\win.ini
2014-04-12 18:05 - 2011-04-08 03:15 - 00000227 _____ () C:\WINDOWS\system.ini
2014-04-12 18:05 - 2011-04-08 03:15 - 00000212 _RSHC () C:\boot.ini
2014-04-12 18:04 - 2014-04-11 17:07 - 00000000 ____D () C:\WINDOWS\pss
2014-04-12 18:00 - 2012-05-31 07:21 - 00000000 __SHD () C:\WINDOWS\CSC
2014-04-12 17:50 - 2011-04-07 19:24 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-04-12 17:50 - 2011-04-07 19:24 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-04-12 17:50 - 2011-04-07 17:30 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-11 20:37 - 2014-02-06 13:47 - 00000178 __SHC () C:\Documents and Settings\UA43931.BBVA.002\ntuser.ini
2014-04-11 19:35 - 2012-05-31 06:39 - 00000460 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{36657E7A-DB41-4A05-8160-C2C88A5694DE}.job
2014-04-11 18:25 - 2012-05-31 06:24 - 00524288 _____ () C:\WINDOWS\system32\config\HP Conne.evt
2014-04-11 18:22 - 2013-07-01 20:20 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-04-11 18:01 - 2013-05-11 14:19 - 00000336 _____ () C:\WINDOWS\Tasks\HP Photo Creations Messager.job
2014-04-11 17:59 - 2014-02-05 15:55 - 00000374 _____ () C:\WINDOWS\Tasks\SelectionTool Update.job
2014-04-11 17:59 - 2013-07-29 19:00 - 00000276 _____ () C:\WINDOWS\Tasks\RMAutoUpdate.job
2014-04-11 17:59 - 2013-07-24 15:49 - 00000000 ____D () C:\Program Files\PC Tools Registry Mechanic
2014-04-11 17:59 - 2012-11-17 20:51 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-11 17:42 - 2012-11-17 20:51 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-11 17:41 - 2011-04-07 17:30 - 00032356 _____ () C:\WINDOWS\SchedLgU.Txt
2014-04-11 17:24 - 2013-09-01 13:24 - 00000416 _____ () C:\WINDOWS\Tasks\At6.job
2014-04-11 16:29 - 2014-04-07 11:12 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\uTorrent
2014-04-11 16:29 - 2012-05-31 16:07 - 00131072 _____ () C:\WINDOWS\system32\config\OAlerts.evt
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Sun
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\SystemRequirementsLab
2014-04-11 16:11 - 2014-04-11 16:11 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-04-11 15:50 - 2014-04-11 15:50 - 00000597 ____C () C:\Documents and Settings\UA43931.BBVA.002\Desktop\WinDirStat.lnk
2014-04-11 14:18 - 2013-05-11 14:18 - 00000466 _____ () C:\WINDOWS\Tasks\At4.job
2014-04-11 14:00 - 2013-05-11 14:18 - 00000466 _____ () C:\WINDOWS\Tasks\At5.job
2014-04-11 13:27 - 2014-04-03 12:40 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\MFAData
2014-04-11 10:10 - 2013-05-11 14:18 - 00000466 _____ () C:\WINDOWS\Tasks\At2.job
2014-04-10 22:12 - 2013-07-24 15:49 - 00000276 _____ () C:\WINDOWS\Tasks\RMSchedule.job
2014-04-10 20:40 - 2013-05-11 14:18 - 00000466 _____ () C:\WINDOWS\Tasks\At3.job
2014-04-10 19:00 - 2013-07-29 19:00 - 00000272 _____ () C:\WINDOWS\system32\AppLog.log
2014-04-10 17:35 - 2013-09-01 13:24 - 00000000 ____D () C:\Quarantine
2014-04-10 17:33 - 2011-04-08 03:15 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-04-09 15:24 - 2014-04-09 14:50 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\vlc
2014-04-09 14:50 - 2014-04-09 14:50 - 00000726 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-04-09 14:50 - 2014-04-09 14:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\VideoLAN
2014-04-09 14:48 - 2014-04-09 14:48 - 00000000 ____D () C:\Program Files\VideoLAN
2014-04-09 13:04 - 2014-04-07 20:18 - 00024064 ____C () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-07 11:13 - 2014-04-07 11:13 - 00000876 ____C () C:\Documents and Settings\UA43931.BBVA.002\Desktop\µTorrent.lnk
2014-04-07 09:34 - 2012-11-20 22:02 - 02059880 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2014-04-06 21:20 - 2014-04-06 16:20 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\Skype
2014-04-06 17:01 - 2014-02-10 20:04 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\CUSTPDF Writer
2014-04-06 16:26 - 2014-04-06 16:26 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Hewlett-Packard_Developme
2014-04-06 16:25 - 2014-04-03 13:24 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 16:24 - 2013-02-03 11:18 - 00002265 _____ () C:\Documents and Settings\All Users\Desktop\Skype.lnk
2014-04-06 16:20 - 2013-02-03 11:18 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-04-06 16:20 - 2012-11-27 22:30 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-04-05 12:42 - 2014-04-05 12:40 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Desktop\Holiday_Work_M2
2014-04-05 10:47 - 2014-01-30 19:22 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\WPM
2014-04-05 10:47 - 2014-01-30 19:21 - 00000000 ____D () C:\Program Files\fst_es_43
2014-04-03 16:37 - 2012-11-17 20:52 - 00001818 _____ () C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2014-04-03 16:18 - 2014-01-30 19:21 - 00000000 ____D () C:\Documents and Settings\ua43931\Application Data\nationzoom
2014-04-03 16:18 - 2013-06-29 14:54 - 00000000 ____D () C:\Program Files\Movies Toolbar
2014-04-03 14:15 - 2013-01-12 23:40 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-04-03 14:00 - 2014-02-05 15:55 - 00000000 ____D () C:\Program Files\SelectionTool
2014-04-03 13:57 - 2014-01-30 19:21 - 00000000 ____D () C:\Program Files\Mobogenie
2014-04-03 13:23 - 2014-04-03 13:23 - 00000784 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-04-03 13:23 - 2014-04-03 13:23 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-03 13:20 - 2014-02-06 13:47 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Google
2014-04-03 13:19 - 2014-02-24 18:00 - 00000000 ____D () C:\Program Files\MediaViewerV1
2014-04-03 13:19 - 2014-01-30 19:23 - 00000000 ____D () C:\Documents and Settings\ua43931\Local Settings\Application Data\genienext
2014-04-03 13:18 - 2014-03-24 17:10 - 00000000 ____D () C:\Program Files\MediaWatchV1
2014-04-03 13:18 - 2014-02-27 20:55 - 00000000 ____D () C:\Program Files\MediaViewV1
2014-04-03 13:17 - 2014-02-23 14:54 - 00000000 ____D () C:\Program Files\MediaPlayerV1
2014-04-03 13:11 - 2013-09-01 13:24 - 00000000 ____D () C:\Program Files\DealPly
2014-04-03 12:51 - 2014-04-03 12:40 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Avg2014
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\TuneUp Software
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\AVG2014
2014-04-03 12:46 - 2014-04-03 12:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-03 12:46 - 2014-04-03 12:45 - 00000000 ___DC () C:\Documents and Settings\All Users\Application Data\AVG2014
2014-04-03 12:45 - 2014-04-03 12:45 - 00000000 __HDC () C:\$AVG
2014-04-03 12:40 - 2014-04-03 12:40 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\MFAData
2014-04-03 12:37 - 2013-07-22 14:13 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton
2014-04-03 12:31 - 2013-07-22 14:13 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-04-02 14:41 - 2013-11-11 14:39 - 00528020 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-01 18:59 - 2012-09-08 13:35 - 00000838 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-01 18:25 - 2014-04-01 18:25 - 00000059 ____C () C:\Documents and Settings\UA43931.BBVA.002\Start Menu\Importar contactos....url
2014-04-01 14:59 - 2012-09-08 13:35 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-04-01 14:59 - 2012-05-31 06:40 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-31 16:47 - 2014-03-31 16:47 - 00102400 _____ () C:\WINDOWS\Minidump\Mini033114-01.dmp
2014-03-31 16:47 - 2012-07-03 15:20 - 00000000 ____D () C:\WINDOWS\Minidump
2014-03-31 14:24 - 2013-12-19 10:24 - 00000133 _____ () C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2014-03-20 14:29 - 2014-03-20 14:29 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Application Data\Microsoft Help
2014-03-16 17:12 - 2014-03-16 17:12 - 00000000 _SHDC () C:\Documents and Settings\UA43931.BBVA.002\IECompatCache
2014-03-16 17:12 - 2014-03-16 17:12 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002\Application Data\Google
2014-03-16 17:12 - 2014-02-06 13:47 - 00000000 ___DC () C:\Documents and Settings\UA43931.BBVA.002
2014-03-16 16:36 - 2012-11-20 22:25 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-03-16 16:35 - 2011-04-07 19:21 - 00639330 ____C () C:\WINDOWS\iis6.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00553780 ____C () C:\WINDOWS\FaxSetup.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00275820 ____C () C:\WINDOWS\ocgen.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00255774 ____C () C:\WINDOWS\tsoc.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00187895 ____C () C:\WINDOWS\comsetup.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00174732 ____C () C:\WINDOWS\msmqinst.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00113922 ____C () C:\WINDOWS\ntdtcsetup.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00094775 ____C () C:\WINDOWS\netfxocm.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00038132 ____C () C:\WINDOWS\MedCtrOC.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00029892 ____C () C:\WINDOWS\ocmsn.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00027589 ____C () C:\WINDOWS\tabletoc.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00026909 ____C () C:\WINDOWS\msgsocm.log
2014-03-16 16:35 - 2011-04-07 19:21 - 00001917 _____ () C:\WINDOWS\imsins.log

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job
C:\Windows\Tasks\At5.job
C:\Windows\Tasks\At6.job


Some content of TEMP:
====================
C:\Documents and Settings\UA43931.BBVA.000\Local Settings\Temp\Uninstall.exe
C:\Documents and Settings\UA43931.BBVA.002\Local Settings\Temp\SRLDetectionLibrary3695500547527255027.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-04-2014
Ran by UA43931 at 2014-04-12 18:11:42
Running from G:\
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

AV: VirusScan Enterprise + AntiSpyware Enterprise (Disabled - Up to date) {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 4.0 (HKLM\...\Adobe Acrobat 4.0) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8870 - Adobe Systems Inc.) Hidden
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.43 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Español (HKLM\...\{AC76BA86-7AD7-1034-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3882 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
BBVA_Office_OTF_TTF (HKLM\...\{FCFF5110-5D38-43D3-9972-86F05DA2C6B8}) (Version: 17.11.2011 - Your Company Name)
bbvasalvapantallas Screen Saver (HKLM\...\bbvasalvapantallas) (Version: - )
Broadcom 2070 Bluetooth 3.0 (HKLM\...\{F48BE301-EC78-4686-B580-EE4934558798}) (Version: 5.6.0.5600 - HP)
Citrix Presentation Server Client (HKLM\...\{2624B680-02BC-4CBC-839C-DA20DF6EF6EC}) (Version: 10.200.2650 - Citrix Systems, Inc.)
Compatibilidad con Aplicaciones de Apple (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Estudio de mejora de productos de HP Deskjet 3050A J611 series (HKLM\...\{E9A0F78E-A0E7-419D-AAD8-A4C1FC720119}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
explorer (HKLM\...\{77df91a6-dbec-4033-9b56-f771e4fe01f5}.sdb) (Version: - )
EZ GPO Power Management Config Tool (HKLM\...\{C5B83F18-6959-4760-9879-709E29E75DAF}) (Version: 2.0.14 - TerraNovum)
fst_es_43 (HKLM\...\fst_es_43_is1) (Version: - FREESOFTTODAY) <==== ATTENTION
Garmin ANT Agent (HKLM\...\{2CEDDEB4-7AB5-440E-A8B0-4EF9B1727DBD}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Talk Plugin (HKLM\...\{669A032D-4E28-3D11-BB26-8AD5D51EFE87}) (Version: 2.1.8.0 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HP Connection Manager (HKLM\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company)
HP Deskjet 3050A J611 series Ayuda (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Mobile Broadband Drivers (HKLM\...\{646E8C34-C88B-42F9-9F41-985A801219E1}) (Version: 6.3.5.3 - Ericsson AB)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
Impresora PDF (HKLM\...\{2429D645-2C0B-46C8-B02A-BF95BB045945}) (Version: 0.00 - BBVA)
Intel PROSet Wireless (Version: - ) Hidden
Internet Explorer (Version: 8 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.)
Java 2 Runtime Environment, SE v1.4.2_07 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142070}) (Version: 1.4.2_07 - Sun Microsystems, Inc.)
Java Auto Updater (Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217005FF}) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Juniper Installer Service (HKLM\...\{5E325444-E4C0-451C-ADC0-FE0D839703D4}) (Version: 7.1.0.18193 - Juniper Networks)
Juniper Networks Network Connect 7.1.0 (HKLM\...\Juniper Network Connect 7.1.0) (Version: 7.1.0.18193 - Juniper Networks)
Juniper Networks, Inc. Setup Client Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
K-Lite Codec Pack 5.1.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 5.1.0 - )
LEGATO EmailXtender® 4.81 Client (HKLM\...\{DA9E949F-3C63-476C-9248-FF64D95A0031}) (Version: 4.81.1043 - EMC Corporation)
Livelink Office Editor (HKLM\...\{0EC5AE85-BAED-400D-95E6-A3528FC9B124}) (Version: 3.2.0.209 - Open Text Corporation)
Malwarebytes Anti-Malware versión 2.00.0.1000 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Agent (HKLM\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
McAfee AntiSpyware Enterprise Module (HKLM\...\McAfee Anti-Spyware Enterprise Module) (Version: 8.7.0.129 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM\...\{147BCE03-C0F1-4C9F-8157-6A89B6D2D973}) (Version: 8.7.00004 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2656353) (HKLM\...\M2656353) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2656370) (HKLM\...\M2656370) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - ESN (HKLM\...\{85AC0FFA-643D-3103-9310-7086ECB0C36C}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 1 Language Pack - ESN (HKLM\...\{12E0A949-8861-35F8-B7ED-5658788A7BFE}) (Version: 3.1.21022 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack - esn (Version: 3.5.21022 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 (Version: - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Basque) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Catalan) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Galician) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Spanish) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders (English) 14 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders (Spanish) 14 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WinUsb 1.0 (HKLM\...\winusb0100) (Version: - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mobile Broadband Generic Drivers (HKLM\...\{7F18A718-2398-4D83-B5A2-AEACB9D3F71C}) (Version: 2.02.03.005.15 - Novatel Wireless)
Mobogenie (HKLM\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 22.0 (x86 es-ES) (HKLM\...\Mozilla Firefox 22.0 (x86 es-ES)) (Version: 22.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM\...\{79ACDEE9-29B6-4E2A-8C65-4352774D5BEA}) (Version: 6.10.1200.0 - Microsoft Corporation)
Nortel Networks Contivity VPN Client (HKLM\...\{EF964A78-078C-11D1-B7A7-0000C0134CE6}) (Version: - )
Nortel Networks TunnelGuard (HKLM\...\{8EA37DFD-B8C6-49A6-AE0F-F2195BA5C8A4}) (Version: 1.1.1 - Nortel Networks)
NVIDIA PhysX (HKLM\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
Paquete de controladores de Windows - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Paquete de controladores de Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Paquete de idioma de Microsoft .NET Framework 3.5 - esn (HKLM\...\Microsoft .NET Framework 3.5 Language Pack - esn) (Version: - Microsoft Corporation)
PC Tools Registry Mechanic 11.1 (HKLM\...\Registry Mechanic_is1) (Version: 11.1 - PC Tools)
QuickTime (HKLM\...\{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}) (Version: 7.64.17.73 - Apple Inc.)
RDC (Version: - Microsoft Corporation) Hidden
rto (HKLM\...\{8CBBA6C1-58E8-444C-94F5-BD0A2001E038}) (Version: 1.0.0 - IBM)
SelectionTool (HKLM\...\96bd7ea2-c92e-4f4d-8108-c7bb81075eea) (Version: - SelectionTool Software) <==== ATTENTION
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Software básico del dispositivo HP Deskjet 3050A J611 series (HKLM\...\{23E1E4DA-6D66-47FA-B65B-2E3B00059FB5}) (Version: 25.0.571.0 - Hewlett-Packard Co.)
Software Intel(R) PROSet/Wireless WiFi (HKLM\...\{F5F97313-4454-4B49-A602-285447A55B86}) (Version: 14.00.1000 - Intel Corporation)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Update for Windows XP (KB943729) (HKLM\...\KB943729) (Version: - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
VinPassLogout (HKLM\...\{78D0D78C-FC9D-455B-81F4-E9B2145B7858}) (Version: 1.0.0 - Vintegris)
VinSSO (HKLM\...\{0A636730-C329-4A2D-BBFF-EDF0891BBB1A}) (Version: 3.0.4 - Vintegris)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WIMGAPI (HKLM\...\{721ABC3B-5F12-4332-9C0C-C11424EF666C}) (Version: 1.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Internet Explorer 8 Multilingual User Interface (MUI) (HKLM\...\IE8-MUI) (Version: 20090411.120000 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version: - )
Windows Media Format 11 runtime (Version: - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version: - )
Windows Media Player 11 (Version: - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) Hidden
 
==================== Restore Points =========================


==================== Hosts content: ==========================

2011-04-08 03:15 - 2012-11-08 09:42 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\WINDOWS\System32\Reinicio.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At5.job => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At6.job => C:\DOCUME~1\ua43931\APPLIC~1\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Messager.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\MessageCheck.exe
Task: C:\WINDOWS\Tasks\RMAutoUpdate.job => C:\Program Files\PC Tools Registry Mechanic\SULauncher.exe
Task: C:\WINDOWS\Tasks\RMSchedule.job => C:\Program Files\PC Tools Registry Mechanic\RegMech.exe
Task: C:\WINDOWS\Tasks\SelectionTool Update.job => C:\Program Files\SelectionTool\STupdate.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{36657E7A-DB41-4A05-8160-C2C88A5694DE}.job => C:\WINDOWS\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2011-02-18 13:52 - 2011-02-18 13:52 - 00096768 _____ () C:\Program Files\seguridad\rto\IBM\rtonotify.dll
2011-02-18 13:51 - 2011-02-18 13:51 - 00066048 _____ () C:\Program Files\seguridad\rto\IBM\rtoTrace.dll
2010-05-10 17:57 - 2010-05-10 17:57 - 00011776 _____ () C:\Program Files\Vintegris\VinPassLogout\DLLVinLogout.dll
2011-02-18 13:52 - 2011-02-18 13:52 - 00166912 _____ () C:\Program Files\seguridad\rto\IBM\rtosesflow.exe
2011-02-18 13:51 - 2011-02-18 13:51 - 00066048 _____ () C:\Program Files\seguridad\rto\IBM\rtotrace.dll
2010-07-14 12:11 - 2010-07-14 12:11 - 00092160 _____ () C:\Program Files\Vintegris\VinPassLogout\VinPassLogout.exe
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-06-06 12:55 - 2011-06-06 12:55 - 00301056 _____ () C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.ESP

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^BTTray.lnk => C:\WINDOWS\pss\BTTray.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Program Neighborhood Agent.lnk => C:\WINDOWS\pss\Program Neighborhood Agent.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TunnelGuard Tray Monitor.lnk => C:\WINDOWS\pss\TunnelGuard Tray Monitor.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^UA43931.BBVA.002^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk => C:\WINDOWS\pss\Microsoft SharePoint Workspace.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AESTFltr => %SystemRoot%\system32\AESTFltr.exe /NoDlg
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "D:\Program Files\AVG\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: EPA_EZ_GPO_Tool => C:\WINDOWS\system32\EZ_GPO_Tool.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_C0E34EB849C6CEDCAE20AC6B5EAC1D84 => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => C:\Program Files\Microsoft Office\Office14\GROOVEMN.EXE
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPConnectionManager => C:\Program Files\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: IntelZeroConfig => "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: McAfeeUpdaterUI => "C:\Program Files\Network Associates\Common Framework\udaterui.exe" /StartedFromRunKey
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: RtoUsbUser => C:\Program Files\seguridad\rto\IBM\rtousbuser.exe
MSCONFIG\startupreg: ShStatEXE => "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: Synchronization Manager => %SystemRoot%\system32\mobsync.exe /logon
MSCONFIG\startupreg: upfst_es_43.exe => C:\Documents and Settings\UA43931.BBVA.000\Local Settings\Application Data\fst_es_43\upfst_es_43.exe -runhelper

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/12/2014 06:02:45 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows no puede obtener el nombre del controlador de dominio para la red de su equipo. (El dominio especificado no existe o no se pudo establecer conexión con él. ). Se ha anulado el proceso de directiva de grupo.

Error: (04/12/2014 06:01:57 PM) (Source: UserInit) (User: )
Description: No se pudo ejecutar la siguiente secuencia de comandos KIX460.EXE. El sistema no puede hallar el archivo especificado.

Error: (04/12/2014 06:01:57 PM) (Source: UserInit) (User: )
Description: No se pudo ejecutar la siguiente secuencia de comandos SDS.exe. El sistema no puede hallar el archivo especificado.

Error: (04/12/2014 06:01:56 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows no puede obtener el nombre del controlador de dominio para la red de su equipo. (El dominio especificado no existe o no se pudo establecer conexión con él. ). Se ha anulado el proceso de directiva de grupo.

Error: (04/12/2014 06:01:11 PM) (Source: rtosesflow) (User: )
Description: La eliminación de las cuentas locales falló, Rc=1.

Error: (04/12/2014 05:59:37 PM) (Source: rtosesflow) (User: )
Description: ERROR en GetDlgItem hDlg=30028, iCtrId=1. Rc=1400.

Error: (04/12/2014 05:59:37 PM) (Source: rtosesflow) (User: )
Description: La eliminación de las cuentas locales falló, Rc=1.

Error: (04/12/2014 05:59:36 PM) (Source: rtosesflow) (User: )
Description: ERROR en GetDlgItem hDlg=30028, iCtrId=5e0. Rc=1400.

Error: (04/12/2014 05:59:36 PM) (Source: rtosesflow) (User: )
Description: Falló la obtención de la información de red. rc=2138.

Error: (04/12/2014 05:52:49 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\Network Associates\VirusScan\Mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2752 (0xac0)

Thread address : 0x7C90E4F4

Thread message :

Build VSCORE.14.1.0.567 / 5400.1158
Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All Users\Application Data\AVG2014\Chjw\e6489b1f489aed95\avgcchmf.dat
by \??\D:\PROGRA~1\AVG\avgrsx.exe
4(16)(0)
4(16)(0)
7200(16)(0)
7595(16)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)


System errors:
=============
Error: (04/12/2014 06:07:18 PM) (Source: DCOM) (User: BBVA)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio StiSvc con argumentos ""
para ejecutar el servidor:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/12/2014 06:06:23 PM) (Source: DCOM) (User: BBVA)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio StiSvc con argumentos ""
para ejecutar el servidor:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/12/2014 06:06:16 PM) (Source: DCOM) (User: BBVA)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio StiSvc con argumentos ""
para ejecutar el servidor:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (04/12/2014 06:06:06 PM) (Source: DCOM) (User: BBVA)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio wuauserv con argumentos ""
para ejecutar el servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/12/2014 06:03:05 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio EventSystem con argumentos ""
para ejecutar el servidor:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (04/12/2014 06:03:03 PM) (Source: DCOM) (User: BBVA)
Description: DCOM ha obtenido un error "%%1084" al intentar iniciar el servicio wuauserv con argumentos ""
para ejecutar el servidor:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (04/12/2014 06:02:36 PM) (Source: Service Control Manager) (User: )
Description: El controlador de inicialización siguiente no se cargó correctamente:
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
Fips
HpCISSm2
intelppm
iSafeNetFilter
KR10I
mfehidk
VMSCSI

Error: (04/12/2014 06:02:36 PM) (Source: Service Control Manager) (User: )
Description: El servicio McAfee McShield depende del servicio McAfee Validation Trust Protection Service, el cual no pudo iniciarse debido al siguiente error:
%%1068

Error: (04/12/2014 06:02:36 PM) (Source: Service Control Manager) (User: )
Description: El servicio McAfee Validation Trust Protection Service depende del servicio McAfee Inc. mfehidk, el cual no pudo iniciarse debido al siguiente error:
%%31

Error: (04/12/2014 06:00:56 PM) (Source: NETLOGON) (User: )
Description: No hay un controlador de dominio disponible para el dominio BBVA debido a lo siguiente:
%%1311.

Asegúrese de que el equipo está conectado a la red y vuelva a intentarlo.
Si el problema persiste, póngase en contacto con el administrador del dominio.


Microsoft Office Sessions:
=========================
Error: (04/12/2014 06:02:45 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: El dominio especificado no existe o no se pudo establecer conexión con él.

Error: (04/12/2014 06:01:57 PM) (Source: UserInit)(User: )
Description: KIX460.EXEEl sistema no puede hallar el archivo especificado.

Error: (04/12/2014 06:01:57 PM) (Source: UserInit)(User: )
Description: SDS.exeEl sistema no puede hallar el archivo especificado.

Error: (04/12/2014 06:01:56 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: El dominio especificado no existe o no se pudo establecer conexión con él.

Error: (04/12/2014 06:01:11 PM) (Source: rtosesflow)(User: )
Description: La eliminación de las cuentas locales falló, Rc=1

Error: (04/12/2014 05:59:37 PM) (Source: rtosesflow)(User: )
Description: ERROR en GetDlgItem hDlg=30028, iCtrId=1. Rc=1400

Error: (04/12/2014 05:59:37 PM) (Source: rtosesflow)(User: )
Description: La eliminación de las cuentas locales falló, Rc=1

Error: (04/12/2014 05:59:36 PM) (Source: rtosesflow)(User: )
Description: ERROR en GetDlgItem hDlg=30028, iCtrId=5e0. Rc=1400

Error: (04/12/2014 05:59:36 PM) (Source: rtosesflow)(User: )
Description: Falló la obtención de la información de red. rc=2138

Error: (04/12/2014 05:52:49 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\Network Associates\VirusScan\Mcshield.exe900002752 (0xac0)0x7C90E4F4
Build VSCORE.14.1.0.567 / 5400.1158
Object being scanned = \Device\HarddiskVolume1\Documents and Settings\All Users\Application Data\AVG2014\Chjw\e6489b1f489aed95\avgcchmf.dat
by \??\D:\PROGRA~1\AVG\avgrsx.exe
4(16)(0)
4(16)(0)
7200(16)(0)
7595(16)(0)
7005(0)(0)
7004(0)(0)
5006(0)(0)
5004(0)(0)


==================== Memory info ===========================

Percentage of memory in use: 11%
Total physical RAM: 3054.29 MB
Available physical RAM: 2709.04 MB
Total Pagefile: 4942.65 MB
Available Pagefile: 4798.04 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.21 MB

==================== Drives ================================

Drive c: (SISTEMA) (Fixed) (Total:25 GB) (Free:9.98 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (DATOS) (Fixed) (Total:273.09 GB) (Free:232.4 GB) NTFS
Drive g: () (Fixed) (Total:931.51 GB) (Free:696.49 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: C6E34D68)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: BDB057CE)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
I don't see much there but let's see what we can do...

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

See if you can boot normally.
 

Attachments

  • fixlist.txt
    1.3 KB · Views: 2
Wow, did you read through the whole thing??
Sorry about my uploading, I thought it would be too long to scroll up and down the page. I will have to run the script tomorrow, as I'm not.at home at the moment. Thank you so much for.your time.
 
p22003888.gif
 
This topic is marked as abandoned and closed due to inactivity.

This member will NOT be eligible to receive any more help in malware removal forum.
 
Status
Not open for further replies.

Similar threads

D
Avira update is causing Windows PCs to freeze up, no fix in sight
Replies
0
Views
205
DragonSlayer101
D
Scorpus
Nvidia app launches in beta: Nvidia's new GPU control panel is much faster, no log in...
2
Replies
28
Views
610
RaXelliX
R
Cal Jeffrey
Your outdated version of Windows Media Player 6 will still work after the Y2K38 bug ends...
Replies
6
Views
148
dangh
dangh

Latest posts

Back