• Registrarse
  • Iniciar sesión


  • Página 4 de 4 PrimeroPrimero 1234
    Resultados 31 al 38 de 38

    Mi portatil está infectado y no se como eliminar los virus :(

    Hola Sanmar! Gracias por responder. Cierto que el portatil tiene que tener mucha basura, pero no fue mi culpa. En fin, hice todo tal y como me dijiste. Cuando reinicio, desde que se abre windows ...

    1. #31
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola Sanmar!

      Gracias por responder. Cierto que el portatil tiene que tener mucha basura, pero no fue mi culpa.

      En fin, hice todo tal y como me dijiste. Cuando reinicio, desde que se abre windows sigue apareciendo la ventanita en el malwarebytes avisando de que ha bloqueado con exito el acceso a un sitio web potencialmente malicioso, una direccion ip y un puerto que cambia en cada aviso, pone salientes y svchost.exe como el proceso que detecta. Aparte no me deja navegar por internet, es decir, el navegador no reacciona y encima del simbolo del acceso a internet se pone como un simbolo amarillo con una exclamacion dentro. Si desactivo la opcion del malwarebytes de bloqueo de sitios web, entonces para el aviso y puedo navegar por internet.

      Aqui te adjunto el log del OTM tal y como me dijiste. Muchisimas gracias una vez mas por la ayuda :)


      All processes killed
      ========== OTL ==========
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\MediaGet2\ deleted successfully.
      C:\Users\KADIR\AppData\Local\MediaGet2\imageformats folder moved successfully.
      C:\Users\KADIR\AppData\Local\MediaGet2 folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\user_search\tserverinfo folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\user_search\sserverinfo folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\user_search\iserverinfo folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\user_search folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\user-share folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\suggest folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\settings-backup folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\network_cache folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\info_zip folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\geoip folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2\catalogue_events folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC\MediaGet2 folder moved successfully.
      C:\Users\KADIR\AppData\Local\Media Get LLC folder moved successfully.
      Service BasicSeek Service stopped successfully!
      Service BasicSeek Service deleted successfully!
      C:\Programmi\BasicSeek\basicseek.exe moved successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ not found.
      HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\BrowserMngr Start Page| /E : value set successfully!
      Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{38A1AE76-6602-454D-B823-E3BA7EA7EF51}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38A1AE76-6602-454D-B823-E3BA7EA7EF51}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2410}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3f22a84-2a84-49eb-91e6-5dadaaf0165d}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F42D4712-298F-4502-8668-7B9940C3FB00}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F42D4712-298F-4502-8668-7B9940C3FB00}\ not found.
      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
      HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
      C:\Programmi\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{977AE9CC-AF83-45E8-9E03-E2798216E2D5}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD898F8-FCF6-4694-BC3B-EABC7271EEB1}\ not found.
      Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~2\25986~1.67\{c16c1~1\browse~1.dll deleted successfully.
      Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7b5de2e0-dd42-11e1-8a7d-78843cf7f085}\ not found.
      File E:\setup_vmc_lite.exe /checkApplicationPresence not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\ deleted successfully.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f95383f6-79a7-11e1-b08c-78843cf7f085}\ not found.
      Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f95383f6-79a7-11e1-b08c-78843cf7f085}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f95383f6-79a7-11e1-b08c-78843cf7f085}\ not found.
      File E:\iStudio.exe not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\StartUpReg\SUPERAntiSpyware\ deleted successfully.
      C:\Program Files\ESET\ESET Online Scanner\Quarantine folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\temp folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles\http_update.eset.com folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner\Modules\data\updfiles folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner\Modules\data folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner\Modules folder moved successfully.
      C:\Program Files\ESET\ESET Online Scanner folder moved successfully.
      C:\Program Files\ESET folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully.
      C:\ProgramData\BrowserProtect\2.5.986.67 folder moved successfully.
      C:\ProgramData\BrowserProtect folder moved successfully.
      C:\ProgramData\BasicSeek folder moved successfully.
      C:\Program Files\BasicSeek folder moved successfully.
      C:\ProgramData\Media Get LLC folder moved successfully.
      C:\Users\KADIR\AppData\Roaming\Media Get LLC folder moved successfully.
      C:\Program Files\Yontoo folder moved successfully.
      Folder C:\Users\KADIR\AppData\Local\Media Get LLC\ not found.
      C:\Windows\msdownld.tmp folder deleted successfully.
      ADS C:\ProgramData\TEMP:DBC416F8 deleted successfully.
      ========== FILES ==========
      < ipconfig /flushdns /c >
      Configurazione IP di Windows
      Cache del resolver DNS svuotata.
      C:\Users\KADIR\Desktop\cmd.bat deleted successfully.
      C:\Users\KADIR\Desktop\cmd.txt deleted successfully.
      < ipconfig /renew /c >
      Configurazione IP di Windows
      Impossibile eseguire qualsiasi operazione su Connessione alla rete locale (LAN) quando il relativo
      supporto Š disconnesso.
      Impossibile eseguire qualsiasi operazione su Connessione rete wireless 2 quando il relativo
      supporto Š disconnesso.
      Scheda Ethernet Connessione alla rete locale (LAN):
      Stato supporto. . . . . . . . . . . . : Supporto disconnesso
      Suffisso DNS specifico per connessione:
      Scheda LAN wireless Connessione rete wireless 2:
      Stato supporto. . . . . . . . . . . . : Supporto disconnesso
      Suffisso DNS specifico per connessione:
      Scheda LAN wireless Connessione rete wireless:
      Suffisso DNS specifico per connessione: gateway.2wire.net
      Indirizzo IPv6 locale rispetto al collegamento . : fe80::69ad:8c5:fc5c:4f0c%11
      Indirizzo IPv4. . . . . . . . . . . . : 192.168.1.99
      Subnet mask . . . . . . . . . . . . . : 255.255.255.0
      Gateway predefinito . . . . . . . . . : 192.168.1.254
      Scheda Tunnel Reusable ISATAP Interface {2EE74A3E-FE36-4010-BE81-978B75DFF61E}:
      Stato supporto. . . . . . . . . . . . : Supporto disconnesso
      Suffisso DNS specifico per connessione:
      Scheda Tunnel Teredo Tunneling Pseudo-Interface:
      Suffisso DNS specifico per connessione:
      Indirizzo IPv6 . . . . . . . . . . . . . . . . . : 2001:0:5ef5:79fd:18a1:3107:3f57:fe9c
      Indirizzo IPv6 locale rispetto al collegamento . : fe80::18a1:3107:3f57:fe9c%15
      Gateway predefinito . . . . . . . . . : ::
      Scheda Tunnel isatap.gateway.2wire.net:
      Stato supporto. . . . . . . . . . . . : Supporto disconnesso
      Suffisso DNS specifico per connessione: gateway.2wire.net
      C:\Users\KADIR\Desktop\cmd.bat deleted successfully.
      C:\Users\KADIR\Desktop\cmd.txt deleted successfully.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYFLASH]

      User: All Users

      User: Default
      ->Flash cache emptied: 58264 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: KADIR
      ->Flash cache emptied: 58792 bytes

      User: Public

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: KADIR
      ->Temp folder emptied: 6725 bytes
      ->Temporary Internet Files folder emptied: 8922334 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 78336 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 9,00 mb


      [EMPTYJAVA]

      User: All Users

      User: Default

      User: Default User

      User: KADIR

      User: Public

      Total Java Files Cleaned = 0,00 mb


      OTL by OldTimer - Version 3.2.69.0 log created on 12192012_201024

      Files\Folders moved on Reboot...
      File\Folder C:\Windows\temp\sig6A4.tmp not found!

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...

    2. #32
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola:


      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware


        Si te pide actualizar "Aceptas".
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #33
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola SanMar,

      Gracias por la ayuda de nuevo :)

      Hice lo que me dijiste. En mi caso no reinicio y lo hice yo por si acaso. Aqui adjunto el informe del combo. Por cierto al iniciar sigue igual, el malwarebytes sigue sacando el mismo aviso e internet no funciona a no se que desactive el malwarebytes. Espero tu respuesta y muchas gracias de nuevo :)

      ComboFix 12-12-20.02 - KADIR 21/12/2012 14:27:44.1.4 - x86
      Microsoft Windows 7 Ultimate 6.1.7600.0.1252.39.1040.18.3022.2165 [GMT 1:00]
      Eseguito da: c:\users\KADIR\Downloads\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      * Creato nuovo punto di ripristino
      .
      .
      ((((((((((((((((((((((((((((((((((((( Altre eliminazioni )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\windows\system32\roboot.exe
      .
      .
      ((((((((((((((((((((((((( Files Creati Da 2012-11-21 al 2012-12-21 )))))))))))))))))))))))))))))))))))
      .
      .
      2012-12-21 13:33 . 2012-12-21 13:33 -------- d-----w- c:\users\KADIR\AppData\Local\temp
      2012-12-21 13:33 . 2012-12-21 13:33 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-12-21 13:17 . 2012-12-21 13:17 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69761218-56B9-4291-A6AE-4E3AF15A7C11}\offreg.dll
      2012-12-19 19:10 . 2012-12-19 19:10 -------- d-----w- C:\_OTL
      2012-12-15 13:22 . 2012-12-19 18:57 -------- d-----w- c:\users\KADIR\AppData\Roaming\Anvisoft
      2012-12-15 13:21 . 2012-12-15 13:21 -------- d-----w- c:\programdata\Anvisoft
      2012-12-15 13:21 . 2012-12-19 18:57 -------- d-----w- c:\program files\Anvisoft
      2012-12-15 12:03 . 2012-05-29 15:00 29024 ----a-w- c:\windows\system32\uxtuneup.dll
      2012-12-15 05:48 . 2012-12-15 05:48 -------- d-----w- c:\program files\VS Revo Group
      2012-12-13 13:43 . 2012-12-15 14:46 -------- d-----w- C:\_AT-Destroyer
      2012-12-13 12:40 . 2012-12-13 12:40 -------- d-----w- c:\users\KADIR\AppData\Local\VS Revo Group
      2012-12-13 10:04 . 2012-12-13 10:04 -------- d-----w- c:\users\KADIR\AppData\Roaming\Malwarebytes
      2012-12-13 10:03 . 2012-12-13 10:03 -------- d-----w- c:\programdata\Malwarebytes
      2012-12-13 10:03 . 2012-12-13 10:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-12-13 10:03 . 2012-09-29 18:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-12-13 09:50 . 2012-12-13 09:50 -------- d-----w- c:\users\KADIR\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      2012-12-13 09:50 . 2012-12-15 13:50 -------- d-----w- c:\program files\Adobe Download Assistant
      2012-12-13 09:50 . 2012-12-13 09:50 -------- d-----w- c:\program files\Common Files\Adobe AIR
      2012-12-13 09:18 . 2012-12-16 23:22 -------- d-----w- c:\program files\Common Files\Symantec Shared
      2012-12-13 09:13 . 2012-12-13 09:13 -------- d-----w- c:\programdata\Symantec
      2012-12-13 09:01 . 2012-12-16 23:16 -------- d-----w- c:\program files\Norton PC Checkup 3.0
      2012-12-13 08:02 . 2012-12-13 08:02 -------- d-----w- c:\windows\system32\Wat
      2012-12-11 10:51 . 2012-12-12 10:37 -------- d-----w- c:\users\KADIR\.smplayer
      2012-12-11 10:47 . 2012-12-11 10:47 -------- d-----w- c:\programdata\Intel
      2012-12-11 10:46 . 2012-12-11 10:46 -------- d-----w- c:\program files\Common Files\postureAgent
      2012-12-11 10:46 . 2000-01-01 00:00 55104 ----a-w- c:\windows\system32\drivers\HECI.sys
      2012-12-11 10:38 . 2012-12-11 10:39 -------- d-----w- c:\program files\SMPlayer
      2012-12-11 10:36 . 2012-12-11 10:38 -------- d-----w- c:\users\KADIR\AppData\Roaming\Fighters
      2012-12-11 10:36 . 2012-12-11 10:37 -------- d-----w- c:\program files\Fighters
      2012-12-11 10:36 . 2012-12-11 10:37 -------- d-----w- c:\programdata\Fighters
      2012-12-11 10:36 . 2012-12-11 10:36 -------- d-----w- c:\users\KADIR\AppData\Local\Shopping Sidekick
      2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\windows\system32\searchplugins
      2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\windows\system32\Extensions
      2012-12-11 10:35 . 2012-12-11 10:35 -------- d-----w- c:\users\KADIR\AppData\Roaming\BabSolution
      2012-12-11 09:14 . 2012-05-29 15:00 31584 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-12-11 09:14 . 2012-05-29 15:00 21344 ----a-w- c:\windows\system32\authuitu.dll
      2012-12-11 09:13 . 2012-12-15 12:03 -------- d-----w- c:\program files\TuneUp Utilities 2012
      2012-12-11 09:03 . 2012-12-11 09:03 -------- d-----w- c:\program files\CCleaner
      2012-12-11 08:51 . 2012-12-11 08:51 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard
      2012-12-11 04:27 . 2012-11-19 00:04 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{69761218-56B9-4291-A6AE-4E3AF15A7C11}\mpengine.dll
      2012-12-11 02:31 . 2012-12-11 02:31 -------- d-----w- c:\program files\Microsoft.NET
      2012-12-05 23:58 . 2012-12-11 10:53 -------- d-----w- c:\users\KADIR\AppData\Roaming\PCCUStubInstaller
      2012-12-04 21:33 . 2012-12-04 21:33 -------- d-----w- c:\programdata\PC Optimizer Pro
      2012-12-04 21:23 . 2012-12-05 14:39 -------- d-----w- c:\program files\PC Optimizer Pro
      2012-12-04 21:23 . 2012-12-04 21:23 -------- d-----w- c:\programdata\APN
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-12-15 13:08 . 2012-03-30 00:00 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-12-15 13:08 . 2012-03-30 00:00 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2012-10-18 17:57 . 2012-11-15 16:09 2344960 ----a-w- c:\windows\system32\win32k.sys
      2012-10-08 07:56 . 2012-11-15 16:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
      2012-10-08 07:48 . 2012-11-15 16:17 1129472 ----a-w- c:\windows\system32\wininet.dll
      2012-10-08 07:47 . 2012-11-15 16:17 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-10-08 07:44 . 2012-11-15 16:17 142848 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-10-08 07:43 . 2012-11-15 16:17 420864 ----a-w- c:\windows\system32\vbscript.dll
      2012-10-08 07:40 . 2012-11-15 16:17 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-09-25 21:55 . 2012-11-15 16:08 78336 ----a-w- c:\windows\system32\synceng.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Punti Reg Caricati ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Nota* i valori vuoti & legittimi/default non sono visualizzati.
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
      "IgfxTray"="c:\windows\system32\igfxtray.exe" [2000-01-01 145440]
      "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2000-01-01 180768]
      "Persistence"="c:\windows\system32\igfxpers.exe" [2000-01-01 189472]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CommonToolkitTray]
      2012-01-18 16:36 1452680 ----a-w- c:\program files\Fighters\Tray\FightersTray.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update]
      2012-12-12 03:25 138096 ----atw- c:\users\KADIR\AppData\Local\Facebook\Update\FacebookUpdate.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FDPRO-516]
      2012-05-10 12:11 832576 ----a-w- c:\program files\Fighters\FighterLauncher.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
      2012-07-13 11:33 17418928 ----a-r- c:\program files\Skype\Phone\Skype.exe
      .
      R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [x]
      R2 PCCUJobMgr;Common Client Job Manager Service;c:\program files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe [x]
      R2 ServUpdater;Serv Updater;c:\users\KADIR\AppData\Local\ServUpdater\ServiceUpd.exe [x]
      R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
      R2 SoftwareUpd;Software Upd;c:\users\KADIR\AppData\Local\SoftwareUpdater\SoftwareUpdService.exe [x]
      R3 Common Toolkit Tools;Common Toolkit Tools;c:\program files\Fighters\FULL-DISKfighter\Common Toolkit Tools.exe [x]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
      R3 WatAdminSvc;Servizio Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
      S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
      S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
      S2 Norton PC Checkup Application Launcher;Norton PC Checkup Application Launcher;c:\program files\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe [x]
      S2 Suite Service;Suite Service;c:\program files\Fighters\FighterSuiteService.exe [x]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe [x]
      S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
      S3 IntcDAud;Audio schermo Intel(R);c:\windows\system32\DRIVERS\IntcDAud.sys [x]
      S3 MEI;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [x]
      S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys [x]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
      S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [x]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys [x]
      .
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      .
      Contenuto della cartella 'Scheduled Tasks'
      .
      2012-12-20 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 13:08]
      .
      2012-12-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2433817375-573850760-1329335535-1000Core.job
      - c:\users\KADIR\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-13 03:25]
      .
      2012-12-20 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2433817375-573850760-1329335535-1000UA.job
      - c:\users\KADIR\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-13 03:25]
      .
      2012-12-21 c:\windows\Tasks\SlimDrivers Startup.job
      - c:\program files\SlimDrivers\SlimDrivers.exe [2012-07-25 10:57]
      .
      .
      ------- Scansione supplementare -------
      .
      uStart Page = Google
      mStart Page = Google
      uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
      IE: Free YouTube Download - c:\users\KADIR\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
      TCP: DhcpNameServer = 192.168.1.254
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\244524573796E6563737845726D2634313: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2445F40756E6A7F6E656: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\2456C6B696E6F5436303431323: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\44166596E6369623: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\4514C4B44514C4B4D2644463144344: NameServer = 176.31.229.24,176.31.229.25
      TCP: Interfaces\{A627222F-4402-439C-943F-A554724D4A50}\94E666F637472716461675966496: NameServer = 176.31.229.24,176.31.229.25
      .
      - - - - CHIAVI ORFANE RIMOSSE - - - -
      .
      AddRemove-ESET Online Scanner - c:\program files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
      "ImagePath"="\"c:\program files\Norton PC Checkup\Engine\2.0.17.20\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files\Norton PC Checkup\Engine\2.0.17.20\diMaster.dll\" /prefetch:1"
      .
      --------------------- CHIAVI DI REGISTRO BLOCCATE ---------------------
      .
      [HKEY_USERS\S-1-5-21-2433817375-573850760-1329335535-1000\Software\Microsoft\Internet Explorer\Approved Extensions]
      @DACL=(02 0000)
      "{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"=hex:51,66,7a,6c,4c,1d,3b,1b,98,47,3d,
      9d,81,c6,7e,09,a2,dc,eb,58,90,13,a3,e1
      "{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,3b,1b,74,c8,26,
      8a,36,17,d1,00,91,c0,16,24,73,4c,25,d2
      "{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,27,3b,
      57,8a,32,14,0d,8f,f9,ba,9b,00,71,3f,61
      "{D0F4A166-B8D4-48B8-9D63-80849FE137CB}"=hex:51,66,7a,6c,4c,1d,3b,1b,76,bd,e2,
      ca,e0,e3,d6,02,82,6f,c7,c4,9a,a5,71,df
      "{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,84,9e,
      82,19,1f,b3,03,86,db,9b,c6,6e,ac,3b,a8
      "{9FDDE16B-836F-4806-AB1F-1455CBEFF289}"=hex:51,66,7a,6c,4c,1d,3b,1b,7b,fd,cb,
      85,5b,d8,68,02,b4,13,53,15,ce,ab,b4,9d
      "{8E5E2654-AD2D-48BF-AC2D-D17F00898D06}"=hex:51,66,7a,6c,4c,1d,3b,1b,44,3a,48,
      94,19,f6,d1,02,b3,21,96,3f,05,cd,cb,12
      "{2EECD738-5844-4A99-B4B6-146BF802613B}"=hex:51,66,7a,6c,4c,1d,3b,1b,28,cb,fa,
      34,70,03,f7,00,ab,ba,53,2b,fd,46,27,2f
      "{D4027C7F-154A-4066-A1AD-4243D8127440}"=hex:51,66,7a,6c,4c,1d,3b,1b,6f,60,14,
      ce,7e,4e,08,0a,be,a1,05,03,dd,56,32,54
      "{11111111-1111-1111-1111-110011501158}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0d,07,
      0b,25,4a,7f,5b,0e,1d,56,40,14,14,57,4c
      "{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,3b,1b,0e,1a,64,
      e7,ea,c4,23,02,ba,86,4c,eb,44,15,8c,cc
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Ora fine scansione: 2012-12-21 14:34:18
      ComboFix-quarantined-files.txt 2012-12-21 13:34
      .
      Pre-Run: 461.194.522.624 byte disponibili
      Post-Run: 460.734.107.648 byte disponibili
      .
      - - End Of File - - 22479A81A485942E4C86296F5FFE71E0

    4. #34
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola:


      Realiza lo siguiente:


      • Descargue Malwarebytes Anti-Rootkit Beta.zip y descomprima el contenido en su escritorio.
        1. Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
        2. En la interfaz del programa haga clic en Next.
        3. Haga clic en el botón Update. Terminando clic en Next
        4. Para iniciar el análisis clic en el botón Scan
        5. Terminando, si hay infección clic en CleanUp, si no hay clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt y system-log.txt, copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados


      el malwarebytes sigue sacando el mismo aviso
      Toma una imagen y la subes en tu próxima respuesta >>> ¿Cómo subir imágenes al Foro? *TUTORIAL*


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #35
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola SanMar:

      Hice lo que me dijiste y el programa no encontro nada. Sin embargo sigue pasando lo mismo con el malwarebytes e internet. Aqui te pongo los dos logs como me dijiste y la captura. Muchas gracias !!!

      Malwarebytes Anti-Rootkit 1.01.0.1011
      Malwarebytes : Free anti-malware download

      Database version: v2012.12.23.06

      Windows 7 x86 NTFS
      Internet Explorer 9.0.8112.16421
      KADIR :: KADIR-PC [administrator]

      23/12/2012 19:13:28
      mbar-log-2012-12-23 (19-13-28).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
      Scan options disabled:
      Objects scanned: 26784
      Time elapsed: 10 minute(s), 9 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)

    6. #36
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Este es el otro:


      Malwarebytes Anti-Rootkit BETA 1.01.0.1011

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7600 Windows 7 x86

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 2.195000 GHz
      Memory total: 3168649216, free: 2127142912

      ------------ Kernel report ------------
      12/23/2012 19:00:02
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntkrnlpa.exe
      \SystemRoot\system32\halmacpi.dll
      \SystemRoot\system32\kdcom.dll
      \SystemRoot\system32\mcupdate_GenuineIntel.dll
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\BOOTVID.dll
      \SystemRoot\system32\CLFS.SYS
      \SystemRoot\system32\CI.dll
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\system32\DRIVERS\ACPI.sys
      \SystemRoot\system32\DRIVERS\WMILIB.SYS
      \SystemRoot\system32\DRIVERS\msisadrv.sys
      \SystemRoot\system32\DRIVERS\pci.sys
      \SystemRoot\system32\DRIVERS\vdrvroot.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\system32\DRIVERS\compbatt.sys
      \SystemRoot\system32\DRIVERS\BATTC.SYS
      \SystemRoot\system32\DRIVERS\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\system32\DRIVERS\atapi.sys
      \SystemRoot\system32\DRIVERS\ataport.SYS
      \SystemRoot\system32\DRIVERS\msahci.sys
      \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
      \SystemRoot\system32\DRIVERS\amdxata.sys
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\system32\drivers\fileinfo.sys
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\msrpc.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\DRIVERS\vmstorfl.sys
      \SystemRoot\system32\DRIVERS\wd.sys
      \SystemRoot\system32\DRIVERS\volsnap.sys
      \SystemRoot\System32\Drivers\spldr.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\hwpolicy.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\system32\DRIVERS\disk.sys
      \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\System32\Drivers\aswSnx.SYS
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\drivers\VIDEOPRT.SYS
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\system32\drivers\rdpencdd.sys
      \SystemRoot\system32\drivers\rdprefmp.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\System32\Drivers\aswTdi.SYS
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\system32\DRIVERS\CmBatt.sys
      \SystemRoot\System32\Drivers\aswrdr2.sys
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\drivers\ws2ifsl.sys
      \SystemRoot\system32\DRIVERS\wfplwf.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\DRIVERS\termdd.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\system32\DRIVERS\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\system32\drivers\csc.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\DRIVERS\blbdrive.sys
      \SystemRoot\System32\Drivers\aswSP.SYS
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\system32\DRIVERS\igdkmd32.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\system32\DRIVERS\HECI.sys
      \SystemRoot\system32\DRIVERS\usbehci.sys
      \SystemRoot\system32\DRIVERS\USBPORT.SYS
      \SystemRoot\system32\DRIVERS\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\athr.sys
      \SystemRoot\system32\DRIVERS\vwifibus.sys
      \SystemRoot\system32\DRIVERS\RtsPStor.sys
      \SystemRoot\system32\DRIVERS\Rt86win7.sys
      \SystemRoot\system32\DRIVERS\SFEP.sys
      \SystemRoot\system32\DRIVERS\i8042prt.sys
      \SystemRoot\system32\DRIVERS\kbdclass.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\intelppm.sys
      \SystemRoot\system32\DRIVERS\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\DRIVERS\rdpbus.sys
      \SystemRoot\system32\DRIVERS\swenum.sys
      \SystemRoot\system32\DRIVERS\ks.sys
      \SystemRoot\system32\DRIVERS\umbus.sys
      \SystemRoot\system32\DRIVERS\usbhub.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\drivers\HdAudio.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\DRIVERS\IntcDAud.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\Drivers\dump_dumpata.sys
      \SystemRoot\System32\Drivers\dump_msahci.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\system32\DRIVERS\monitor.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\system32\DRIVERS\usbccgp.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\System32\cdd.dll
      \SystemRoot\System32\Drivers\usbvideo.sys
      \SystemRoot\system32\drivers\luafv.sys
      \??\C:\Windows\system32\drivers\aswMonFlt.sys
      \??\C:\Windows\system32\drivers\mbam.sys
      \SystemRoot\System32\Drivers\aswFsBlk.SYS
      \SystemRoot\system32\drivers\WudfPf.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\vwifimp.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \SystemRoot\system32\drivers\peauth.sys
      \SystemRoot\System32\Drivers\secdrv.SYS
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
      \SystemRoot\system32\DRIVERS\hidusb.sys
      \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      \SystemRoot\system32\DRIVERS\mouhid.sys
      \??\C:\Windows\system32\drivers\mbamchameleon.sys
      \??\C:\Windows\system32\drivers\mbamswissarmy.sys
      \Windows\System32\ntdll.dll
      \Windows\System32\smss.exe
      \Windows\System32\apisetschema.dll
      \Windows\System32\autochk.exe
      \Windows\System32\msvcrt.dll
      \Windows\System32\usp10.dll
      \Windows\System32\clbcatq.dll
      \Windows\System32\ole32.dll
      \Windows\System32\gdi32.dll
      \Windows\System32\setupapi.dll
      \Windows\System32\imagehlp.dll
      \Windows\System32\shell32.dll
      \Windows\System32\comdlg32.dll
      \Windows\System32\normaliz.dll
      \Windows\System32\Wldap32.dll
      \Windows\System32\advapi32.dll
      \Windows\System32\lpk.dll
      \Windows\System32\shlwapi.dll
      \Windows\System32\wininet.dll
      \Windows\System32\difxapi.dll
      \Windows\System32\msctf.dll
      \Windows\System32\rpcrt4.dll
      \Windows\System32\imm32.dll
      \Windows\System32\iertutil.dll
      \Windows\System32\kernel32.dll
      \Windows\System32\psapi.dll
      \Windows\System32\sechost.dll
      \Windows\System32\nsi.dll
      \Windows\System32\oleaut32.dll
      \Windows\System32\urlmon.dll
      \Windows\System32\user32.dll
      \Windows\System32\ws2_32.dll
      \Windows\System32\comctl32.dll
      \Windows\System32\wintrust.dll
      \Windows\System32\KernelBase.dll
      \Windows\System32\crypt32.dll
      \Windows\System32\devobj.dll
      \Windows\System32\cfgmgr32.dll
      \Windows\System32\msasn1.dll
      ----------- End -----------
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xffffffff861d9a90
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
      Lower Device Object: 0xffffffff86069908
      Lower Device Driver Name: \Driver\atapi\
      Driver name found: atapi
      DriverEntry returned 0x0
      Function returned 0x0
      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1011

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7600 Windows 7 x86

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED
      CPU speed: 2.195000 GHz
      Memory total: 3168649216, free: 2120327168

      ------------ Kernel report ------------
      12/23/2012 19:00:20
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntkrnlpa.exe
      \SystemRoot\system32\halmacpi.dll
      \SystemRoot\system32\kdcom.dll
      \SystemRoot\system32\mcupdate_GenuineIntel.dll
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\BOOTVID.dll
      \SystemRoot\system32\CLFS.SYS
      \SystemRoot\system32\CI.dll
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\system32\DRIVERS\ACPI.sys
      \SystemRoot\system32\DRIVERS\WMILIB.SYS
      \SystemRoot\system32\DRIVERS\msisadrv.sys
      \SystemRoot\system32\DRIVERS\pci.sys
      \SystemRoot\system32\DRIVERS\vdrvroot.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\system32\DRIVERS\compbatt.sys
      \SystemRoot\system32\DRIVERS\BATTC.SYS
      \SystemRoot\system32\DRIVERS\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\system32\DRIVERS\atapi.sys
      \SystemRoot\system32\DRIVERS\ataport.SYS
      \SystemRoot\system32\DRIVERS\msahci.sys
      \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
      \SystemRoot\system32\DRIVERS\amdxata.sys
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\system32\drivers\fileinfo.sys
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\msrpc.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\DRIVERS\vmstorfl.sys
      \SystemRoot\system32\DRIVERS\wd.sys
      \SystemRoot\system32\DRIVERS\volsnap.sys
      \SystemRoot\System32\Drivers\spldr.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\hwpolicy.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\system32\DRIVERS\disk.sys
      \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\System32\Drivers\aswSnx.SYS
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\drivers\VIDEOPRT.SYS
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\system32\drivers\rdpencdd.sys
      \SystemRoot\system32\drivers\rdprefmp.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\System32\Drivers\aswTdi.SYS
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\system32\DRIVERS\CmBatt.sys
      \SystemRoot\System32\Drivers\aswrdr2.sys
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\drivers\ws2ifsl.sys
      \SystemRoot\system32\DRIVERS\wfplwf.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\DRIVERS\termdd.sys
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\system32\DRIVERS\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\system32\drivers\csc.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\DRIVERS\blbdrive.sys
      \SystemRoot\System32\Drivers\aswSP.SYS
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\system32\DRIVERS\igdkmd32.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\system32\DRIVERS\HECI.sys
      \SystemRoot\system32\DRIVERS\usbehci.sys
      \SystemRoot\system32\DRIVERS\USBPORT.SYS
      \SystemRoot\system32\DRIVERS\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\athr.sys
      \SystemRoot\system32\DRIVERS\vwifibus.sys
      \SystemRoot\system32\DRIVERS\RtsPStor.sys
      \SystemRoot\system32\DRIVERS\Rt86win7.sys
      \SystemRoot\system32\DRIVERS\SFEP.sys
      \SystemRoot\system32\DRIVERS\i8042prt.sys
      \SystemRoot\system32\DRIVERS\kbdclass.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\intelppm.sys
      \SystemRoot\system32\DRIVERS\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\DRIVERS\rdpbus.sys
      \SystemRoot\system32\DRIVERS\swenum.sys
      \SystemRoot\system32\DRIVERS\ks.sys
      \SystemRoot\system32\DRIVERS\umbus.sys
      \SystemRoot\system32\DRIVERS\usbhub.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\drivers\HdAudio.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\DRIVERS\IntcDAud.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\Drivers\dump_dumpata.sys
      \SystemRoot\System32\Drivers\dump_msahci.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\system32\DRIVERS\monitor.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\system32\DRIVERS\usbccgp.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\System32\cdd.dll
      \SystemRoot\System32\Drivers\usbvideo.sys
      \SystemRoot\system32\drivers\luafv.sys
      \??\C:\Windows\system32\drivers\aswMonFlt.sys
      \??\C:\Windows\system32\drivers\mbam.sys
      \SystemRoot\System32\Drivers\aswFsBlk.SYS
      \SystemRoot\system32\drivers\WudfPf.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\vwifimp.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \SystemRoot\system32\drivers\peauth.sys
      \SystemRoot\System32\Drivers\secdrv.SYS
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \??\C:\Program Files\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
      \SystemRoot\system32\DRIVERS\hidusb.sys
      \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
      \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
      \SystemRoot\system32\DRIVERS\mouhid.sys
      \??\C:\Windows\system32\drivers\mbamchameleon.sys
      \??\C:\Windows\system32\drivers\mbamswissarmy.sys
      \Windows\System32\ntdll.dll
      \Windows\System32\smss.exe
      \Windows\System32\apisetschema.dll
      \Windows\System32\autochk.exe
      \Windows\System32\msvcrt.dll
      \Windows\System32\usp10.dll
      \Windows\System32\clbcatq.dll
      \Windows\System32\ole32.dll
      \Windows\System32\gdi32.dll
      \Windows\System32\setupapi.dll
      \Windows\System32\imagehlp.dll
      \Windows\System32\shell32.dll
      \Windows\System32\comdlg32.dll
      \Windows\System32\normaliz.dll
      \Windows\System32\Wldap32.dll
      \Windows\System32\advapi32.dll
      \Windows\System32\lpk.dll
      \Windows\System32\shlwapi.dll
      \Windows\System32\wininet.dll
      \Windows\System32\difxapi.dll
      \Windows\System32\msctf.dll
      \Windows\System32\rpcrt4.dll
      \Windows\System32\imm32.dll
      \Windows\System32\iertutil.dll
      \Windows\System32\kernel32.dll
      \Windows\System32\psapi.dll
      \Windows\System32\sechost.dll
      \Windows\System32\nsi.dll
      \Windows\System32\oleaut32.dll
      \Windows\System32\urlmon.dll
      \Windows\System32\user32.dll
      \Windows\System32\ws2_32.dll
      \Windows\System32\comctl32.dll
      \Windows\System32\wintrust.dll
      \Windows\System32\KernelBase.dll
      \Windows\System32\crypt32.dll
      \Windows\System32\devobj.dll
      \Windows\System32\cfgmgr32.dll
      \Windows\System32\msasn1.dll
      ----------- End -----------
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xffffffff861d9a90
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
      Lower Device Object: 0xffffffff86069908
      Lower Device Driver Name: \Driver\atapi\
      Device already Exists: 0xffffffff8585a4d0
      Downloaded database version: v2012.12.23.06
      Initializing...
      Done!
      <<<2>>>
      Device number: 0, partition: 2
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xffffffff861d9a90, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xffffffff861d96c8, DeviceName: Unknown, DriverName: \Driver\partmgr\
      DevicePointer: 0xffffffff861d9a90, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xffffffff86069908, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
      ------------ End ----------
      Upper DeviceData: 0xffffffffb4ab0590, 0xffffffff861d9a90, 0xffffffff85765ac8
      Lower DeviceData: 0xffffffffb4be6420, 0xffffffff86069908, 0xffffffff8585a4d0
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning directory: C:\Windows\system32\drivers...
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: CA9F9713

      Partition information:

      Partition 0 type is Primary (0x7)
      Partition is ACTIVE.
      Partition starts at LBA: 2048 Numsec = 204800
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Primary (0x7)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 206848 Numsec = 976564224

      Partition 2 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 500107862016 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
      Done!
      Performing system, memory and registry scan...
      Done!
      Scan finished
      =======================================


      Y aqui la imagen con uno de los tantos avisos que me salen seguidos en el malwarebytes:


    7. #37
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola:


      Ese comportamiento es normal en Malwarebytes de Pago si te molestan puedes desactivar el Modulo Protección.


      Ello no indica que tu equipo tenga infección.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #38
      Usuario Avatar de petimuky
      Registrado
      jun 2008
      Ubicación
      Espana
      Mensajes
      53

      Re: Mi portatil está infectado y no se como eliminar los virus :(

      Hola SanMar,

      Gracias por tu respuesta. Entonces desactivo el módulo de protección :)

      Otra cosa, volví a instalar el google chrome y de nuevo se auto instalan las toolbars esas dichosas llamadas FLV Runner. Sabes si puedo hacer algo para eliminarlas ?? O directamente desistalo el chrome y pongo mozilla a ver si pasa ??

      Un saludo!

    Página 4 de 4 PrimeroPrimero 1234