• Registrarse
  • Iniciar sesión


  • Resultados 1 al 10 de 10

    Virus en portatil

    Esta semana se ha presentado un virus en mi laptop el cual ha arruinado en parte el sonido(a veces suena como distorsionado suena en tiempos cualquiera) y aparte de ello en facebook al momento de ...

    1. #1
      Usuario Avatar de Darkami23
      Registrado
      feb 2013
      Ubicación
      PERU
      Mensajes
      5

      Virus en portatil

      Esta semana se ha presentado un virus en mi laptop el cual ha arruinado en parte el sonido(a veces suena como distorsionado suena en tiempos cualquiera) y aparte de ello en facebook al momento de hablar con una persona sale Hoy cada vez que pongo algo . Por ejemplo
      Hoy:
      yo: hola
      (un segundo despues)
      hoy:
      yo: que tal


      Y sigue asi sucesivamente cada vez que envio un mensaje . Gracias por su atencion!
      Última edición por Darkami23 fecha: 26/02/13 a las 22:14:57

    2. #2
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Virus en portatil

      Hola Darkami23:

      al Foro.

      Consejos para antes de publicar un nuevo mensaje

      Políticas del Foro de InfoSpyware

      Políticas Foro Oficial de HijackThis en español
      --------------------------------------------------


      Realiza lo siguiente:

      Paso 1.- : Desactiva temporalmente el Antivirus y/o Antispyware

      Paso 2.-: Descarga Malwarebytes Anti-Rootkit Beta y descomprima el contenido en su escritorio.


      1. Abra la carpeta Mbar. Doble clic en el archivo Mbar.exe
      2. En la interfaz del programa haga clic en Next.
      3. Haga clic en el botón Update. Terminando clic en Next
      4. Para iniciar el análisis clic en el botón Scan
      5. Terminando, si hay infección clic en CleanUp, si no hay clic en Exit.


      Al finalizar abra la carpeta Mbar, los archivos mbar-log.txt y system-log.txt, copie y pegue todo su contenido en la siguiente respuesta y comentando los resultados.



      Paso 3.-: Luego de reiniciar descarga la herramienta ComboFix.exe y guárdala en el escritorio.


      • Desactiva nuevamente el Antivirus y/o Antispyware


        Si te pide actualizar "Aceptas".
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.







      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Darkami23
      Registrado
      feb 2013
      Ubicación
      PERU
      Mensajes
      5

      Re: Virus en portatil

      Este es el reporte del combofix!
      ComboFix 13-02-26.01 - Jose 28-Feb-13 20:39:11.2.4 - x64
      Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5609.3800 [GMT -5:00]
      Running from: c:\users\Jose\Downloads\ComboFix.exe
      AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
      FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
      SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2013-02-01 to 2013-03-01 )))))))))))))))))))))))))))))))
      .
      .
      2013-03-01 01:44 . 2013-03-01 01:44 -------- d-----w- c:\users\Default\AppData\Local\temp
      2013-02-28 15:32 . 2013-02-28 15:32 -------- d-----w- c:\users\Public\TOSHIBA
      2013-02-26 22:45 . 2013-02-05 03:49 70004024 ----a-w- c:\windows\system32\MRT.exe
      2013-02-26 22:41 . 2013-01-13 19:53 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
      2013-02-26 22:41 . 2013-01-13 19:24 221184 ----a-w- c:\windows\system32\UIAnimation.dll
      2013-02-26 22:41 . 2013-01-04 06:11 2284544 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
      2013-02-26 22:41 . 2013-01-04 06:11 2776576 ----a-w- c:\windows\system32\msmpeg2vdec.dll
      2013-02-26 01:58 . 2013-02-26 01:58 -------- d-----w- C:\TDSSKiller_Quarantine
      2013-02-26 01:37 . 2013-02-26 01:37 -------- d-----w- c:\users\Jose\AppData\Local\ElevatedDiagnostics
      2013-02-26 00:39 . 2013-02-26 00:39 -------- d-----w- c:\program files (x86)\ESET
      2013-02-24 03:28 . 2013-02-24 03:28 -------- d-----w- c:\users\Jose\AppData\Local\Macromedia
      2013-02-24 03:26 . 2013-02-24 03:26 -------- d-----w- c:\users\Jose\AppData\Local\Mozilla
      2013-02-24 03:25 . 2013-02-24 03:25 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
      2013-02-23 15:56 . 2013-02-23 15:56 -------- d-----w- c:\users\Jose\AppData\Roaming\Malwarebytes
      2013-02-23 15:51 . 2013-02-23 15:51 -------- d-----w- c:\programdata\Malwarebytes
      2013-02-23 15:51 . 2012-12-14 21:49 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
      2013-02-23 15:51 . 2013-02-23 15:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
      2013-02-22 15:54 . 2013-02-22 15:54 -------- d-----w- c:\program files (x86)\Grinding Gear Games
      2013-02-21 08:39 . 2013-02-21 08:38 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
      2013-02-21 08:39 . 2013-02-21 08:38 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
      2013-02-19 17:46 . 2013-02-19 17:46 -------- d--h--w- c:\programdata\CanonBJ
      2013-02-19 17:46 . 2009-07-14 01:40 84992 ----a-w- c:\windows\system32\Spool\prtprocs\x64\CNBPP4.DLL
      2013-02-19 15:33 . 2013-02-19 15:33 -------- d-----w- C:\Webzen
      2013-02-17 08:53 . 2013-02-17 08:53 -------- d-----w- c:\program files (x86)\MSXML 4.0
      2013-02-17 08:48 . 2013-01-09 01:10 996352 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-17 08:48 . 2013-01-08 22:01 768000 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
      2013-02-17 08:00 . 2013-01-09 01:48 17812992 ----a-w- c:\windows\system32\mshtml.dll
      2013-02-17 08:00 . 2013-01-09 01:22 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2013-02-17 02:51 . 2013-01-05 05:53 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-02-17 02:51 . 2013-01-05 05:00 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
      2013-02-17 02:50 . 2013-01-05 05:00 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
      2013-02-17 02:50 . 2013-01-04 03:26 3153408 ----a-w- c:\windows\system32\win32k.sys
      2013-02-17 02:50 . 2013-01-04 05:46 215040 ----a-w- c:\windows\system32\winsrv.dll
      2013-02-17 02:50 . 2013-01-04 04:51 5120 ----a-w- c:\windows\SysWow64\wow32.dll
      2013-02-17 02:50 . 2013-01-04 02:47 25600 ----a-w- c:\windows\SysWow64\setup16.exe
      2013-02-17 02:50 . 2013-01-04 02:47 7680 ----a-w- c:\windows\SysWow64\instnm.exe
      2013-02-17 02:50 . 2013-01-04 02:47 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
      2013-02-17 02:50 . 2013-01-04 02:47 2048 ----a-w- c:\windows\SysWow64\user.exe
      2013-02-17 02:50 . 2013-01-03 06:00 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2013-02-17 02:50 . 2013-01-03 06:00 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2013-02-16 18:32 . 2013-02-24 07:59 -------- d-----w- c:\programdata\VirtualizedApplications
      2013-02-16 16:28 . 2013-02-16 16:28 -------- d-----r- C:\MSOCache
      2013-02-16 16:21 . 2013-02-16 16:21 -------- d-----w- c:\users\Jose\AppData\Local\SoftGrid Client
      2013-02-16 16:21 . 2013-03-01 00:10 -------- d-----w- c:\users\Jose\AppData\Roaming\SoftGrid Client
      2013-02-16 16:19 . 2013-02-16 16:19 -------- d-----w- c:\program files\Microsoft Office
      2013-02-16 16:19 . 2013-02-17 08:33 -------- d-----w- c:\program files (x86)\Microsoft Application Virtualization Client
      2013-02-16 16:18 . 2013-02-16 16:22 -------- d-----w- c:\users\Jose\AppData\Roaming\TP
      2013-02-16 04:00 . 2013-03-01 01:18 -------- d-----w- c:\users\Jose\AppData\Local\PMB Files
      2013-02-16 03:59 . 2013-02-16 04:00 -------- d-----w- c:\programdata\PMB Files
      2013-02-16 03:58 . 2013-02-16 03:58 -------- d-----w- c:\program files (x86)\Pando Networks
      2013-02-16 03:58 . 2013-02-16 03:58 -------- d-----w- c:\users\Jose\.swt
      2013-02-16 03:53 . 2013-02-27 15:03 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
      2013-02-16 03:53 . 2013-02-16 05:15 -------- d-----w- c:\programdata\Blizzard Entertainment
      2013-02-16 03:50 . 2013-02-16 03:51 -------- d-----w- c:\programdata\Battle.net
      2013-02-16 00:57 . 2013-02-16 00:57 -------- d-----w- c:\users\Jose\AppData\Roaming\OBS
      2013-02-16 00:57 . 2013-02-20 02:07 -------- d-----w- c:\program files (x86)\OBS
      2013-02-12 22:40 . 2013-02-12 22:40 -------- d-----w- c:\users\Jose\AppData\Roaming\Tific
      2013-02-06 23:27 . 2013-02-26 01:33 -------- d-----w- c:\users\Jose\AppData\Local\CrashDumps
      2013-02-06 23:22 . 2013-02-06 23:22 -------- d-----w- c:\program files\WinRAR
      2013-02-06 23:22 . 2013-02-06 23:22 466456 ----a-w- c:\windows\system32\wrap_oal.dll
      2013-02-06 23:22 . 2013-02-06 23:22 444952 ----a-w- c:\windows\SysWow64\wrap_oal.dll
      2013-02-06 23:22 . 2013-02-06 23:22 122904 ----a-w- c:\windows\system32\OpenAL32.dll
      2013-02-06 23:22 . 2013-02-06 23:22 109080 ----a-w- c:\windows\SysWow64\OpenAL32.dll
      2013-02-06 23:22 . 2013-02-06 23:22 -------- d-----w- c:\program files (x86)\OpenAL
      2013-02-06 23:21 . 2013-02-06 23:21 -------- d-----w- c:\users\Jose\AppData\Local\Programs
      2013-02-05 23:22 . 2013-02-08 15:21 -------- d-----w- c:\windows\system32\drivers\NISx64\1309010.00E
      2013-02-05 21:41 . 2013-02-05 21:41 -------- d-----w- c:\users\Jose\AppData\Local\TERA
      2013-02-04 16:28 . 2013-02-04 16:28 -------- d-----w- c:\program files (x86)\Microsoft.NET
      2013-02-03 22:22 . 2013-02-03 22:23 -------- d-----w- c:\program files\CCleaner
      2013-02-02 22:41 . 2013-02-02 22:41 -------- d-----w- c:\users\Jose\AppData\Roaming\SUPERAntiSpyware.com
      2013-02-02 22:41 . 2013-02-02 22:41 -------- d-----w- c:\program files\SUPERAntiSpyware
      2013-02-02 22:41 . 2013-02-02 22:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
      2013-01-31 05:05 . 2013-01-31 05:05 -------- d-----w- c:\programdata\McAfee
      2013-01-31 05:04 . 2013-02-08 00:39 697712 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2013-01-31 05:04 . 2013-01-31 05:04 -------- d-----w- c:\windows\system32\Macromed
      2013-01-30 21:07 . 2013-01-30 21:07 -------- d-----w- c:\users\Jose\AppData\Roaming\WildTangent
      2013-01-30 20:42 . 2013-02-05 21:42 -------- d-----w- c:\programdata\HappyCloud
      2013-01-30 20:37 . 2013-01-30 20:42 -------- d-----w- c:\program files (x86)\TERA
      2013-01-30 18:49 . 2013-01-30 18:49 -------- d-----w- c:\windows\SysWow64\Wat
      2013-01-30 18:49 . 2013-01-30 18:49 -------- d-----w- c:\windows\system32\Wat
      2013-01-30 16:22 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
      2013-01-30 16:22 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
      2013-01-30 16:22 . 2012-07-26 04:47 2560 ----a-w- c:\windows\system32\drivers\en-US\wdf01000.sys.mui
      2013-01-30 16:22 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
      2013-01-30 16:10 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
      2013-01-30 16:10 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
      2013-01-30 16:10 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
      2013-01-30 16:10 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
      2013-01-30 16:09 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
      2013-01-30 16:09 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
      2013-01-30 16:09 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
      2013-01-30 16:09 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
      2013-01-30 16:09 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
      2013-01-30 16:09 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
      2013-01-30 16:09 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
      2013-01-30 16:07 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
      2013-01-30 16:07 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
      2013-01-30 16:07 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
      2013-01-30 16:07 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
      2013-01-30 16:07 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2013-02-21 08:38 . 2011-11-23 07:00 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2013-02-08 00:39 . 2011-11-23 07:00 74096 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2013-01-30 18:52 . 2011-03-29 02:36 19696 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
      2013-01-29 18:54 . 2013-01-29 18:54 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
      2013-01-29 18:41 . 2013-01-29 10:07 175736 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
      2013-01-29 09:32 . 2013-01-29 09:33 20592 ----a-w- c:\windows\system32\drivers\CeKbFilter.sys
      2013-01-04 04:43 . 2013-02-17 02:50 44032 ----a-w- c:\windows\apppatch\acwow64.dll
      2012-12-07 13:20 . 2013-01-29 13:17 441856 ----a-w- c:\windows\system32\Wpc.dll
      2012-12-07 13:15 . 2013-01-29 13:17 2746368 ----a-w- c:\windows\system32\gameux.dll
      2012-12-07 12:26 . 2013-01-29 13:17 308736 ----a-w- c:\windows\SysWow64\Wpc.dll
      2012-12-07 12:20 . 2013-01-29 13:17 2576384 ----a-w- c:\windows\SysWow64\gameux.dll
      2012-12-07 11:20 . 2013-01-29 13:17 30720 ----a-w- c:\windows\system32\usk.rs
      2012-12-07 11:20 . 2013-01-29 13:17 43520 ----a-w- c:\windows\system32\csrr.rs
      2012-12-07 11:20 . 2013-01-29 13:17 23552 ----a-w- c:\windows\system32\oflc.rs
      2012-12-07 11:20 . 2013-01-29 13:17 45568 ----a-w- c:\windows\system32\oflc-nz.rs
      2012-12-07 11:20 . 2013-01-29 13:17 44544 ----a-w- c:\windows\system32\pegibbfc.rs
      2012-12-07 11:20 . 2013-01-29 13:17 20480 ----a-w- c:\windows\system32\pegi-fi.rs
      2012-12-07 11:20 . 2013-01-29 13:17 20480 ----a-w- c:\windows\system32\pegi-pt.rs
      2012-12-07 11:19 . 2013-01-29 13:17 20480 ----a-w- c:\windows\system32\pegi.rs
      2012-12-07 11:19 . 2013-01-29 13:17 46592 ----a-w- c:\windows\system32\fpb.rs
      2012-12-07 11:19 . 2013-01-29 13:17 40960 ----a-w- c:\windows\system32\cob-au.rs
      2012-12-07 11:19 . 2013-01-29 13:17 21504 ----a-w- c:\windows\system32\grb.rs
      2012-12-07 11:19 . 2013-01-29 13:17 15360 ----a-w- c:\windows\system32\djctq.rs
      2012-12-07 11:19 . 2013-01-29 13:17 55296 ----a-w- c:\windows\system32\cero.rs
      2012-12-07 11:19 . 2013-01-29 13:17 51712 ----a-w- c:\windows\system32\esrb.rs
      2012-12-07 10:46 . 2013-01-29 13:17 43520 ----a-w- c:\windows\SysWow64\csrr.rs
      2012-12-07 10:46 . 2013-01-29 13:17 30720 ----a-w- c:\windows\SysWow64\usk.rs
      2012-12-07 10:46 . 2013-01-29 13:17 45568 ----a-w- c:\windows\SysWow64\oflc-nz.rs
      2012-12-07 10:46 . 2013-01-29 13:17 44544 ----a-w- c:\windows\SysWow64\pegibbfc.rs
      2012-12-07 10:46 . 2013-01-29 13:17 20480 ----a-w- c:\windows\SysWow64\pegi-pt.rs
      2012-12-07 10:46 . 2013-01-29 13:17 23552 ----a-w- c:\windows\SysWow64\oflc.rs
      2012-12-07 10:46 . 2013-01-29 13:17 20480 ----a-w- c:\windows\SysWow64\pegi-fi.rs
      2012-12-07 10:46 . 2013-01-29 13:17 46592 ----a-w- c:\windows\SysWow64\fpb.rs
      2012-12-07 10:46 . 2013-01-29 13:17 20480 ----a-w- c:\windows\SysWow64\pegi.rs
      2012-12-07 10:46 . 2013-01-29 13:17 21504 ----a-w- c:\windows\SysWow64\grb.rs
      2012-12-07 10:46 . 2013-01-29 13:17 40960 ----a-w- c:\windows\SysWow64\cob-au.rs
      2012-12-07 10:46 . 2013-01-29 13:17 15360 ----a-w- c:\windows\SysWow64\djctq.rs
      2012-12-07 10:46 . 2013-01-29 13:17 55296 ----a-w- c:\windows\SysWow64\cero.rs
      2012-12-07 10:46 . 2013-01-29 13:17 51712 ----a-w- c:\windows\SysWow64\esrb.rs
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Steam"="c:\program files (x86)\Steam\steam.exe" [2013-02-25 1602984]
      "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-01-08 18705664]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2013-01-29 39408]
      "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 5629312]
      "Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2013-02-16 3093624]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-11-11 343168]
      "SVPWUTIL"="c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe" [2011-03-10 532480]
      "HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2011-03-10 423936]
      "KeNotify"="c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe" [2010-08-16 34160]
      "ITSecMng"="c:\program files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336]
      "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2011-07-12 1298816]
      "NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2011-06-22 3218864]
      "ToshibaAppPlace"="c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
      R3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys [2010-10-18 42096]
      R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
      R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
      R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2011-05-03 175192]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
      R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
      R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-30 1255736]
      R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
      S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys [2011-04-15 79488]
      S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys [2011-04-15 40064]
      S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [2011-03-24 36992]
      S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [2009-06-30 14784]
      S0 tos_sps64;TOSHIBA tos_sps64 Service;c:\windows\system32\DRIVERS\tos_sps64.sys [2011-06-10 482384]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
      S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-11 204288]
      S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
      S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
      S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
      S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [2012-06-16 138272]
      S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [2011-07-19 123320]
      S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [2011-07-19 126392]
      S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-17 14112]
      S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
      S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]
      S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [2009-06-20 14472]
      S3 amdhub30;AMD USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\amdhub30.sys [2011-03-18 87168]
      S3 amdxhc;AMD USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\amdxhc.sys [2011-03-18 188544]
      S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2010-11-17 115216]
      S3 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-01-16 1388120]
      S3 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [2012-06-07 167072]
      S3 CeKbFilter;CeKbFilter;c:\windows\system32\DRIVERS\CeKbFilter.sys [2013-01-29 20592]
      S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-01-29 138912]
      S3 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130227.001\IDSvia64.sys [2013-01-27 513184]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
      S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [2011-02-09 38096]
      S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-01-14 413800]
      S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
      S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
      S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
      S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
      S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
      S3 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [2011-07-25 451192]
      S3 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [2012-05-22 1129120]
      S3 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [2012-04-18 190072]
      S3 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [2012-04-18 405624]
      S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-12 57216]
      S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-10 138152]
      S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
      2013-02-23 16:10 1629648 ----a-w- c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2013-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
      - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-31 00:39]
      .
      2013-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-29 10:08]
      .
      2013-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-29 10:08]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ThpSrv"="c:\windows\system32\thpsrv" [X]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-04-21 11786344]
      "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-04-21 2207848]
      "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2011-06-10 710560]
      "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
      FontCache
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://start.toshiba.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      uInternet Settings,ProxyOverride = <local>
      TCP: DhcpNameServer = 200.48.225.130 200.48.225.146
      FF - ProfilePath - c:\users\Jose\AppData\Roaming\Mozilla\Firefox\Profiles\nw4k7fk6.default\
      FF - ExtSQL: 2013-02-23 01:11; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn
      FF - ExtSQL: 2013-02-23 11:23; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
      Toolbar-Locked - (no file)
      HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
      HKLM-Run-HSON - c:\program files (x86)\TOSHIBA\TBS\HSON.exe
      HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
      HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
      HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe
      HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
      HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
      HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
      AddRemove-{0FCDA0F8-F3E5-402E-B9B6-13CB2B01182B} - c:\users\Jose\AppData\Local\TERA\setup.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
      "ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.9.1.14\diMaster.dll\" /prefetch:1"
      --
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCCUJobMgr]
      "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.13.11\diMaster.dll\" /prefetch:1"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_149_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_149.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker5"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      Completion time: 2013-02-28 20:47:25
      ComboFix-quarantined-files.txt 2013-03-01 01:47
      .
      Pre-Run: 555,331,850,240 bytes free
      Post-Run: 554,955,010,048 bytes free
      .
      - - End Of File - - DA1B95EAC69E369DDD662E69DD5FF4AB

      Y este del Malwarebytes anti-rootkit
      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1020

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x64

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      Java version: 1.6.0_25

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
      CPU speed: 1.597000 GHz
      Memory total: 5881118720, free: 3957080064

      ------------ Kernel report ------------
      02/28/2013 18:50:27
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntoskrnl.exe
      \SystemRoot\system32\hal.dll
      \SystemRoot\system32\kdcom.dll
      \SystemRoot\system32\mcupdate_AuthenticAMD.dll
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\CLFS.SYS
      \SystemRoot\system32\CI.dll
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\system32\drivers\ACPI.sys
      \SystemRoot\system32\drivers\WMILIB.SYS
      \SystemRoot\system32\drivers\msisadrv.sys
      \SystemRoot\system32\drivers\pci.sys
      \SystemRoot\system32\drivers\vdrvroot.sys
      \SystemRoot\system32\DRIVERS\LPCFilter.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\system32\drivers\compbatt.sys
      \SystemRoot\system32\drivers\BATTC.SYS
      \SystemRoot\system32\drivers\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\system32\DRIVERS\pciide.sys
      \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
      \SystemRoot\system32\drivers\atapi.sys
      \SystemRoot\system32\drivers\ataport.SYS
      \SystemRoot\system32\DRIVERS\msahci.sys
      \SystemRoot\system32\DRIVERS\amd_sata.sys
      \SystemRoot\system32\DRIVERS\storport.sys
      \SystemRoot\system32\DRIVERS\amd_xata.sys
      \SystemRoot\system32\drivers\amdxata.sys
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\system32\drivers\fileinfo.sys
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\msrpc.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\drivers\volsnap.sys
      \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
      \SystemRoot\system32\DRIVERS\tos_sps64.sys
      \SystemRoot\system32\DRIVERS\Thpevm.SYS
      \SystemRoot\system32\DRIVERS\thpdrv.sys
      \SystemRoot\System32\Drivers\spldr.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\hwpolicy.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\system32\drivers\disk.sys
      \SystemRoot\system32\drivers\CLASSPNP.SYS
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\drivers\VIDEOPRT.SYS
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\system32\drivers\rdpencdd.sys
      \SystemRoot\system32\drivers\rdprefmp.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\DRIVERS\wfplwf.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\drivers\termdd.sys
      \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
      \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\system32\drivers\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\drivers\blbdrive.sys
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\system32\DRIVERS\atikmpag.sys
      \SystemRoot\system32\DRIVERS\atikmdag.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\system32\drivers\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\Rt64win7.sys
      \SystemRoot\system32\DRIVERS\athrx.sys
      \SystemRoot\system32\DRIVERS\vwifibus.sys
      \SystemRoot\system32\DRIVERS\amdxhc.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\system32\DRIVERS\tdcmdpst.sys
      \SystemRoot\system32\drivers\usbohci.sys
      \SystemRoot\system32\drivers\USBPORT.SYS
      \SystemRoot\system32\drivers\usbehci.sys
      \SystemRoot\system32\drivers\i8042prt.sys
      \SystemRoot\system32\DRIVERS\CeKbFilter.sys
      \SystemRoot\system32\drivers\kbdclass.sys
      \SystemRoot\system32\drivers\CmBatt.sys
      \SystemRoot\system32\DRIVERS\SynTP.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
      \SystemRoot\system32\DRIVERS\amdppm.sys
      \SystemRoot\system32\DRIVERS\TVALZFL.sys
      \SystemRoot\system32\DRIVERS\tosrfec.sys
      \SystemRoot\system32\drivers\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\drivers\swenum.sys
      \SystemRoot\system32\drivers\ks.sys
      \SystemRoot\system32\DRIVERS\umbus.sys
      \SystemRoot\system32\DRIVERS\amdhub30.sys
      \SystemRoot\system32\drivers\usbhub.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\drivers\AtihdW76.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\drivers\ksthunk.sys
      \SystemRoot\system32\drivers\RTKVHD64.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\Drivers\dump_diskdump.sys
      \SystemRoot\System32\Drivers\dump_amd_sata.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\system32\DRIVERS\usbccgp.sys
      \SystemRoot\System32\Drivers\usbvideo.sys
      \SystemRoot\system32\DRIVERS\pgeffect.sys
      \SystemRoot\system32\DRIVERS\monitor.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\system32\drivers\luafv.sys
      \??\C:\windows\system32\drivers\mbam.sys
      \SystemRoot\system32\DRIVERS\Sftvollh.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \SystemRoot\system32\drivers\peauth.sys
      \??\C:\windows\system32\drivers\regi.sys
      \SystemRoot\System32\Drivers\secdrv.SYS
      \SystemRoot\system32\DRIVERS\Sftfslh.sys
      \SystemRoot\system32\DRIVERS\Sftplaylh.sys
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \SystemRoot\system32\DRIVERS\Sftredirlh.sys
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130227.001\IDSvia64.sys
      \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
      \SystemRoot\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
      \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
      \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
      \SystemRoot\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130228.003\EX64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130228.003\ENG64.SYS
      \SystemRoot\System32\cdd.dll
      \??\C:\windows\system32\drivers\mbamchameleon.sys
      \??\C:\windows\system32\drivers\mbamswissarmy.sys
      \Windows\System32\ntdll.dll
      \Windows\System32\smss.exe
      \Windows\System32\apisetschema.dll
      \Windows\System32\autochk.exe
      \Windows\System32\comdlg32.dll
      \Windows\System32\normaliz.dll
      \Windows\System32\msvcrt.dll
      \Windows\System32\urlmon.dll
      \Windows\System32\psapi.dll
      \Windows\System32\nsi.dll
      \Windows\System32\rpcrt4.dll
      \Windows\System32\kernel32.dll
      \Windows\System32\difxapi.dll
      \Windows\System32\ole32.dll
      \Windows\System32\sechost.dll
      \Windows\System32\usp10.dll
      \Windows\System32\shlwapi.dll
      \Windows\System32\shell32.dll
      \Windows\System32\Wldap32.dll
      \Windows\System32\lpk.dll
      \Windows\System32\msctf.dll
      \Windows\System32\advapi32.dll
      \Windows\System32\gdi32.dll
      \Windows\System32\imm32.dll
      \Windows\System32\clbcatq.dll
      \Windows\System32\wininet.dll
      \Windows\System32\setupapi.dll
      \Windows\System32\user32.dll
      \Windows\System32\ws2_32.dll
      \Windows\System32\oleaut32.dll
      \Windows\System32\iertutil.dll
      \Windows\System32\imagehlp.dll
      \Windows\System32\wintrust.dll
      \Windows\System32\crypt32.dll
      \Windows\System32\cfgmgr32.dll
      \Windows\System32\KernelBase.dll
      \Windows\System32\comctl32.dll
      \Windows\System32\devobj.dll
      \Windows\System32\msasn1.dll
      \Windows\SysWOW64\normaliz.dll
      ----------- End -----------
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xfffffa80065c8060
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\0000007e\
      Lower Device Object: 0xfffffa8006352890
      Lower Device Driver Name: \Driver\amd_sata\
      Driver name found: amd_sata
      Initialization returned 0x0
      Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
      Load Function returned 0x0
      Downloaded database version: v2013.02.28.13
      Initializing...
      Done!
      <<<2>>>
      Device number: 0, partition: 2
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xfffffa80065c8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xfffffa80065c8b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
      DevicePointer: 0xfffffa80065c8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xfffffa80065c7060, DeviceName: \Device\THPDRV1\, DriverName: \Driver\Thpdrv\
      DevicePointer: 0xfffffa80054e2ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
      DevicePointer: 0xfffffa8006352890, DeviceName: \Device\0000007e\, DriverName: \Driver\amd_sata\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      Upper DeviceData: 0xfffff8a001776510, 0xfffffa80065c8060, 0xfffffa8007de41e0
      Lower DeviceData: 0xfffff8a011d3a960, 0xfffffa8006352890, 0xfffffa800a0d4090
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning directory: C:\windows\system32\drivers...
      <<<2>>>
      Device number: 0, partition: 2
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: CB942C70

      Partition information:

      Partition 0 type is Other (0x27)
      Partition is ACTIVE.
      Partition starts at LBA: 2048 Numsec = 3072000
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Primary (0x7)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 3074048 Numsec = 1216559104

      Partition 2 type is HIDDEN (0x17)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 1219633152 Numsec = 30629888
      Partition is not bootable
      Hidden partition VBR is not infected.

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 640135028736 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
      Done!
      Performing system, memory and registry scan...
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      <<<2>>>
      Can't get device number
      Done!
      Scan finished
      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1020

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x64

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      Java version: 1.6.0_25

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
      CPU speed: 1.597000 GHz
      Memory total: 5881118720, free: 4657872896

      =======================================
      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1020

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x64

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      Java version: 1.6.0_25

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
      CPU speed: 1.597000 GHz
      Memory total: 5881118720, free: 4012544000

      ------------ Kernel report ------------
      02/28/2013 19:26:38
      ------------ Loaded modules -----------
      \SystemRoot\system32\ntoskrnl.exe
      \SystemRoot\system32\hal.dll
      \SystemRoot\system32\kdcom.dll
      \SystemRoot\system32\mcupdate_AuthenticAMD.dll
      \SystemRoot\system32\PSHED.dll
      \SystemRoot\system32\CLFS.SYS
      \SystemRoot\system32\CI.dll
      \SystemRoot\system32\drivers\Wdf01000.sys
      \SystemRoot\system32\drivers\WDFLDR.SYS
      \SystemRoot\system32\drivers\ACPI.sys
      \SystemRoot\system32\drivers\WMILIB.SYS
      \SystemRoot\system32\drivers\msisadrv.sys
      \SystemRoot\system32\drivers\pci.sys
      \SystemRoot\system32\drivers\vdrvroot.sys
      \SystemRoot\system32\DRIVERS\LPCFilter.sys
      \SystemRoot\System32\drivers\partmgr.sys
      \SystemRoot\system32\drivers\compbatt.sys
      \SystemRoot\system32\drivers\BATTC.SYS
      \SystemRoot\system32\drivers\volmgr.sys
      \SystemRoot\System32\drivers\volmgrx.sys
      \SystemRoot\System32\drivers\mountmgr.sys
      \SystemRoot\system32\DRIVERS\pciide.sys
      \SystemRoot\system32\DRIVERS\PCIIDEX.SYS
      \SystemRoot\system32\drivers\atapi.sys
      \SystemRoot\system32\drivers\ataport.SYS
      \SystemRoot\system32\DRIVERS\msahci.sys
      \SystemRoot\system32\DRIVERS\amd_sata.sys
      \SystemRoot\system32\DRIVERS\storport.sys
      \SystemRoot\system32\DRIVERS\amd_xata.sys
      \SystemRoot\system32\drivers\amdxata.sys
      \SystemRoot\system32\drivers\fltmgr.sys
      \SystemRoot\system32\drivers\fileinfo.sys
      \SystemRoot\System32\Drivers\Ntfs.sys
      \SystemRoot\System32\Drivers\msrpc.sys
      \SystemRoot\System32\Drivers\ksecdd.sys
      \SystemRoot\System32\Drivers\cng.sys
      \SystemRoot\System32\drivers\pcw.sys
      \SystemRoot\System32\Drivers\Fs_Rec.sys
      \SystemRoot\system32\drivers\ndis.sys
      \SystemRoot\system32\drivers\NETIO.SYS
      \SystemRoot\System32\Drivers\ksecpkg.sys
      \SystemRoot\System32\drivers\tcpip.sys
      \SystemRoot\System32\drivers\fwpkclnt.sys
      \SystemRoot\system32\drivers\volsnap.sys
      \SystemRoot\system32\DRIVERS\TVALZ_O.SYS
      \SystemRoot\system32\DRIVERS\tos_sps64.sys
      \SystemRoot\system32\DRIVERS\Thpevm.SYS
      \SystemRoot\system32\DRIVERS\thpdrv.sys
      \SystemRoot\System32\Drivers\spldr.sys
      \SystemRoot\System32\drivers\rdyboost.sys
      \SystemRoot\System32\Drivers\mup.sys
      \SystemRoot\System32\drivers\hwpolicy.sys
      \SystemRoot\System32\DRIVERS\fvevol.sys
      \SystemRoot\system32\drivers\disk.sys
      \SystemRoot\system32\drivers\CLASSPNP.SYS
      \SystemRoot\system32\DRIVERS\cdrom.sys
      \SystemRoot\System32\Drivers\Null.SYS
      \SystemRoot\System32\Drivers\Beep.SYS
      \SystemRoot\System32\drivers\vga.sys
      \SystemRoot\System32\drivers\VIDEOPRT.SYS
      \SystemRoot\System32\drivers\watchdog.sys
      \SystemRoot\System32\DRIVERS\RDPCDD.sys
      \SystemRoot\system32\drivers\rdpencdd.sys
      \SystemRoot\system32\drivers\rdprefmp.sys
      \SystemRoot\System32\Drivers\Msfs.SYS
      \SystemRoot\System32\Drivers\Npfs.SYS
      \SystemRoot\system32\DRIVERS\tdx.sys
      \SystemRoot\system32\DRIVERS\TDI.SYS
      \SystemRoot\system32\drivers\afd.sys
      \SystemRoot\System32\DRIVERS\netbt.sys
      \SystemRoot\system32\DRIVERS\wfplwf.sys
      \SystemRoot\system32\DRIVERS\pacer.sys
      \SystemRoot\system32\DRIVERS\vwififlt.sys
      \SystemRoot\system32\DRIVERS\netbios.sys
      \SystemRoot\system32\DRIVERS\wanarp.sys
      \SystemRoot\system32\drivers\termdd.sys
      \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
      \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
      \SystemRoot\system32\DRIVERS\rdbss.sys
      \SystemRoot\system32\drivers\nsiproxy.sys
      \SystemRoot\system32\drivers\mssmbios.sys
      \SystemRoot\System32\drivers\discache.sys
      \SystemRoot\System32\Drivers\dfsc.sys
      \SystemRoot\system32\drivers\blbdrive.sys
      \SystemRoot\system32\DRIVERS\tunnel.sys
      \SystemRoot\system32\DRIVERS\atikmpag.sys
      \SystemRoot\system32\DRIVERS\atikmdag.sys
      \SystemRoot\System32\drivers\dxgkrnl.sys
      \SystemRoot\System32\drivers\dxgmms1.sys
      \SystemRoot\system32\drivers\HDAudBus.sys
      \SystemRoot\system32\DRIVERS\Rt64win7.sys
      \SystemRoot\system32\DRIVERS\athrx.sys
      \SystemRoot\system32\DRIVERS\vwifibus.sys
      \SystemRoot\system32\DRIVERS\amdxhc.sys
      \SystemRoot\system32\DRIVERS\USBD.SYS
      \SystemRoot\system32\DRIVERS\tdcmdpst.sys
      \SystemRoot\system32\drivers\usbohci.sys
      \SystemRoot\system32\drivers\USBPORT.SYS
      \SystemRoot\system32\drivers\usbehci.sys
      \SystemRoot\system32\drivers\i8042prt.sys
      \SystemRoot\system32\DRIVERS\CeKbFilter.sys
      \SystemRoot\system32\drivers\kbdclass.sys
      \SystemRoot\system32\drivers\CmBatt.sys
      \SystemRoot\system32\DRIVERS\SynTP.sys
      \SystemRoot\system32\DRIVERS\mouclass.sys
      \SystemRoot\system32\DRIVERS\jmcr.sys
      \SystemRoot\system32\DRIVERS\SCSIPORT.SYS
      \SystemRoot\system32\DRIVERS\amdppm.sys
      \SystemRoot\system32\DRIVERS\TVALZFL.sys
      \SystemRoot\system32\DRIVERS\tosrfec.sys
      \SystemRoot\system32\drivers\CompositeBus.sys
      \SystemRoot\system32\DRIVERS\AgileVpn.sys
      \SystemRoot\system32\DRIVERS\rasl2tp.sys
      \SystemRoot\system32\DRIVERS\ndistapi.sys
      \SystemRoot\system32\DRIVERS\ndiswan.sys
      \SystemRoot\system32\DRIVERS\raspppoe.sys
      \SystemRoot\system32\DRIVERS\raspptp.sys
      \SystemRoot\system32\DRIVERS\rassstp.sys
      \SystemRoot\system32\drivers\swenum.sys
      \SystemRoot\system32\drivers\ks.sys
      \SystemRoot\system32\DRIVERS\umbus.sys
      \SystemRoot\system32\DRIVERS\amdhub30.sys
      \SystemRoot\system32\drivers\usbhub.sys
      \SystemRoot\System32\Drivers\NDProxy.SYS
      \SystemRoot\system32\drivers\AtihdW76.sys
      \SystemRoot\system32\drivers\portcls.sys
      \SystemRoot\system32\drivers\drmk.sys
      \SystemRoot\system32\drivers\ksthunk.sys
      \SystemRoot\system32\drivers\RTKVHD64.sys
      \SystemRoot\system32\DRIVERS\usbccgp.sys
      \SystemRoot\System32\Drivers\usbvideo.sys
      \SystemRoot\system32\DRIVERS\pgeffect.sys
      \SystemRoot\System32\Drivers\crashdmp.sys
      \SystemRoot\System32\Drivers\dump_diskdump.sys
      \SystemRoot\System32\Drivers\dump_amd_sata.sys
      \SystemRoot\System32\Drivers\dump_dumpfve.sys
      \SystemRoot\System32\win32k.sys
      \SystemRoot\System32\drivers\Dxapi.sys
      \SystemRoot\system32\DRIVERS\monitor.sys
      \SystemRoot\System32\TSDDD.dll
      \SystemRoot\System32\cdd.dll
      \SystemRoot\system32\drivers\luafv.sys
      \??\C:\windows\system32\drivers\mbam.sys
      \SystemRoot\system32\DRIVERS\Sftvollh.sys
      \SystemRoot\system32\DRIVERS\lltdio.sys
      \SystemRoot\system32\DRIVERS\nwifi.sys
      \SystemRoot\system32\DRIVERS\ndisuio.sys
      \SystemRoot\system32\DRIVERS\rspndr.sys
      \SystemRoot\system32\drivers\HTTP.sys
      \SystemRoot\system32\DRIVERS\bowser.sys
      \SystemRoot\System32\drivers\mpsdrv.sys
      \SystemRoot\system32\DRIVERS\mrxsmb.sys
      \SystemRoot\system32\DRIVERS\mrxsmb10.sys
      \SystemRoot\system32\DRIVERS\mrxsmb20.sys
      \SystemRoot\system32\drivers\peauth.sys
      \??\C:\windows\system32\drivers\regi.sys
      \SystemRoot\System32\Drivers\secdrv.SYS
      \SystemRoot\system32\DRIVERS\Sftfslh.sys
      \SystemRoot\system32\DRIVERS\Sftplaylh.sys
      \SystemRoot\System32\DRIVERS\srvnet.sys
      \SystemRoot\System32\drivers\tcpipreg.sys
      \SystemRoot\System32\DRIVERS\srv2.sys
      \SystemRoot\system32\DRIVERS\Sftredirlh.sys
      \SystemRoot\System32\DRIVERS\srv.sys
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\ccSetx64.sys
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20130227.001\IDSvia64.sys
      \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS
      \SystemRoot\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS
      \SystemRoot\system32\drivers\NISx64\1309010.00E\Ironx64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20130208.001\BHDrvx64.sys
      \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
      \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
      \SystemRoot\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS
      \??\C:\windows\system32\Drivers\PROCEXP113.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130228.003\EX64.SYS
      \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20130228.003\ENG64.SYS
      \??\C:\windows\system32\drivers\mbamchameleon.sys
      \??\C:\windows\system32\drivers\mbamswissarmy.sys
      \Windows\System32\ntdll.dll
      \Windows\System32\smss.exe
      \Windows\System32\apisetschema.dll
      \Windows\System32\autochk.exe
      ----------- End -----------
      <<<1>>>
      Upper Device Name: \Device\Harddisk0\DR0
      Upper Device Object: 0xfffffa80065a9060
      Upper Device Driver Name: \Driver\Disk\
      Lower Device Name: \Device\0000007e\
      Lower Device Object: 0xfffffa8005f94060
      Lower Device Driver Name: \Driver\amd_sata\
      Driver name found: amd_sata
      Initialization returned 0x0
      Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
      Load Function returned 0x0
      Initializing...
      Done!
      <<<2>>>
      Device number: 0, partition: 2
      Physical Sector Size: 512
      Drive: 0, DevicePointer: 0xfffffa80065a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      --------- Disk Stack ------
      DevicePointer: 0xfffffa80065a9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
      DevicePointer: 0xfffffa80065a9060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      DevicePointer: 0xfffffa80065a8060, DeviceName: \Device\THPDRV1\, DriverName: \Driver\Thpdrv\
      DevicePointer: 0xfffffa80054e2ac0, DeviceName: Unknown, DriverName: \Driver\amd_xata\
      DevicePointer: 0xfffffa8005f94060, DeviceName: \Device\0000007e\, DriverName: \Driver\amd_sata\
      ------------ End ----------
      Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
      Upper DeviceData: 0xfffff8a00fcea620, 0xfffffa80065a9060, 0xfffffa8009d71090
      Lower DeviceData: 0xfffff8a00eed6f20, 0xfffffa8005f94060, 0xfffffa8009d8bc00
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Scanning directory: C:\windows\system32\drivers...
      <<<2>>>
      Device number: 0, partition: 2
      <<<3>>>
      Volume: C:
      File system type: NTFS
      SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
      Done!
      Drive 0
      Scanning MBR on drive 0...
      Inspecting partition table:
      MBR Signature: 55AA
      Disk Signature: CB942C70

      Partition information:

      Partition 0 type is Other (0x27)
      Partition is ACTIVE.
      Partition starts at LBA: 2048 Numsec = 3072000
      Partition file system is NTFS
      Partition is bootable

      Partition 1 type is Primary (0x7)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 3074048 Numsec = 1216559104

      Partition 2 type is HIDDEN (0x17)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 1219633152 Numsec = 30629888
      Partition is not bootable
      Hidden partition VBR is not infected.

      Partition 3 type is Empty (0x0)
      Partition is NOT ACTIVE.
      Partition starts at LBA: 0 Numsec = 0

      Disk Size: 640135028736 bytes
      Sector size: 512 bytes

      Scanning physical sectors of unpartitioned space on drive 0 (1-2047-1250243728-1250263728)...
      Done!
      Performing system, memory and registry scan...
      Done!
      Scan finished
      =======================================


      ---------------------------------------
      Malwarebytes Anti-Rootkit BETA 1.01.0.1020

      (c) Malwarebytes Corporation 2011-2012

      OS version: 6.1.7601 Windows 7 Service Pack 1 x64

      Account is Administrative

      Internet Explorer version: 9.0.8112.16421

      Java version: 1.6.0_25

      File system is: NTFS
      Disk drives: C:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
      CPU speed: 1.597000 GHz
      Memory total: 5881118720, free: 4667314176

      =======================================
      Malwarebytes Anti-Rootkit BETA 1.01.0.1020
      Malwarebytes : Free anti-malware download

      Database version: v2013.02.28.13

      Windows 7 Service Pack 1 x64 NTFS
      Internet Explorer 9.0.8112.16421
      Jose :: JOSE-PC [administrator]

      28-Feb-13 7:37:44 PM
      mbar-log-2013-02-28 (19-37-44).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
      Scan options disabled:
      Objects scanned: 29026
      Time elapsed: 11 minute(s),

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)

      Gracias por tu atencion :D

    4. #4
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Virus en portatil

      Hola Darkami23:


      Has olvidado comentar si persiste el problema ???


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #5
      Usuario Avatar de Darkami23
      Registrado
      feb 2013
      Ubicación
      PERU
      Mensajes
      5

      Bien Re: Virus en portatil

      Cita Originalmente publicado por SanMar Ver Mensaje
      Hola Darkami23:


      Has olvidado comentar si persiste el problema ???


      Salu2.
      hmm sí, disculpa aun persiste el problema del sonido , respecto al problema del facebook se soluciono!. La portatil se ha puesto algo lenta tambien . Gracias por tu atencion y apoyo!
      Última edición por Darkami23 fecha: 05/03/13 a las 23:26:28

    6. #6
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Virus en portatil

      Hola:


      Realiza lo indicado en la presente guiá >>> Eliminar Whistler Bootkit (Trojan-Clicker.Win32.Cycler)


      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #7
      Usuario Avatar de Darkami23
      Registrado
      feb 2013
      Ubicación
      PERU
      Mensajes
      5

      Re: Virus en portatil

      Cita Originalmente publicado por SanMar Ver Mensaje
      Hola:


      Realiza lo indicado en la presente guiá >>> Eliminar Whistler Bootkit (Trojan-Clicker.Win32.Cycler)


      Salu2
      Realice lo que la pagina me decía, pero, según el post del Administrador mi computadora no tiene ese rookit. Gracias por la atención!

    8. #8
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Virus en portatil

      Hola:

      No uses responder con cita, no es necesario y alargas el tema.

      Realiza lo siguiente:


      Descargue aswMBR.exe (511kb) en su escritorio.

      • Haga doble clic en el aswMBR.exe para ejecutarlo


      • Haga clic en el botón "Scan" para empezar la búsqueda





      • Guarde el aswASW.log en el escritorio y lo pega en su próxima respuesta.










      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #9
      Usuario Avatar de Darkami23
      Registrado
      feb 2013
      Ubicación
      PERU
      Mensajes
      5

      Re: Virus en portatil

      aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
      Run date: 2013-03-08 22:43:40
      -----------------------------
      22:43:40.088 OS Version: Windows x64 6.1.7601 Service Pack 1
      22:43:40.089 Number of processors: 4 586 0x100
      22:43:40.091 ComputerName: JOSE-PC UserName: Jose
      22:43:44.567 Initialize success
      22:43:54.798 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000077
      22:43:54.802 Disk 0 Vendor: TOSHIBA_ GT00 Size: 610480MB BusType: 11
      22:43:54.817 Disk 0 MBR read successfully
      22:43:54.822 Disk 0 MBR scan
      22:43:54.826 Disk 0 Windows VISTA default MBR code
      22:43:54.837 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
      22:43:54.848 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 594023 MB offset 3074048
      22:43:54.875 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 14956 MB offset 1219633152
      22:43:54.946 Disk 0 scanning C:\windows\system32\drivers
      22:44:06.448 Service scanning
      22:44:19.751 Service kl1 C:\windows\system32\DRIVERS\kl1.sys **LOCKED** 5
      22:44:19.985 Service KLIM6 C:\windows\system32\DRIVERS\klim6.sys **LOCKED** 5
      22:44:20.065 Service klkbdflt C:\windows\system32\DRIVERS\klkbdflt.sys **LOCKED** 5
      22:44:20.106 Service klmouflt C:\windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
      22:44:20.424 Service kltdi C:\windows\system32\DRIVERS\kltdi.sys **LOCKED** 5
      22:44:20.481 Service kneps C:\windows\system32\DRIVERS\kneps.sys **LOCKED** 5
      22:44:49.301 Modules scanning
      22:44:49.302 Disk 0 trace - called modules:
      22:44:49.331 ntoskrnl.exe CLASSPNP.SYS disk.sys thpdrv.sys amd_xata.sys storport.sys hal.dll amd_sata.sys
      22:44:49.332 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800662f060]
      22:44:49.333 3 CLASSPNP.SYS[fffff8800200143f] -> nt!IofCallDriver -> \Device\THPDRV1[0xfffffa800662e060]
      22:44:49.333 5 thpdrv.sys[fffff880021272b0] -> nt!IofCallDriver -> [0xfffffa80054e2ac0]
      22:44:49.334 7 amd_xata.sys[fffff88000e5da1d] -> nt!IofCallDriver -> \Device\00000077[0xfffffa800636f930]
      22:44:49.334 Scan finished successfully
      22:45:39.249 Disk 0 MBR has been saved successfully to "C:\Users\Jose\Desktop\MBR.dat"
      22:45:39.255 The log file has been saved successfully to "C:\Users\Jose\Desktop\aswMBR.txt"

      Gracias por tu ayuda :D

    10. #10
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Virus en portatil

      Hola Darkami23:


      Las herramientas muestran que estas limpio, al menos no tienes Rootkits de los que afectan el sonido.


      Has revisado el administrador de Dispositivos para ver si tienes alguno con símbolo amarillo?

      Ya que no parece ser por virus el problema, podría ser de drivers


      Por la lentitud:

      Paso 1.- Descarga, instala y actualiza los siguientes programas:




      Paso 2.-
      Los ejecutas de a uno en el siguiente orden:

      Ccleaner.
      • Ejecutalo en sus dos opciones limpiador y registro
      • Haciendo Copia Seguridad cuando te lo pida


      Glary Utilities

      • Lo instalas y actualizas (Pestaña Estado)
      • Optimizas de acuerdo a su Manual
      • Vas a su pestaña Mantenimiento 1 Clic.
      • Presionas el botón Ver Resultados.
      • Espera a que termine y presionas Reparar Problemas.



      Paso 3.-
      Desfragmenta tu Disco.>>> Manual de Defraggler


      Nos cuentas.

      Salu2..

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.