Hola a ver si me pueden echar una mano
Venía teniendo errores 0x00005e ó e5, no recuerdo como era. No me dejaba ejecutar ni vlc, ni avg, ni podía ir a panel a la opción desinstalar. Por ahora no me ha vuelto a salir haciendo limpieza de lo que me detectaba los Antivirus y antimalwares... etc. Pero aún me detecta lo siguiente.
Comodo Firewall KillSwitch en Cleaning Essentials me detecta Rootkit hidden pero no lo elimina, otra cosa llega un momento que se pone casi a 100% CPU en el administrador de tareas y no termina.
Gmer: me sale
GMER 2.2.19882 - http://www.gmer.net
Rootkit scan 2016-11-13 12:50:58
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002a WDC_WD1600AAJS-98PSA0 rev.05.06H05 149,05GB
Running: e09nphvm.exe; Driver: C:\Users\selohu\AppData\Local\Temp\ffldypod.sys
Threads - GMER 2.2
Thread C:\WINDOWS\system32\lsass.exe [800:860] 00007ff9254f0160
Thread C:\WINDOWS\system32\svchost.exe [944:348] 00007ff92401f950
Thread C:\WINDOWS\system32\svchost.exe [944:344] 00007ff92401ed20
Thread C:\WINDOWS\system32\svchost.exe [944:584] 00007ff923df8ae0
Thread C:\WINDOWS\system32\svchost.exe [984:6880] 00007ff9245c7070
Thread C:\WINDOWS\system32\svchost.exe [984:4988] 00007ff9245c7070
Thread C:\WINDOWS\system32\dwm.exe [580:1084] 00007ff923b81270
Thread C:\WINDOWS\system32\dwm.exe [580:1092] 00007ff923726380
Thread C:\WINDOWS\system32\dwm.exe [580:1116] 00007ff9238f4780
Thread C:\WINDOWS\system32\dwm.exe [580:1212] 00007ff923726400
Thread C:\WINDOWS\system32\dwm.exe [580:1368] 00007ff923692040
Thread C:\WINDOWS\system32\dwm.exe [580:1372] 00007ff9236920f0
Thread C:\WINDOWS\system32\dwm.exe [580:1376] 00007ff923692190
Thread C:\WINDOWS\system32\dwm.exe [580:1388] 00007ff920a5ea60
Thread C:\WINDOWS\system32\dwm.exe [580:1920] 00007ff91f45ae0c
Thread C:\WINDOWS\system32\svchost.exe [652:2832] 00007ff9168d39b0
Thread C:\WINDOWS\system32\svchost.exe [652:3032] 00007ff9163a1a50
Thread C:\WINDOWS\system32\svchost.exe [652:4624] 00007ff91c0b1040
Thread C:\WINDOWS\system32\svchost.exe [652:3672] 00007ff9204e30f0
Thread C:\WINDOWS\System32\svchost.exe [784:1004] 00007ff923511670
Thread C:\WINDOWS\System32\svchost.exe [784:1164] 00007ff922b24260
Thread C:\WINDOWS\System32\svchost.exe [784:1180] 00007ff922b2bce0
Thread C:\WINDOWS\System32\svchost.exe [784:1184] 00007ff922b2bce0
Thread C:\WINDOWS\System32\svchost.exe [784:1188] 00007ff922b2bce0
Thread C:\WINDOWS\System32\svchost.exe [784:1320] 00007ff920f2a770
Thread C:\WINDOWS\System32\svchost.exe [784:2032] 00007ff91bc55bc0
Thread C:\WINDOWS\System32\svchost.exe [784:3800] 000002131f0359c0
Thread C:\WINDOWS\System32\svchost.exe [784:3128] 00007ff9190ca880
Thread C:\WINDOWS\System32\svchost.exe [784:2552] 00007ff9190c38e0
Thread C:\WINDOWS\System32\svchost.exe [788:1104] 00007ff922f128c0
Thread C:\WINDOWS\System32\svchost.exe [788:1120] 00007ff922f14290
Thread C:\WINDOWS\System32\svchost.exe [788:1144] 00007ff922f145c0
Thread C:\WINDOWS\System32\svchost.exe [788:1240] 00007ff921943520
Thread C:\WINDOWS\System32\svchost.exe [788:1364] 00007ff920e94310
Thread C:\WINDOWS\System32\svchost.exe [788:2644] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2648] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2652] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2656] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2660] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2664] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:2668] 000001d58a0359c0
Thread C:\WINDOWS\System32\svchost.exe [788:3860] 00007ff91689c990
Thread C:\WINDOWS\System32\svchost.exe [788:3916] 00007ff9161bf290
Thread C:\WINDOWS\System32\svchost.exe [788:5628] 00007ff90a89fdf0
Thread C:\WINDOWS\System32\svchost.exe [788:5636] 00007ff90a8a2af0
Thread C:\WINDOWS\System32\svchost.exe [788:5640] 00007ff90a8a2a40
Thread C:\WINDOWS\System32\svchost.exe [788:5684] 00007ff90a895c80
Thread C:\WINDOWS\System32\svchost.exe [788:5724] 00007ff91a3c51d0
Thread C:\WINDOWS\System32\svchost.exe [788:5768] 00007ff91a3c72d0
Thread C:\WINDOWS\system32\svchost.exe [1136:1960] 00007ff91be8c5a0
Thread C:\WINDOWS\system32\svchost.exe [1136:1904] 00007ff91be8eab0
Thread C:\WINDOWS\system32\svchost.exe [1136:1916] 00007ff91be8d2d0
Thread C:\WINDOWS\system32\svchost.exe [1136:1936] 00007ff91be8e100
Thread C:\WINDOWS\system32\svchost.exe [1136:6864] 00007ff919f0af40
Thread C:\WINDOWS\system32\svchost.exe [1136:5876] 00007ff919f0ca00
Thread C:\WINDOWS\system32\svchost.exe [1136:6972] 00007ff919c63bc0
Thread C:\WINDOWS\system32\svchost.exe [1136:7040] 00007ff921e11240
Thread C:\WINDOWS\system32\svchost.exe [1136:7012] 00007ff91898a3b0
Thread C:\WINDOWS\system32\svchost.exe [1136:7032] 00007ff9189425e0
Thread C:\WINDOWS\system32\svchost.exe [1136:2336] 00007ff919c62080
Thread C:\WINDOWS\system32\svchost.exe [1156:1480] 00007ff920e3f050
Thread C:\WINDOWS\system32\svchost.exe [1156:1484] 00007ff92089c030
Thread C:\WINDOWS\system32\svchost.exe [1156:1652] 00007ff920897000
Thread C:\WINDOWS\system32\svchost.exe [1156:1656] 00007ff920898370
Thread C:\WINDOWS\system32\svchost.exe [1156:1660] 00007ff92089ad30
Thread C:\WINDOWS\system32\svchost.exe [1156:1476] 00007ff91bb387e0
Thread C:\WINDOWS\system32\svchost.exe [1156:2152] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\svchost.exe [1156:2208] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\svchost.exe [1156:2760] 00007ff9204e30f0
Thread C:\WINDOWS\system32\svchost.exe [1156:2548] 00007ff92089c830
Thread C:\WINDOWS\system32\svchost.exe [1156:4584] 00007ff920897d50
Thread C:\WINDOWS\system32\svchost.exe [1156:6052] 00007ff921842400
Thread C:\WINDOWS\system32\svchost.exe [1192:1512] 00007ff921492b40
Thread C:\WINDOWS\system32\svchost.exe [1192:1568] 00007ff91fe3a420
Thread C:\WINDOWS\system32\svchost.exe [1192:1572] 00007ff91fe383a0
Thread C:\WINDOWS\system32\svchost.exe [1192:1576] 00007ff91fe3b090
Thread C:\WINDOWS\system32\svchost.exe [1192:1580] 00007ff91fe3a9a0
Thread C:\WINDOWS\system32\svchost.exe [1192:1584] 00007ff91fe3a770
Thread C:\WINDOWS\system32\svchost.exe [1192:1816] 00007ff91fe38b00
Thread C:\WINDOWS\system32\svchost.exe [1192:1972] 00007ff91bcd03d0
Thread C:\WINDOWS\system32\svchost.exe [1192:1976] 00007ff91bccfa20
Thread C:\WINDOWS\system32\svchost.exe [1192:3772] 00007ff921493c70
Thread C:\Windows\System32\WUDFHost.exe [1256:1564] 00007ff920f7c9d0
Thread C:\WINDOWS\System32\svchost.exe [1412:1448] 00007ff920533210
Thread C:\WINDOWS\System32\svchost.exe [1412:1456] 00007ff920273ba0
Thread C:\WINDOWS\system32\svchost.exe [1540:1608] 00007ff9229ee830
Thread C:\WINDOWS\system32\svchost.exe [1540:1612] 00007ff9229810a0
Thread C:\WINDOWS\System32\spoolsv.exe [1692:3872] 00007ff91bc55bc0
Thread C:\WINDOWS\System32\spoolsv.exe [1692:3876] 00007ff919152740
Thread C:\WINDOWS\System32\spoolsv.exe [1692:3892] 00007ff912c01180
Thread C:\WINDOWS\System32\spoolsv.exe [1692:3896] 00007ff912918e40
Thread C:\WINDOWS\System32\spoolsv.exe [1692:3948] 00007ff9129a4490
Thread C:\WINDOWS\System32\spoolsv.exe [1692:1108] 00007ff912ac17c0
Thread C:\WINDOWS\system32\svchost.exe [1836:2004] 00007ff91bc55bc0
Thread C:\WINDOWS\system32\svchost.exe [1836:2008] 00007ff91bc67d70
Thread C:\WINDOWS\system32\svchost.exe [1836:2744] 00007ff91690b180
Thread C:\WINDOWS\system32\svchost.exe [1836:2748] 00007ff91690f5f0
Thread C:\WINDOWS\System32\svchost.exe [1088:2700] 00007ff919382980
Thread C:\WINDOWS\System32\svchost.exe [1088:2704] 00007ff919382990
Thread C:\WINDOWS\System32\svchost.exe [1088:2708] 00007ff91938fb00
Thread C:\WINDOWS\System32\svchost.exe [1088:2716] 00007ff91938fb60
Thread C:\WINDOWS\System32\svchost.exe [1088:2720] 00007ff91938fb30
Thread C:\WINDOWS\System32\svchost.exe [1088:2724] 00007ff91938fb50
Thread C:\WINDOWS\System32\svchost.exe [1088:2732] 00007ff91938fb40
Thread C:\WINDOWS\system32\svchost.exe [1268:2128] 00007ff929073db0
Thread C:\WINDOWS\system32\svchost.exe [1268:2400] 00007ff91a01c070
Thread C:\WINDOWS\system32\svchost.exe [1268:2404] 00007ff91a01e6e0
Thread C:\WINDOWS\system32\svchost.exe [1268:2428] 00007ff91bc55bc0
Thread C:\WINDOWS\system32\svchost.exe [1268:2480] 00007ff919152740
Thread C:\WINDOWS\system32\svchost.exe [2112:4696] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\svchost.exe [2112:4712] 00007ff91b59dbe0
Thread C:\Program Files\Windows Defender\MsMpEng.exe [2136:6224] 00007ff8fd80f1b0
Thread C:\Program Files\Windows Defender\MsMpEng.exe [2136:6228] 00007ff8fd80f1b0
Thread C:\WINDOWS\System32\svchost.exe [2240:2264] 00007ff91ad898a0
Thread C:\WINDOWS\System32\svchost.exe [2240:2784] 00007ff91b59dbe0
Thread C:\WINDOWS\System32\svchost.exe [2240:2904] 00007ff91b59dbe0
Thread C:\WINDOWS\System32\svchost.exe [2240:3052] 00007ff91ad84a60
Thread C:\WINDOWS\system32\sihost.exe [3144:4196] 000001d3ebc959c0
Thread C:\WINDOWS\system32\sihost.exe [3144:4204] 00007ff911cc2240
Thread C:\WINDOWS\system32\svchost.exe [1548:4128] 00007ff9265fca70
Thread C:\WINDOWS\system32\svchost.exe [1548:5016] 00007ff9265fca70
Thread C:\WINDOWS\system32\svchost.exe [1548:5020] 00007ff9265fca70
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4184] 00007ff911c51ba0
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4240] 00007ff923c730f0
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4244] 00007ff9160e1160
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4284] 00007ff9160e1a20
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4288] 0000020a3eaab600
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4508] 00007ff91148a3b0
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4520] 00007ff910e77930
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4524] 00007ff910e77930
Thread C:\WINDOWS\system32\taskhostw.exe [4156:4528] 00007ff910e77930
Thread C:\WINDOWS\system32\taskhostw.exe [4156:5092] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\taskhostw.exe [4156:5104] 00007ff91b59dbe0
Thread C:\Windows\System32\RuntimeBroker.exe [4640:5600] 000001632bd9a1e0
Thread C:\Windows\System32\RuntimeBroker.exe [4640:752] 00007ff923bf2880
Thread C:\Windows\System32\RuntimeBroker.exe [4640:5760] 000001632bb359c0
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:4608] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:4604] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:4248] 00007ff91b59dbe0
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:5132] 00007ff90cb5d5d0
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:5304] 00007ff90c809a00
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:5308] 00007ff90c807d90
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:5312] 00007ff90c805e30
Thread C:\WINDOWS\system32\SearchIndexer.exe [2588:5676] 00007ff90c810fa0
Thread C:\Program Files\Windows Defender\MSASCuiL.exe [6080:6124] 00007ff9111f5110
Thread C:\WINDOWS\system32\AUDIODG.EXE [6284:1536] 00007ff918c3ab40
Thread C:\WINDOWS\system32\taskmgr.exe [5780:7000] 00007ff9111f5110
EOF - GMER 2.2
En modo seguro con
Antivirus, Malware, tdsskiller, no sale nada.
Has probado a pasarle Malware Bytes?
si, 0 detectados, solo un simple pup.
Me voy para Valencia te hago la firma nueva de les Falles Valençianes y te quito el rootkit
¡Sólo a cambio de una paella Valenciana con garrafons!
En modo a prueba de errores yo pasaría otros Anti Malware como pueden ser SpyBot y Spyware Terminator.
Antes de eso actualizados ;)
Yo en tu caso haría esto:
(http://image.prntscr.com/image/37a8d4d04c9c411cbc6bc2b40f858980.png)
No lo entiendo no sale nada con el Terminator ese, formatear no voy a formatear. Voy a probar otra vez con comodo a ver si sale, si no es que no está ya. Porque si no tenía que haber salido.