Don't worry Guillermo we will get rid of the infections.

Start WinPFind35U. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

[Kill Explorer]
[Unregister Dlls]
[Processes - Non-Microsoft Only]
YY -> wintems.exe -> %System32%\wintems.exe
[Win32 Services - Non-Microsoft Only]
YN -> (aswUpdSv) avast! iAVS4 Control Service [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Antivirus\Avast\aswUpdSv.exe
YN -> (avast! Antivirus) avast! Antivirus [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Antivirus\Avast\ashServ.exe
YN -> (avast! Mail Scanner) avast! Mail Scanner [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Antivirus\Avast\ashMaiSv.exe
YN -> (avast! Web Scanner) avast! Web Scanner [Win32_Own | Disabled | Stopped] -> %ProgramFiles%\Antivirus\Avast\ashWebSv.exe
YN -> (AVG Anti-Spyware Guard) AVG Anti-Spyware Guard [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Grisoft\AVG Anti-Spyware 7.5\guard.exe
YN -> (Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Disabled | Stopped] -> %SystemDrive%\ARCHIV~1\Grisoft\AVG7\avgamsvr.exe
YN -> (Avg7UpdSvc) AVG7 Update Service [Win32_Own | Disabled | Stopped] -> %SystemDrive%\ARCHIV~1\Grisoft\AVG7\avgupsvc.exe
YN -> (AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Stopped] -> %SystemDrive%\ARCHIV~1\Grisoft\AVG7\avgemc.exe
YN -> (sdAuxService) PC Tools Auxiliary Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Spyware Doctor\svcntaux.exe
YN -> (sdCoreService) PC Tools Security Service [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Spyware Doctor\swdsvc.exe
[Registry - Non-Microsoft Only]
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
YN -> {92780B25-18CC-41C8-B9BE-3C9C571A8263}: [HKEY_LOCAL_MACHINE] -> Reg Error: Key does not exist or could not be opened. [Referencia]
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\{92780B25-18CC-41C8-B9BE-3C9C571A8263} [HKEY_LOCAL_MACHINE] -> [Referencia]
NY -> CmdMapping\\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} [HKEY_LOCAL_MACHINE] -> %ProgramFiles%\Antivirus\Spybot\SDHelper.dll [Spybot - Search & Destroy Configuration]
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
YN -> Convertir a PDF de Adobe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm
YN -> Convertir a PDF existente -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm
YN -> Convertir destino de vínculo a PDF existente -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm
YN -> Convertir destino de vínculo en archivo PDF de Adobe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm
YN -> Convertir selección a archivo PDF existente -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppend.htm
YN -> Convertir selección a PDF de Adobe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECapture.htm
YN -> Convertir vínculos seleccionados a PDF de Adobe -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIECaptureSelLinks.htm
YN -> Convertir vínculos seleccionados a PDF existente -> %ProgramFiles%\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll\AcroIEAppendSelLinks.htm
YN -> E&xportar a Microsoft Excel ->
[Files/Folders - Created Within 90 days]
YY -> 112062.exe -> %System32%\drivers\down\112062.exe
YY -> 126609.exe -> %System32%\drivers\down\126609.exe
YY -> 128218.exe -> %System32%\drivers\down\128218.exe
YY -> 136468.exe -> %System32%\drivers\down\136468.exe
YY -> 148046.exe -> %System32%\drivers\down\148046.exe
YY -> 148625.exe -> %System32%\drivers\down\148625.exe
YY -> 157625.exe -> %System32%\drivers\down\157625.exe
YY -> 172015.exe -> %System32%\drivers\down\172015.exe
YY -> 172968.exe -> %System32%\drivers\down\172968.exe
YY -> 201078.exe -> %System32%\drivers\down\201078.exe
YY -> 205234.exe -> %System32%\drivers\down\205234.exe
YY -> 206437.exe -> %System32%\drivers\down\206437.exe
YY -> 210843.exe -> %System32%\drivers\down\210843.exe
YY -> 212625.exe -> %System32%\drivers\down\212625.exe
YY -> 216515.exe -> %System32%\drivers\down\216515.exe
YY -> 236765.exe -> %System32%\drivers\down\236765.exe
YY -> 257734.exe -> %System32%\drivers\down\257734.exe
YY -> 261281.exe -> %System32%\drivers\down\261281.exe
YY -> 262093.exe -> %System32%\drivers\down\262093.exe
YY -> 263078.exe -> %System32%\drivers\down\263078.exe
YY -> 264218.exe -> %System32%\drivers\down\264218.exe
YY -> 269906.exe -> %System32%\drivers\down\269906.exe
YY -> 281609.exe -> %System32%\drivers\down\281609.exe
YY -> 36015.exe -> %System32%\drivers\down\36015.exe
YY -> 39234.exe -> %System32%\drivers\down\39234.exe
YY -> 425750.exe -> %System32%\drivers\down\425750.exe
YY -> 437484.exe -> %System32%\drivers\down\437484.exe
YY -> 446437.exe -> %System32%\drivers\down\446437.exe
YY -> 449625.exe -> %System32%\drivers\down\449625.exe
YY -> 452875.exe -> %System32%\drivers\down\452875.exe
YY -> 455140.exe -> %System32%\drivers\down\455140.exe
YY -> 459015.exe -> %System32%\drivers\down\459015.exe
YY -> 460140.exe -> %System32%\drivers\down\460140.exe
YY -> 468109.exe -> %System32%\drivers\down\468109.exe
YY -> 571625.exe -> %System32%\drivers\down\571625.exe
YY -> 572437.exe -> %System32%\drivers\down\572437.exe
YY -> 580406.exe -> %System32%\drivers\down\580406.exe
YY -> 594140.exe -> %System32%\drivers\down\594140.exe
YY -> 595421.exe -> %System32%\drivers\down\595421.exe
YY -> 614015.exe -> %System32%\drivers\down\614015.exe
YY -> 626718.exe -> %System32%\drivers\down\626718.exe
YY -> 635109.exe -> %System32%\drivers\down\635109.exe
YY -> 637984.exe -> %System32%\drivers\down\637984.exe
YY -> 647031.exe -> %System32%\drivers\down\647031.exe
YY -> 77218.exe -> %System32%\drivers\down\77218.exe
YY -> wget.exe -> %SystemRoot%\wget.exe
[Files/Folders - Modified Within 90 days]
YY -> 112062.exe -> %System32%\drivers\down\112062.exe
YY -> 126609.exe -> %System32%\drivers\down\126609.exe
YY -> 128218.exe -> %System32%\drivers\down\128218.exe
YY -> 136468.exe -> %System32%\drivers\down\136468.exe
YY -> 148046.exe -> %System32%\drivers\down\148046.exe
YY -> 148625.exe -> %System32%\drivers\down\148625.exe
YY -> 157625.exe -> %System32%\drivers\down\157625.exe
YY -> 172015.exe -> %System32%\drivers\down\172015.exe
YY -> 172968.exe -> %System32%\drivers\down\172968.exe
YY -> 201078.exe -> %System32%\drivers\down\201078.exe
YY -> 205234.exe -> %System32%\drivers\down\205234.exe
YY -> 206437.exe -> %System32%\drivers\down\206437.exe
YY -> 210843.exe -> %System32%\drivers\down\210843.exe
YY -> 212625.exe -> %System32%\drivers\down\212625.exe
YY -> 216515.exe -> %System32%\drivers\down\216515.exe
YY -> 236765.exe -> %System32%\drivers\down\236765.exe
YY -> 257734.exe -> %System32%\drivers\down\257734.exe
YY -> 261281.exe -> %System32%\drivers\down\261281.exe
YY -> 262093.exe -> %System32%\drivers\down\262093.exe
YY -> 263078.exe -> %System32%\drivers\down\263078.exe
YY -> 264218.exe -> %System32%\drivers\down\264218.exe
YY -> 269906.exe -> %System32%\drivers\down\269906.exe
YY -> 281609.exe -> %System32%\drivers\down\281609.exe
YY -> 36015.exe -> %System32%\drivers\down\36015.exe
YY -> 39234.exe -> %System32%\drivers\down\39234.exe
YY -> 425750.exe -> %System32%\drivers\down\425750.exe
YY -> 437484.exe -> %System32%\drivers\down\437484.exe
YY -> 446437.exe -> %System32%\drivers\down\446437.exe
YY -> 449625.exe -> %System32%\drivers\down\449625.exe
YY -> 452875.exe -> %System32%\drivers\down\452875.exe
YY -> 455140.exe -> %System32%\drivers\down\455140.exe
YY -> 459015.exe -> %System32%\drivers\down\459015.exe
YY -> 460140.exe -> %System32%\drivers\down\460140.exe
YY -> 468109.exe -> %System32%\drivers\down\468109.exe
YY -> 571625.exe -> %System32%\drivers\down\571625.exe
YY -> 572437.exe -> %System32%\drivers\down\572437.exe
YY -> 580406.exe -> %System32%\drivers\down\580406.exe
YY -> 594140.exe -> %System32%\drivers\down\594140.exe
YY -> 595421.exe -> %System32%\drivers\down\595421.exe
YY -> 614015.exe -> %System32%\drivers\down\614015.exe
YY -> 626718.exe -> %System32%\drivers\down\626718.exe
YY -> 635109.exe -> %System32%\drivers\down\635109.exe
YY -> 637984.exe -> %System32%\drivers\down\637984.exe
YY -> 647031.exe -> %System32%\drivers\down\647031.exe
YY -> 77218.exe -> %System32%\drivers\down\77218.exe
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
YN -> "drvsyskit"="C:\WINDOWS\system32\drivers\hldrrr.exe" ->
YN -> "german.exe"="C:\WINDOWS\system32\wintems.exe" ->
YN -> C:\WINDOWS\system32\wintems.exe 471556 bytes executable ->
YN -> C:\WINDOWS\system32\drivers\srosa.sys 108928 bytes executable ->
YN -> C:\WINDOWS\system32\drivers\hldrrr.exe 533734 bytes executable ->
[Empty Temp Folders]
[Start Explorer]
[ZipFiles]
The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here .

I will review the information when it comes back in.



Then run ComboFix.exe again straight after and post that log here. Also do the IceSword steps again, however the files/processes may not be there. Also post a new IceSword log.


You should find a zip file after you run WinPFind35. I need you to do the following with it

CLICK THIS TO LINK TO BE SURE YOU CAN VIEW HIDDEN FILES

Please go here:
The Spy Killer Forum
  • Click on "New Topic"
  • Put your name, e-mail address, and this as the title: "%System32%\drivers\down\210843.exe and more"
  • Put a link to this topic in the description box.
  • Then next to the file box, at the bottom, click the browse button, then navigate to this file:


    • %System32%\drivers\down\210843.exe and more


  • Click Open.
  • Click Post.

Thank you!


Then reboot and see how your PC is running and let me know how it all went.