• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 17 de 17

    No puedo entrar al Modo Seguro de Windows (Solucionado)

    Resumen del tema: No puedo entrar al Modo Seguro de Windows (Solucionado) - Aca tengo un problema con el combofix, me dice que tengo un proceso abierto que es el nod32 y antes lo habia desinstalado. Me fije en el administrador de tareas y no aparece :s...

      
    1. #11
      Usuario Avatar de PsyChoW
      Registrado
      ene 2012
      Ubicación
      San Martin, Buenos Aires
      Mensajes
      10

      Re: No puedo entrar al Modo Seguro de Windows

      Aca tengo un problema con el combofix, me dice que tengo un proceso abierto que es el nod32 y antes lo habia desinstalado. Me fije en el administrador de tareas y no aparece :s

    2. #12
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      Re: No puedo entrar al Modo Seguro de Windows

      Cita Originalmente publicado por PsyChoW Ver Mensaje
      Aca tengo un problema con el combofix, me dice que tengo un proceso abierto que es el nod32 y antes lo habia desinstalado. Me fije en el administrador de tareas y no aparece :s

      Has caso omiso de la alerta, es normal ya que quedan servicios aun activos, continúa con el proceso



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de PsyChoW
      Registrado
      ene 2012
      Ubicación
      San Martin, Buenos Aires
      Mensajes
      10

      Re: No puedo entrar al Modo Seguro de Windows

      Disculpen por la tardanza, aca esta el log que genero el combofix
      Aca veo que me detecto el sXe Injected, aviso que es un programa anti cheat para el juego Counter Strike, asi que si lo detecto como virus creo que se equivoco ahi xd

      ComboFix 12-01-13.05 - Yogi.- 14/01/2012 12:52:37.1.2 - x86
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.54.3082.18.3070.2263 [GMT -3:00]
      Running from: c:\users\Yogi.-\Downloads\ComboFix.exe
      AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
      SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
      SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files\sXe Injected
      c:\program files\sXe Injected\chrome-extension_icpgjfneehieebagbmdbhnlpiopdcmna_0.localstorage
      c:\program files\sXe Injected\Chrome\chrome-extension_icpgjfneehieebagbmdbhnlpiopdcmna_0.localstorage
      c:\program files\sXe Injected\chromechange.exe
      c:\program files\sXe Injected\ddsxei.sys
      c:\program files\sXe Injected\default.reg
      c:\program files\sXe Injected\firechange.exe
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\background.js
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\example.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon128.png
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\icon19.png
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\manifest.json
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.css
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\options.js
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\README.md
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.3_1\redirect.js
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\background.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\background.js
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\example.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\icon128.png
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\icon19.png
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\icon200.png
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\manifest.json
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\options.css
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\options.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\options.js
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\README.md
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\redirect.html
      c:\program files\sXe Injected\icpgjfneehieebagbmdbhnlpiopdcmna\1.0.4_0\redirect.js
      c:\program files\sXe Injected\localstrike-search.xml
      c:\program files\sXe Injected\newtaburl_local.xpi
      c:\program files\sXe Injected\Preferences
      c:\program files\sXe Injected\search.ini
      c:\program files\sXe Injected\speeddial.ini
      c:\program files\sXe Injected\sXe-I EULA.txt
      c:\program files\sXe Injected\sXe Injected.exe
      c:\program files\sXe Injected\sXe Injected.txt
      c:\program files\sXe Injected\sXe.dll
      c:\program files\sXe Injected\TopSites.plist
      c:\program files\sXe Injected\uninstall.exe
      c:\program files\sXe Injected\uninstall.ini
      c:\program files\sXe Injected\Web Data
      c:\program files\sXe Injected\web.dll
      c:\users\JaV1\Desktop\Internet Explorer.lnk
      c:\users\Yogi.-\AppData\Local\79f954a9\U
      c:\users\Yogi.-\AppData\Local\79f954a9\U\80000000.@
      c:\users\Yogi.-\AppData\Local\79f954a9\U\800000cf.@
      c:\users\Yogi.-\AppData\Local\assembly\tmp
      c:\windows\$NtUninstallKB53935$
      c:\windows\$NtUninstallKB53935$\168719691
      c:\windows\$NtUninstallKB53935$\2046383273\@
      c:\windows\$NtUninstallKB53935$\2046383273\L\xadqgnnk
      c:\windows\$NtUninstallKB53935$\2046383273\loader.tlb
      c:\windows\$NtUninstallKB53935$\2046383273\U\@00000001
      c:\windows\$NtUninstallKB53935$\2046383273\U\@000000c0
      c:\windows\$NtUninstallKB53935$\2046383273\U\@000000cb
      c:\windows\$NtUninstallKB53935$\2046383273\U\@000000cf
      c:\windows\$NtUninstallKB53935$\2046383273\U\@80000000
      c:\windows\$NtUninstallKB53935$\2046383273\U\@800000c0
      c:\windows\$NtUninstallKB53935$\2046383273\U\@800000cb
      c:\windows\$NtUninstallKB53935$\2046383273\U\@800000cf
      c:\windows\system32\
      c:\windows\system32\drivers\etc\hosts.txt
      c:\windows\system32\k750mdm.dll
      c:\windows\system32\Startup.exe
      c:\windows\system32\Temp
      .
      Infected copy of c:\windows\system32\Drivers\dfsc.sys was found and disinfected
      Restored copy from - c:\windows\winsxs\x86_microsoft-windows-dfsclient_31bf3856ad364e35_6.1.7600.16385_none_87708401476f7a4f\dfsc.sys
      .
      Infected copy of c:\windows\system32\IoctlSvc.exe was found and disinfected
      Restored copy from - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!IoctlSvc.exe
      .
      Infected copy of c:\windows\system32\PnkBstrA.exe was found and disinfected
      Restored copy from - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!PnkBstrA.exe
      .
      Infected copy of c:\windows\system32\IoctlSvc.exe was found and disinfected
      Restored copy from - c:\combofix\HarddiskVolumeShadowCopy1_!Windows!System32!IoctlSvc.exe
      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      -------\Service_sisperf
      .
      .
      ((((((((((((((((((((((((( Files Created from 2011-12-14 to 2012-01-14 )))))))))))))))))))))))))))))))
      .
      .
      2012-01-14 16:00 . 2012-01-14 16:04 -------- d-----w- c:\users\Yogi.-\AppData\Local\temp
      2012-01-14 16:00 . 2012-01-14 16:00 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2012-01-14 16:00 . 2012-01-14 16:00 -------- d-----w- c:\users\JaV1\AppData\Local\temp
      2012-01-14 16:00 . 2012-01-14 16:00 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-01-14 15:48 . 2009-07-13 23:11 80896 ----a-w- c:\windows\system32\drivers\i8042prt.sys
      2012-01-14 03:54 . 2012-01-14 03:54 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2012-01-14 01:02 . 2012-01-14 01:01 638976 ----a-w- c:\windows\ESETUninstaller.exe
      2012-01-13 17:42 . 2012-01-13 17:42 -------- d-----w- c:\users\JaV1\AppData\Roaming\Malwarebytes
      2012-01-12 22:37 . 2012-01-12 22:37 -------- d-----w- c:\users\Yogi.-\AppData\Roaming\Unity
      2012-01-12 22:37 . 2012-01-14 13:15 0 --sha-w- c:\windows\system32\dds_log_trash.cmd
      2012-01-12 19:18 . 2012-01-12 19:18 -------- d-----w- C:\TDSSKiller_Quarantine
      2012-01-12 18:02 . 2012-01-12 18:08 -------- d-----w- C:\RegUnlocker Backups
      2012-01-12 17:05 . 2012-01-12 17:05 -------- d-----w- c:\program files\CCleaner
      2012-01-12 14:06 . 2012-01-12 14:06 -------- d-----w- c:\users\Yogi.-\AppData\Roaming\Malwarebytes
      2012-01-12 14:06 . 2012-01-12 14:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-01-12 14:06 . 2012-01-12 14:06 -------- d-----w- c:\programdata\Malwarebytes
      2012-01-12 14:06 . 2011-12-10 18:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-01-11 14:58 . 2012-01-11 14:58 -------- d-sh--w- c:\windows\system32\%APPDATA%
      2012-01-11 14:53 . 2012-01-14 15:59 -------- d-sh--w- c:\users\Yogi.-\AppData\Local\79f954a9
      2012-01-10 19:18 . 2011-11-21 10:47 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C049B5FE-D3C3-4E49-A4A1-D694C700E06C}\mpengine.dll
      2012-01-07 14:09 . 2012-01-07 14:09 626688 ----a-w- c:\program files\Mozilla Firefox\msvcr80.dll
      2012-01-07 14:09 . 2012-01-07 14:09 548864 ----a-w- c:\program files\Mozilla Firefox\msvcp80.dll
      2012-01-07 14:09 . 2012-01-07 14:09 479232 ----a-w- c:\program files\Mozilla Firefox\msvcm80.dll
      2012-01-07 14:09 . 2012-01-07 14:09 43992 ----a-w- c:\program files\Mozilla Firefox\mozutils.dll
      2012-01-06 02:17 . 2011-10-15 08:53 6350144 ----a-w- c:\windows\system32\nvcpl.dll
      2012-01-06 02:17 . 2011-10-15 08:53 3840320 ----a-w- c:\windows\system32\nvsvc.dll
      2012-01-06 02:17 . 2011-10-15 08:53 3074368 ----a-w- c:\windows\system32\nvsvcr.dll
      2012-01-06 02:17 . 2011-10-15 08:53 203072 ----a-w- c:\windows\system32\nvmctray.dll
      2012-01-06 02:17 . 2011-10-15 08:53 123712 ----a-w- c:\windows\system32\nvshext.dll
      2012-01-06 02:17 . 2011-10-15 08:53 1127936 ----a-w- c:\windows\system32\nvvsvc.exe
      2012-01-06 02:17 . 2011-10-15 08:53 602432 ----a-w- c:\windows\system32\easyupdatusapiu.dll
      2012-01-06 02:15 . 2011-10-15 08:53 7041856 ----a-w- c:\windows\system32\nvwgf2um.dll
      2012-01-06 02:15 . 2011-10-15 08:53 18871616 ----a-w- c:\windows\system32\nvoglv32.dll
      2012-01-06 02:15 . 2011-10-15 08:53 10327360 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
      2012-01-05 03:05 . 2012-01-05 03:05 -------- d-----w- c:\windows\nvtmpinst
      2012-01-05 02:48 . 2012-01-05 02:48 -------- d-----w- c:\users\Yogi~-
      2012-01-04 03:55 . 2012-01-04 03:55 53248 ----a-r- c:\users\Yogi.-\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe1_C884B05AF5D94AE49D84E6BD9F6E7890.exe
      2012-01-04 03:55 . 2012-01-04 03:55 53248 ----a-r- c:\users\Yogi.-\AppData\Roaming\Microsoft\Installer\{C884B05A-F5D9-4AE4-9D84-E6BD9F6E7890}\FlatOut2.exe_C884B05AF5D94AE49D84E6BD9F6E7890.exe
      2012-01-04 03:41 . 2012-01-04 03:41 -------- d-----w- c:\program files\Empire Interactive
      2012-01-03 21:53 . 2012-01-03 21:53 107888 ----a-w- c:\windows\system32\CmdLineExt.dll
      2012-01-03 21:51 . 2012-01-03 21:51 22328 ----a-w- c:\users\Yogi.-\AppData\Roaming\PnkBstrK.sys
      2012-01-03 21:47 . 2012-01-03 21:47 -------- d-----w- c:\program files\Ubisoft
      2012-01-03 19:14 . 2012-01-03 19:39 -------- d-----w- c:\program files\Left 4 Dead
      2012-01-03 19:14 . 2012-01-03 19:14 -------- d-----w- c:\windows\Left 4 Dead
      2012-01-03 19:09 . 2008-05-03 03:16 313888 ----a-w- c:\windows\system32\nvexpbar.dll
      2012-01-03 19:09 . 2008-05-03 03:16 1079840 ----a-w- c:\windows\system32\nvcpluir.dll
      2012-01-03 19:07 . 2008-06-20 08:23 1761280 ----a-w- c:\windows\system32\msicpl.dll
      2012-01-03 19:07 . 2008-06-20 08:16 184320 ----a-w- c:\windows\system32\HookShield.dll
      2012-01-03 19:07 . 2007-10-12 07:14 3734536 ----a-w- c:\windows\system32\d3dx9_36.dll
      2012-01-03 19:07 . 2006-11-06 02:54 134504 ----a-w- c:\windows\system32\smdll.dll
      2012-01-03 19:07 . 2006-01-02 17:45 40960 ----a-w- c:\windows\system32\executeosd.exe
      2012-01-03 19:07 . 2006-11-06 02:41 36200 ----a-w- c:\windows\system32\Auxiliary.dll
      2012-01-03 19:07 . 2008-05-03 03:16 442368 ----a-w- c:\windows\system32\nvudisp.exe
      2012-01-03 19:07 . 2007-05-28 15:13 130048 ----a-w- c:\windows\system32\MadCHook.dll
      2012-01-03 19:07 . 2008-06-20 08:17 229376 ----a-w- c:\windows\system32\HookMap.dll
      2012-01-03 19:07 . 2007-10-02 01:56 444776 ----a-w- c:\windows\system32\d3dx10_36.dll
      2012-01-03 19:06 . 2003-11-10 21:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
      2012-01-03 19:06 . 2003-11-10 21:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
      2012-01-03 19:06 . 2003-11-10 21:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
      2012-01-03 19:06 . 2003-11-10 21:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
      2012-01-03 19:06 . 2003-11-10 21:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
      2012-01-03 19:06 . 2012-01-03 19:06 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
      2012-01-03 19:06 . 2012-01-03 19:06 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
      2012-01-02 23:24 . 2011-09-21 13:25 21992 ----a-w- c:\windows\system32\drivers\cpuz135_x32.sys
      2012-01-02 23:23 . 2012-01-02 23:23 -------- d-----w- c:\program files\CPUID
      2011-12-19 23:35 . 2011-12-19 23:35 -------- d-----w- c:\users\JaV1\AppData\Roaming\Kodak
      2011-12-19 14:13 . 2011-12-19 14:13 -------- d-----w- c:\users\Yogi.-\AppData\Roaming\Kodak
      2011-12-19 14:12 . 2011-12-19 14:12 -------- d-----w- c:\program files\Kodak
      2011-12-19 14:12 . 2011-12-19 14:12 -------- d-----w- c:\program files\Common Files\Kodak
      2011-12-19 14:10 . 2011-12-19 14:10 -------- d-----w- c:\programdata\{A0559A84-0A11-425F-BFFC-532378694B25}
      2011-12-18 20:54 . 2011-12-18 20:54 -------- d-----w- c:\users\Yogi.-\SystemRequirementsLab
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-01-13 12:31 . 2011-06-16 20:22 338944 ----a-w- c:\windows\system32\drivers\afd.sys
      2012-01-13 12:28 . 2011-02-23 22:40 187904 ----a-w- c:\windows\system32\drivers\netbt.sys
      2012-01-11 14:53 . 2011-06-05 01:43 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2012-01-10 12:39 . 2011-04-29 23:46 31552 ----a-w- c:\windows\system32\TURegOpt.exe
      2012-01-10 12:33 . 2011-04-29 23:46 21312 ----a-w- c:\windows\system32\authuitu.dll
      2012-01-10 12:33 . 2011-04-29 23:46 29504 ----a-w- c:\windows\system32\uxtuneup.dll
      2012-01-03 21:51 . 2010-12-15 21:39 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
      2012-01-03 21:50 . 2010-12-15 21:39 107832 ----a-w- c:\windows\system32\PnkBstrB.exe
      2012-01-03 21:50 . 2010-12-15 21:39 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
      2012-01-03 21:50 . 2010-12-15 21:39 2250024 ----a-w- c:\windows\system32\pbsvc.exe
      2011-11-24 04:25 . 2011-12-13 20:55 2342912 ----a-w- c:\windows\system32\win32k.sys
      2011-11-15 17:29 . 2010-01-22 11:50 222080 ------w- c:\windows\system32\MpSigStub.exe
      2011-11-05 04:26 . 2011-12-13 20:55 2048 ----a-w- c:\windows\system32\tzres.dll
      2011-11-03 22:47 . 2011-12-13 21:06 1798144 ----a-w- c:\windows\system32\jscript9.dll
      2011-11-03 22:40 . 2011-12-13 21:06 1427456 ----a-w- c:\windows\system32\inetcpl.cpl
      2011-11-03 22:39 . 2011-12-13 21:06 1127424 ----a-w- c:\windows\system32\wininet.dll
      2011-11-03 22:31 . 2011-12-13 21:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2011-10-26 04:47 . 2011-12-13 20:55 3912560 ----a-w- c:\windows\system32\ntoskrnl.exe
      2011-10-26 04:47 . 2011-12-13 20:55 3967856 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2011-10-26 04:28 . 2011-12-13 20:54 38912 ----a-w- c:\windows\system32\csrsrv.dll
      2012-01-07 14:09 . 2011-04-30 01:43 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{585941d7-21fa-4e24-8281-c134bfa894c1}]
      2011-01-17 19:54 175912 ----a-w- c:\program files\Messenger_Plus_LATAM\prxtbMess.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
      "{585941d7-21fa-4e24-8281-c134bfa894c1}"= "c:\program files\Messenger_Plus_LATAM\prxtbMess.dll" [2011-01-17 175912]
      .
      [HKEY_CLASSES_ROOT\clsid\{585941d7-21fa-4e24-8281-c134bfa894c1}]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "Steam"="c:\program files\Steam\steam.exe" [2011-10-25 1242448]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2009-07-15 1474560]
      "PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-10-24 801792]
      "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584]
      "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-24 460872]
      .
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
      HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 0 (0x0)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      "PromptOnSecureDesktop"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EsetUninstaller]
      @="Service"
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sr.sys]
      @="FSFilter System Recovery"
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
      2010-09-16 20:04 1164584 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
      2009-03-25 16:30 1840424 ----a-w- c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBKeyScan]
      2008-12-02 18:29 2221352 ----a-w- c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      2010-05-14 14:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "HP Software Update"=c:\program files\HP\HP Software Update\HPWuSchd2.exe
      "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe"
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      .
      R0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]
      R0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]
      R1 MpKsl04e9428e;MpKsl04e9428e;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{606AA53D-F92C-40B6-9452-806577ADA131}\MpKsl04e9428e.sys [x]
      R1 MpKsl19ddfe0c;MpKsl19ddfe0c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5E396A75-B7E8-4393-837A-8FAFB6960F69}\MpKsl19ddfe0c.sys [x]
      R1 MpKsl27e3ab93;MpKsl27e3ab93;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{AD1D6080-1AFC-434C-AF36-BA744741A61C}\MpKsl27e3ab93.sys [x]
      R1 MpKsl2a9504bd;MpKsl2a9504bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200F2A9A-0AA3-4AF4-BA1E-EF211CE8BBDD}\MpKsl2a9504bd.sys [x]
      R1 MpKsl32f870ec;MpKsl32f870ec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{62CACA34-2FAB-416C-91C1-F404B6D8E684}\MpKsl32f870ec.sys [x]
      R1 MpKsl38b38bf8;MpKsl38b38bf8;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C985ECC-0E27-4259-81B3-B429CBE25CAB}\MpKsl38b38bf8.sys [x]
      R1 MpKsl39ba3550;MpKsl39ba3550;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{200F2A9A-0AA3-4AF4-BA1E-EF211CE8BBDD}\MpKsl39ba3550.sys [x]
      R1 MpKsl6e5ea500;MpKsl6e5ea500;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2C985ECC-0E27-4259-81B3-B429CBE25CAB}\MpKsl6e5ea500.sys [x]
      R1 MpKsl79af9b94;MpKsl79af9b94;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B2EE2E42-E807-48EB-AA09-0A3F6679AE81}\MpKsl79af9b94.sys [x]
      R1 MpKsl91154e2a;MpKsl91154e2a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{0991F62F-8C91-430D-8D62-874447D78705}\MpKsl91154e2a.sys [x]
      R1 MpKslb6931292;MpKslb6931292;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{605EE925-171C-4EFE-8072-83CCCA754305}\MpKslb6931292.sys [x]
      R1 MpKslb6c007ec;MpKslb6c007ec;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7BB02489-7DAE-4CC2-ADC4-D85BC7D2BE09}\MpKslb6c007ec.sys [x]
      R1 MpKslda5cb46f;MpKslda5cb46f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{05BC3E95-EF05-4E22-9D11-8D9EADCFA94E}\MpKslda5cb46f.sys [x]
      R1 MpKslda625d71;MpKslda625d71;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7E4D8980-0FF4-4F9F-9608-A473A5E0CCF3}\MpKslda625d71.sys [x]
      R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
      R2 gupdate;Servicio Google Update (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 136176]
      R3 EsetUninstaller;ESET Uninstaller Service;c:\windows\ESETUninstaller.exe [2012-01-14 638976]
      R3 FlashUSB;FlashUSB;c:\windows\system32\DRIVERS\FlashUSB.sys [x]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 136176]
      R3 LLRING0;LLRING0;c:\program files\ArgenMu\MuGuard\llck.sys [x]
      R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-01-14 40776]
      R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [2011-06-14 4661552]
      R3 PAC207;i-Look 111;c:\windows\system32\DRIVERS\PFC027.SYS [2009-06-25 618112]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]
      R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-03-27 23064]
      R3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [x]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-26 1343400]
      S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 59392]
      S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 20992]
      S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-09-21 21992]
      S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-12-24 652872]
      S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 372736]
      S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2012-01-10 1527104]
      S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464]
      S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [2011-02-10 10064]
      S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-07-10 1067008]
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
      hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
      Akamai REG_MULTI_SZ Akamai
      .
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp
      tcsd_win32.exe
      sisperf
      rpaservice
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-01-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2280177291-3826638687-2248924737-1000Core.job
      - c:\users\JaV1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-05 19:05]
      .
      2012-01-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2280177291-3826638687-2248924737-1000UA.job
      - c:\users\JaV1\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-11-05 19:05]
      .
      2012-01-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2280177291-3826638687-2248924737-1005Core.job
      - c:\users\Yogi.-\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 22:59]
      .
      2012-01-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2280177291-3826638687-2248924737-1005UA.job
      - c:\users\Yogi.-\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-19 22:59]
      .
      2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 02:51]
      .
      2012-01-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files\Google\Update\GoogleUpdate.exe [2010-10-11 02:51]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com.ar/
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 10.0.0.2
      FF - ProfilePath - c:\users\Yogi.-\AppData\Roaming\Mozilla\Firefox\Profiles\dnrxwvv6.default\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.com.ar/
      FF - user.js: network.http.max-persistent-connections-per-server - 4
      FF - user.js: nglayout.initialpaint.delay - 600
      FF - user.js: content.notify.interval - 600000
      FF - user.js: content.max.tokenizing.time - 1800000
      FF - user.js: content.switch.threshold - 600000
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Toolbar-Locked - (no file)
      HKLM-Run-WinSys2 - c:\windows\system32\startup.exe
      HKLM-Run-sXe Injected - c:\program files\sXe Injected\sXe Injected.exe
      SafeBoot-15965580.sys
      SafeBoot-22500443.sys
      SafeBoot-51220353.sys
      SafeBoot-91977616.sys
      SafeBoot-dmboot.sys
      SafeBoot-dmio.sys
      SafeBoot-dmload.sys
      SafeBoot-dmadmin
      SafeBoot-dmserver
      SafeBoot-SRService
      MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
      MSConfigStartUp-sXe Injected - c:\program files\sXe Injected\sXe Injected.exe
      MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe
      AddRemove-sXe Injected - c:\program files\sXe Injected\uninstall.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
      "ServiceDll"="c:\program files\common files\akamai/netsession_win_b427739.dll"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
      "ImagePath"="c:\windows\system32\GameMon.des -service"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\windows\system32\nvvsvc.exe
      c:\windows\system32\AUDIODG.EXE
      c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
      c:\windows\system32\nvvsvc.exe
      c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
      c:\windows\system32\IoctlSvc.exe
      c:\windows\system32\PnkBstrA.exe
      c:\windows\system32\PnkBstrB.exe
      c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
      c:\windows\system32\taskhost.exe
      c:\program files\Kodak\KODAK Share Button App\Listener.exe
      c:\windows\system32\conhost.exe
      c:\program files\NVIDIA Corporation\Display\nvtray.exe
      c:\windows\system32\sppsvc.exe
      c:\program files\Windows Media Player\wmpnetwk.exe
      .
      **************************************************************************
      .
      Completion time: 2012-01-14 13:08:11 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-01-14 16:08
      .
      Pre-Run: 129.663.406.080 bytes libres
      Post-Run: 130.121.375.744 bytes libres
      .
      - - End Of File - - 579D90B8515018C1756201B32FD8762B

    4. #14
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      Re: No puedo entrar al Modo Seguro de Windows

      Hola de nuevo,

      La infección principal fué removida, dime como marchan las cosas ¿?



      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    5. #15
      Usuario Avatar de PsyChoW
      Registrado
      ene 2012
      Ubicación
      San Martin, Buenos Aires
      Mensajes
      10

      Re: No puedo entrar al Modo Seguro de Windows

      Aparte de borrar dos virus que me molestaban (cosa que no mencione) sigo sin poder entrar al modo seguro y ni al bios
      No sera algo del sistema operativo o un error de hardware?

    6. #16
      Ex-Colaborador Avatar de Anleg_30
      Registrado
      dic 2007
      Ubicación
      Bna-Venezuela
      Mensajes
      10.546

      Re: No puedo entrar al Modo Seguro de Windows

      Hola de nuevo,

      Lo del modo seguro si es del sistema operativo pero lo de no poder entrar a la bios ya es otra cosa que no tiene nada que ver con el windows.

      Si quieres reparar lo de modo seguro te sugiero abrir un tema nuevo en este mismo subforo de windows 7. Lo de la bios no sabría decirte.

      Para terminar solo te quedaría desinstalar CF de la siguiente manera:

      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /Uninstall como muestra la imagen debajo:

      • Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")







      Blog | Antivirus Online | Eliminar Malwares | Antivirus Gratis

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    7. #17
      Usuario Avatar de PsyChoW
      Registrado
      ene 2012
      Ubicación
      San Martin, Buenos Aires
      Mensajes
      10

      Re: No puedo entrar al Modo Seguro de Windows

      Listo, muchas gracias

    Página 2 de 2 PrimeroPrimero 12