• Registrarse
  • Iniciar sesión


  • Página 3 de 4 PrimeroPrimero 1234 ÚltimoÚltimo
    Resultados 21 al 30 de 34

    Malwarebytes se bloquea normal y modo seguro

    Hola Creo que fue error mio Repite el proceso anterior pero con este script: Código: :reg [-HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BAD5B20B-8E39-F527-DAAE-708601477D1E}] :commands [emptytemp] [emptyflash] [emptyjava] [reboot] Nos traes el nuevo reporte te OTM comentandonos el estado del problema, ...

    1. #21
      Moderador
      Avatar de @DavidG_EB
      Registrado
      jul 2009
      Ubicación
      Mexico
      Mensajes
      10.633

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola

      Creo que fue error mio

      Repite el proceso anterior pero con este script:
      Código:
      :reg
      [-HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BAD5B20B-8E39-F527-DAAE-708601477D1E}]
      
      
      :commands
      [emptytemp]
      [emptyflash]
      [emptyjava]
      [reboot]
      Nos traes el nuevo reporte te OTM comentandonos el estado del problema, y si notas alguna emperoa restaura windows con el punto de restauracion que hiciste o la coia de seguridad del registro.

      Saludos
      ErdrickBass
      No importa lo fuerte que sea tu oponente. Lo importante es que estés de pie ante él

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    2. #22
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Aca va el resultado:


      All processes killed
      ========== REGISTRY ==========
      Registry key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BAD5B20B-8E39-F527-DAAE-708601477D1E}\ not found.
      Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAD5B20B-8E39-F527-DAAE-708601477D1E}\ not found.
      ========== COMMANDS ==========

      [EMPTYTEMP]

      User: Alicia
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Java cache emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: All Users

      User: Cristian
      ->Temp folder emptied: 466840 bytes
      ->Temporary Internet Files folder emptied: 33170 bytes
      ->Java cache emptied: 0 bytes
      ->Google Chrome cache emptied: 6622435 bytes
      ->Flash cache emptied: 348 bytes

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes
      ->Flash cache emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32 (64bit) .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 0 bytes
      %systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
      %systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
      %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 7,00 mb


      [EMPTYFLASH]

      User: Alicia
      ->Flash cache emptied: 0 bytes

      User: All Users

      User: Cristian
      ->Flash cache emptied: 0 bytes

      User: Default
      ->Flash cache emptied: 0 bytes

      User: Default User
      ->Flash cache emptied: 0 bytes

      User: Public

      User: UpdatusUser
      ->Flash cache emptied: 0 bytes

      Total Flash Files Cleaned = 0,00 mb


      [EMPTYJAVA]

      User: Alicia
      ->Java cache emptied: 0 bytes

      User: All Users

      User: Cristian
      ->Java cache emptied: 0 bytes

      User: Default

      User: Default User

      User: Public

      User: UpdatusUser

      Total Java Files Cleaned = 0,00 mb


      OTM by OldTimer - Version 3.1.21.0 log created on 09102012_073750

      Files moved on Reboot...
      C:\Users\Cristian\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

      Registry entries deleted on Reboot...

      --Pase el malwarebytes y todo sigue igual se sigue trabando..... la miquina no tuvo problemas al reiniciar, no utilice el punto de restauración

      --Que mas podemos hacer????

    3. #23
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola chicos:

      Neo


      Prueba lo siguiente:


      Desinstala Malwarebytes desde Panel de Control - Agregar/ Quitar programas.

      Reinicia el ordenador

      Descarga MbamClean.exe y lo ejecutas.


      Reinicia nuevamente el ordenador

      Descarga CCleaner. Lo instalas según Su Manual


      Ejecuta CCleaner usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el Registro de Windows (haciendo copia de seguridad).


      Descarga Malwarebytes y Lo instalas y actualizas según su manual.

      Ejecutas primero un análisis rápido y si este termina realizas uno completo.



      Nos comentas.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #24
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Eso ya lo habia hecho antes de iniciar el tema por eso me extraño e inicie el tema.....
      de todas formas lo hice de nuevo y se sigue trabando.....

      Alguna magia que podamos probar, se agradece...

    5. #25
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola:


      Desinstala por completo nuevamente Malwarebytes y no vuelvas a instalarlo.


      Descargar DDS.pif desde aquí y guardarla en su escritorio de Windows, si usas FireFox descargar desde Aca
      Deshabilite cualquier bloqueador de script y a continuación, haga doble clic en dds.pif para ejecutar la herramienta y espere pacientemente el reporte.
      • Cuando haya terminado, DDS, se abrirá dos (2) los reportes:
        1. DDS.txt
        2. Attach.txt
      • Guardar los dos informes en su escritorio y pegue los reportes en su próximo post.
      Nota si te dice que es muy largo utiliza dos mensajes.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #26
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      DDS:


      .
      DDS (Ver_2011-08-26.01) - NTFSAMD64
      Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_33
      Run by Cristian at 23:03:59 on 2012-09-13
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.54.3082.18.6142.4477 [GMT -3:00]
      .
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      ============== Running Processes ===============
      .
      C:\Windows\system32\wininit.exe
      C:\Windows\system32\lsm.exe
      C:\Windows\system32\svchost.exe -k DcomLaunch
      C:\Windows\system32\nvvsvc.exe
      C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
      C:\Windows\system32\svchost.exe -k RPCSS
      C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
      C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
      C:\Windows\system32\svchost.exe -k netsvcs
      C:\Windows\system32\svchost.exe -k LocalService
      C:\Windows\system32\svchost.exe -k NetworkService
      C:\Program Files\PROTECCION\Alwil Software\Avast5\AvastSvc.exe
      C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
      C:\Windows\system32\nvvsvc.exe
      C:\Windows\System32\spoolsv.exe
      C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
      C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
      C:\Windows\system32\taskhost.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
      C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
      C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
      C:\Windows\SysWOW64\PnkBstrA.exe
      c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      C:\Program Files\CyberLink\Shared files\RichVideo64.exe
      C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
      C:\Program Files (x86)\UTILITARIOS\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe
      C:\Program Files (x86)\MULTIMEDIA\Photodex\ProShowProducer\ScsiAccess.exe
      C:\Windows\system32\svchost.exe -k imgsvc
      C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
      C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      C:\Program Files\Microsoft Device Center\itype.exe
      C:\Program Files\Microsoft Device Center\ipoint.exe
      C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe
      C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
      C:\Program Files (x86)\Samsung\Kies\Kies.exe
      C:\Program Files\PROTECCION\Alwil Software\Avast5\AvastUI.exe
      C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
      C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
      C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
      C:\Program Files (x86)\Browny02\BrYNSvc.exe
      C:\Windows\system32\SearchIndexer.exe
      C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
      C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      C:\Windows\system32\sppsvc.exe
      C:\Windows\System32\svchost.exe -k secsvcs
      C:\Windows\system32\taskeng.exe
      C:\Windows\servicing\TrustedInstaller.exe
      C:\Windows\system32\SearchProtocolHost.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      C:\Windows\system32\DllHost.exe
      C:\Windows\system32\DllHost.exe
      C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\conhost.exe
      C:\Windows\SysWOW64\cscript.exe
      C:\Windows\system32\wbem\wmiprvse.exe
      .
      ============== Pseudo HJT Report ===============
      .
      uSearch Page = hxxp://www.google.com.ar/
      uStart Page = hxxp://www.google.com
      mDefault_Search_URL = hxxp://search.localstrike.net/
      mDefault_Page_URL = hxxp://search.localstrike.net/
      mStart Page = hxxp://www.google.com
      mSearch Page = hxxp://search.localstrike.net/
      BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
      BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\PROTECCION\Alwil Software\Avast5\aswWebRepIE.dll
      BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      BHO: Trixie.Bho: {b0744341-96e0-4341-9ed2-8bc36ce0ccd0} - mscoree.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
      TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
      TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\PROTECCION\Alwil Software\Avast5\aswWebRepIE.dll
      TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
      uRun: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
      uRun: [EPSON Stylus C110 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICCL.EXE /FU "C:\Windows\TEMP\E_SF41E.tmp" /EF "HKCU"
      uRun: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
      uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
      uRun: [DIMDescargando la actualización...1300677038363] "c:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" "c:\programdata\corel\downloads\540215253_807001\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\users\cristian\appdata\roaming\corel\messages\540215253_807001\es\messagecache2\workflow"
      uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
      mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      mRun: [avast] "C:\Program Files\PROTECCION\Alwil Software\Avast5\avastUI.exe" /nogui
      mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
      mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
      mPolicies-explorer: NoActiveDesktop = 1 (0x1)
      mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
      mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
      mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
      IE: E&xportar a Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
      IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\JUEGOS\PokerStars.NET\PokerStarsUpdate.exe
      IE: {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\Windows\system32\mscoree.DLL
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
      DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
      DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} - hxxp://quickscan.bitdefender.com/qsax/qsax.cab
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
      DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
      DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      TCP: DhcpNameServer = 190.1.0.14 190.1.0.2
      TCP: Interfaces\{5BA9A819-1E57-4E72-A5D9-A3F1B02F628D} : DhcpNameServer = 190.1.0.14 190.1.0.2
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
      {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
      {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
      {AA58ED58-01DD-4d91-8333-CF10577473F7}
      {B0744341-96E0-4341-9ED2-8BC36CE0CCD0}
      {DBC80044-A445-435b-BC74-9C25C1C588A9}
      {2318C2B1-4965-11d4-9B18-009027A5CD4F}
      {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
      TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
      mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
      mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
      mRun-x64: [avast] "C:\Program Files\PROTECCION\Alwil Software\Avast5\avastUI.exe" /nogui
      mRun-x64: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
      mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
      IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\JUEGOS\PokerStars.NET\PokerStarsUpdate.exe
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 nvamacpi;NVIDIA Away Mode System;C:\Windows\system32\DRIVERS\NVAMACPI.sys --> C:\Windows\system32\DRIVERS\NVAMACPI.sys [?]
      R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot64.sys --> C:\Windows\system32\drivers\pavboot64.sys [?]
      R1 archlp;archlp;C:\Windows\system32\drivers\archlp.sys --> C:\Windows\system32\drivers\archlp.sys [?]
      R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
      R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
      R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
      R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
      R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
      R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/17 12:39:14];C:\Program Files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [2010-4-2 146928]
      R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
      R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
      R2 avast! Antivirus;avast! Antivirus;C:\Program Files\PROTECCION\Alwil Software\Avast5\AvastSvc.exe [2012-8-30 44808]
      R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
      R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-3-24 2348352]
      R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-4-22 474168]
      R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-7-29 386344]
      R2 SCPDFReadSpool;SolidConverterPDFReadSpool;C:\Program Files (x86)\UTILITARIOS\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [2010-12-21 209920]
      R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-2-29 382272]
      R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-2-7 245760]
      R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys --> C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
      R3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys --> C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
      S2 gupdate;Servicio de actualización de Google (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-29 136176]
      S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\MULTIMEDIA\Skype\Updater\Updater.exe [2012-2-29 158856]
      S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]
      S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]
      S3 ENTECH64;ENTECH64;\??\C:\Windows\system32\DRIVERS\ENTECH64.sys --> C:\Windows\system32\DRIVERS\ENTECH64.sys [?]
      S3 epmntdrv;epmntdrv;C:\Windows\System32\epmntdrv.sys [2011-10-25 14216]
      S3 EuGdiDrv;EuGdiDrv;C:\Windows\System32\EuGdiDrv.sys [2011-10-25 8456]
      S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
      S3 gupdatem;Google Update Servicio (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-1-29 136176]
      S3 nmwcdcx64;Nokia USB Generic;C:\Windows\system32\drivers\ccdcmbox64.sys --> C:\Windows\system32\drivers\ccdcmbox64.sys [?]
      S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\system32\drivers\nmwcdnsux64.sys --> C:\Windows\system32\drivers\nmwcdnsux64.sys [?]
      S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys --> C:\Windows\system32\drivers\ccdcmbx64.sys [?]
      S3 pwdrvio;pwdrvio;\??\C:\Windows\system32\pwdrvio.sys --> C:\Windows\system32\pwdrvio.sys [?]
      S3 pwdspio;pwdspio;\??\C:\Windows\system32\pwdspio.sys --> C:\Windows\system32\pwdspio.sys [?]
      S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
      S3 Revoflt;Revoflt;C:\Windows\system32\DRIVERS\revoflt.sys --> C:\Windows\system32\DRIVERS\revoflt.sys [?]
      S3 RivaTuner64;RivaTuner64;C:\Program Files (x86)\UTILITARIOS\RivaTuner v2.24\RivaTuner64.sys [2009-2-25 19952]
      S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]
      S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]
      S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]
      S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);C:\Windows\system32\DRIVERS\ssadserd.sys --> C:\Windows\system32\DRIVERS\ssadserd.sys [?]
      S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]
      S3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudobex.sys --> C:\Windows\system32\DRIVERS\ssudobex.sys [?]
      S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
      S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
      S3 vpcuxd;Servicio auxiliar de virtualización de USB;C:\Windows\system32\drivers\vpcuxd.sys --> C:\Windows\system32\drivers\vpcuxd.sys [?]
      .
      =============== Created Last 30 ================
      .
      2012-09-12 10:17:28 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
      2012-09-12 10:17:28 41472 ----a-w- C:\Windows\System32\drivers\RNDISMP.sys
      2012-09-12 10:17:27 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
      2012-09-12 10:17:27 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
      2012-09-12 10:17:26 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
      2012-09-12 10:17:26 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
      2012-09-12 10:17:26 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
      2012-09-11 15:53:44 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E67A409F-3CCF-4AAC-905F-3D8654AB6CEE}\mpengine.dll
      2012-09-09 18:56:21 -------- d-----w- C:\_OTM
      2012-08-31 13:25:18 33800 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
      2012-08-31 13:25:16 -------- d-----w- C:\Program Files (x86)\Panda Security
      2012-08-30 09:47:15 69660 ----a-w- C:\Windows\Fart.exe
      2012-08-30 09:47:15 11776 ----a-w- C:\Windows\Colous.exe
      2012-08-29 21:07:42 -------- d-----w- C:\Users\Cristian\AppData\Local\VS Revo Group
      2012-08-29 21:07:38 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys
      2012-08-29 21:07:37 -------- d-----w- C:\Program Files\VS Revo Group
      2012-08-28 02:28:27 -------- d-----w- C:\Users\Cristian\AppData\Local\Thinstall
      2012-08-15 19:03:17 751104 ----a-w- C:\Windows\System32\win32spl.dll
      2012-08-15 19:03:16 67072 ----a-w- C:\Windows\splwow64.exe
      2012-08-15 19:03:16 559104 ----a-w- C:\Windows\System32\spoolsv.exe
      2012-08-15 19:03:16 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
      2012-08-15 19:03:15 59392 ----a-w- C:\Windows\System32\browcli.dll
      2012-08-15 19:03:15 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
      2012-08-15 19:03:15 136704 ----a-w- C:\Windows\System32\browser.dll
      2012-08-15 19:03:14 503808 ----a-w- C:\Windows\System32\srcore.dll
      2012-08-15 19:03:14 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
      2012-08-15 19:03:11 3148800 ----a-w- C:\Windows\System32\win32k.sys
      2012-08-15 19:03:09 956928 ----a-w- C:\Windows\System32\localspl.dll
      .
      ==================== Find3M ====================
      .
      2012-09-13 18:50:56 282472 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
      2012-09-13 18:50:56 282472 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
      2012-09-13 18:37:10 103736 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
      2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
      2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
      2012-08-21 09:13:12 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
      2012-08-21 09:12:33 41224 ----a-w- C:\Windows\avastSS.scr
      2012-07-30 16:32:08 203104 ----a-w- C:\Windows\System32\drivers\ssudobex.sys
      2012-07-30 16:32:08 203104 ----a-w- C:\Windows\System32\drivers\ssudmdm.sys
      2012-07-30 16:32:08 102240 ----a-w- C:\Windows\System32\drivers\ssudbus.sys
      2012-07-09 12:40:39 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-09 12:40:39 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
      2012-07-02 16:13:25 476936 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
      2012-07-02 16:13:25 472840 ----a-w- C:\Windows\SysWow64\deployJava1.dll
      2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
      2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
      2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
      2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
      2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
      2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
      2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
      2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
      2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
      2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
      2012-06-26 15:25:12 18856 ----a-w- C:\Windows\System32\roboot64.exe
      2012-06-25 19:04:24 1394248 ----a-w- C:\Windows\SysWow64\msxml4.dll
      .
      ============= FINISH: 23:04:30,30 ===============

    7. #27
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Attach:


      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2011-08-26.01)
      .
      Microsoft Windows 7 Ultimate
      Boot Device: \Device\HarddiskVolume1
      Install Date: 25/05/2010 05:30:58 PM
      System Uptime: 13/09/2012 10:56:08 PM (1 hours ago)
      .
      Motherboard: ASUSTeK Computer INC. | | M3N-HD/HDMI
      Processor: AMD Phenom(tm) II X4 920 Processor | Socket AM2 | 2800/200mhz
      .
      ==== Disk Partitions =========================
      .
      A: is Removable
      C: is FIXED (NTFS) - 293 GiB total, 68,463 GiB free.
      D: is FIXED (NTFS) - 187 GiB total, 17,679 GiB free.
      E: is FIXED (NTFS) - 116 GiB total, 4,922 GiB free.
      F: is CDROM ()
      G: is CDROM ()
      H: is FIXED (NTFS) - 149 GiB total, 87,846 GiB free.
      .
      ==== Disabled Device Manager Items =============
      .
      ==== System Restore Points ===================
      .
      RP467: 01/09/2012 08:39:37 AM - Quitado TuneUp Utilities 2012
      RP468: 01/09/2012 08:40:35 AM - Quitado TuneUp Utilities Language Pack (es-ES)
      RP469: 04/09/2012 10:54:38 AM - Windows Update
      RP470: 09/09/2012 03:48:08 PM - antes de OTM
      RP471: 11/09/2012 12:53:08 PM - Windows Update
      RP472: 12/09/2012 07:17:32 AM - Windows Update
      .
      ==== Installed Programs ======================
      .
      3DMark Vantage
      7-Zip 9.13 beta
      A4tech USB Mouse Quality Testing Program V6.0
      Adobe After Effects CS5.5
      Adobe AIR
      Adobe Community Help
      Adobe Flash Player 11 ActiveX
      Adobe Flash Player 11 Plugin
      Adobe Media Player
      Adobe Photoshop CS5
      Adobe Shockwave Player 11.5
      Adobe Story
      AIDA64 Extreme Edition v1.00
      AIMP3
      Alone in the Dark 5
      AP Tuner 3.08
      Apple Application Support
      Apple Software Update
      ArcSoft TotalMedia Theatre 3
      Ares 2.1.7
      µTorrent
      aTube Catcher
      avast! Free Antivirus
      Balabolka
      Brain trainer 2
      BulletStorm
      BumpTop
      calibre
      Call of Duty(R) 4 - Modern Warfare(TM)
      Call of Juarez - Bound in Blood
      ChessBase 10
      ChessBase Reader
      ConvertXtoDVD 4.1.19.365
      Corel Graphics - Windows Shell Extension
      CorelDRAW Graphics Suite X5
      CorelDRAW Graphics Suite X5 - BR
      CorelDRAW Graphics Suite X5 - Capture
      CorelDRAW Graphics Suite X5 - Common
      CorelDRAW Graphics Suite X5 - Connect
      CorelDRAW Graphics Suite X5 - Custom Data
      CorelDRAW Graphics Suite X5 - DE
      CorelDRAW Graphics Suite X5 - Draw
      CorelDRAW Graphics Suite X5 - EN
      CorelDRAW Graphics Suite X5 - ES
      CorelDRAW Graphics Suite X5 - Extra Content
      CorelDRAW Graphics Suite X5 - Filters
      CorelDRAW Graphics Suite X5 - FontNav
      CorelDRAW Graphics Suite X5 - FR
      CorelDRAW Graphics Suite X5 - IPM
      CorelDRAW Graphics Suite X5 - IT
      CorelDRAW Graphics Suite X5 - NL
      CorelDRAW Graphics Suite X5 - PHOTO-PAINT
      CorelDRAW Graphics Suite X5 - Photozoom Plugin
      CorelDRAW Graphics Suite X5 - Premium Fonts
      CorelDRAW Graphics Suite X5 - Redist
      CorelDRAW Graphics Suite X5 - Setup Files
      CorelDRAW Graphics Suite X5 - VBA
      CorelDRAW Graphics Suite X5 - VideoBrowser
      CorelDRAW Graphics Suite X5 - VSTA
      CorelDRAW Graphics Suite X5 - WT
      CorelDRAW(R) Graphics Suite X5
      Counter-Strike 1.6
      Creatures of Darkness
      CyberLink PowerDirector
      CyberLink PowerDirector 10
      CyberLink PowerDVD 10
      CyberLink WaveEditor
      Deep Space Voices
      DiRT2
      DVD Decrypter (Remove Only)
      DVD Identifier
      DVD Shrink 3.2
      EASEUS Partition Master 9.1.0 Home Edition
      Facebook Video Calling 1.2.0.159
      Fantasy Voice Pack
      Female Voice Pack
      Firebird SQL Server - MAGIX Edition
      Freemake Video Converter versión 3.0.1
      Full Tilt Poker
      Futuremark SystemInfo
      GameRanger
      GESTIONPRO V5.30
      GOM Player
      Google Chrome
      Google Talk (remove only)
      Google Toolbar for Internet Explorer
      Google Update Helper
      GRID
      HL-2130
      Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
      Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
      Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
      Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
      Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
      Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
      IB MENSUAL - Pcia.Bs.As.
      iSlim 310
      Java Auto Updater
      Java(TM) 6 Update 33
      JDownloader
      K-Lite Codec Pack 7.0.0 (Standard)
      Kinovea
      Male Voice Pack
      Memory Improve Master Free Version v6.1.2.369
      Microsoft .NET Framework 1.1
      Microsoft Games for Windows - LIVE
      Microsoft Games for Windows - LIVE Redistributable
      Microsoft Office Excel MUI (Spanish) 2007
      Microsoft Office Outlook MUI (Spanish) 2007
      Microsoft Office PowerPoint MUI (Spanish) 2007
      Microsoft Office PowerPoint Viewer 2007 (Spanish)
      Microsoft Office Proof (Basque) 2007
      Microsoft Office Proof (Catalan) 2007
      Microsoft Office Proof (English) 2007
      Microsoft Office Proof (French) 2007
      Microsoft Office Proof (Galician) 2007
      Microsoft Office Proof (Portuguese (Brazil)) 2007
      Microsoft Office Proof (Spanish) 2007
      Microsoft Office Proofing (Spanish) 2007
      Microsoft Office Shared MUI (Spanish) 2007
      Microsoft Office Standard 2007
      Microsoft Office Word MUI (Spanish) 2007
      Microsoft Visual C++ 2005 Redistributable
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
      Microsoft Visual Studio Tools for Applications 2.0 - ENU
      Microsoft Visual Studio Tools for Applications 2.0 Language Pack - ESN
      Microsoft Visual Studio Tools for Applications 2.0 Runtime
      Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - ESN
      Microsoft_VC80_ATL_x86
      Microsoft_VC80_CRT_x86
      Microsoft_VC80_MFC_x86
      Microsoft_VC80_MFCLOC_x86
      Microsoft_VC90_ATL_x86
      Microsoft_VC90_CRT_x86
      Microsoft_VC90_MFC_x86
      Microsoft_VC90_MFCLOC_x86
      MiPony 2.0.0
      MorphVOX Pro
      Mozilla Thunderbird 13.0.1 (x86 es-AR)
      MSXML 4.0 SP2 (KB954430)
      MSXML 4.0 SP2 (KB973688)
      MSXML 4.0 SP3 Parser
      MSXML 4.0 SP3 Parser (KB2721691)
      MSXML 4.0 SP3 Parser (KB973685)
      Muargentina Season6
      NBA 2K11
      NBA 2K12
      Nero 8 Micro 8.3.6.0
      NVIDIA 3D Vision Controller Driver
      NVIDIA Performance
      NVIDIA PhysX
      NVIDIA Stereoscopic 3D Driver
      NVIDIA System Monitor
      NVIDIA System Update
      OpenAL
      OSCAR Editor
      Panda ActiveScan 2.0
      PDF Settings CS5
      Photodex Presenter
      PhotoScape
      PlayMemories Home
      PokerStars.net
      Portal 2
      Portal Full [ESP] [No-Steam] [By CaRLy]
      Pro Evolution Soccer 2012
      ProShow Producer
      PunkBuster Services
      QuickTime
      Race Driver 3
      RAR File Open Knife - Free Opener
      RealSpeak Solo para Castellano, Isabel
      Realtek High Definition Audio Driver
      RegClean Pro
      RESIDENT EVIL 5
      Revisión para Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
      RGBmachine 4.1
      RivaTuner v2.24
      S.I.Ap.
      Samsung Kies
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
      Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2478663)
      Security Update for Paquete de idioma de Microsoft .NET Framework 4 Client Profile ESN (KB2518870)
      Skype™ 5.8
      SmartSound Quicktracks 5
      Sniper Elite V2
      Solid Converter PDF
      Songr
      SopCast 3.2.9
      Sothink Logo Maker
      Special Effects Voices
      Speed Wheel 5 Pro
      SpeedFan (remove only)
      Spybot - Search & Destroy
      StreamTorrent 1.0
      Super MP3 Download
      Switch Sound File Converter
      sXe Injected
      System Requirements Lab CYRI
      The KMPlayer 3.0.0.1439 beta
      Trixie
      TuneUp Utilities Language Pack (es-ES)
      TVAnts 1.0
      TVUPlayer 2.5.3.1
      Ubisoft Game Launcher
      UltraISO Premium V9.36
      Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
      Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
      Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
      USB Vibration Joystick
      Veetle TV
      Visual Basic for Applications (R) Core
      Visual Basic for Applications (R) Core - English
      Visual Basic for Applications (R) Core - Spanish
      vReveal 3
      Windows Media Player Firefox Plugin
      X7 Oscar Editor
      Xilisoft Video Converter Ultimate 6
      .
      ==== Event Viewer Messages From Past Week ========
      .
      12/09/2012 05:21:56 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR2.
      12/09/2012 05:21:55 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR2.
      12/09/2012 05:21:54 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR2.
      12/09/2012 05:21:54 PM, Error: Disk [11] - El controlador detectó un error de controladora en \Device\Harddisk2\DR2.
      10/09/2012 07:38:08 AM, Error: Service Control Manager [7038] - El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: El servidor RPC no está disponible. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
      10/09/2012 07:38:07 AM, Error: Service Control Manager [7038] - El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: Error en la llamada a procedimiento remoto. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
      10/09/2012 07:38:07 AM, Error: Service Control Manager [7038] - El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: El servidor RPC no está disponible. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
      10/09/2012 07:38:07 AM, Error: Service Control Manager [7038] - El servicio WerSvc no se pudo iniciarse como NT AUTHORITY\SYSTEM con la contraseña configurada actualmente debido al siguiente error: El servidor RPC no está disponible. Para asegurarse de que el servicio esté correctamente configurado, use el complemento Servicios en Microsoft Management Console (MMC).
      10/09/2012 07:38:07 AM, Error: Service Control Manager [7034] - El servicio NVIDIA Update Service Daemon se terminó de manera inesperada. Esto ha sucedido 1 veces.
      10/09/2012 07:38:07 AM, Error: Service Control Manager [7034] - El servicio BrYNSvc se terminó de manera inesperada. Esto ha sucedido 1 veces.
      10/09/2012 07:37:50 AM, Error: Service Control Manager [7034] - El servicio NVIDIA Stereoscopic 3D Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
      10/09/2012 06:50:48 AM, Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio Microsoft .NET Framework NGEN v4.0.30319_X86.
      09/09/2012 04:00:07 PM, Error: Service Control Manager [7009] - Se agotó el tiempo de espera (30000 ms) para la conexión con el servicio PMBDeviceInfoProvider.
      09/09/2012 04:00:07 PM, Error: Service Control Manager [7000] - El servicio PMBDeviceInfoProvider no pudo iniciarse debido al siguiente error: El servicio no respondió a tiempo a la solicitud de inicio o de control.
      09/09/2012 03:56:21 PM, Error: Service Control Manager [7034] - El servicio NVIDIA Stereoscopic 3D Driver Service se terminó de manera inesperada. Esto ha sucedido 1 veces.
      08/09/2012 10:57:55 AM, Error: Microsoft-Windows-HAL [12] - El firmware de la plataforma dañó la memoria durante la transición de energía del sistema anterior. Compruebe si existe firmware actualizado para el sistema.
      .
      ==== End Of File ===========================

      Bien...estos son los reportes, que hacemos???

    8. #28
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola:




      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware


        Si te pide actualizar "Aceptas".
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Nota Importante: Luego del primer reinicio que realiza el programa Combofix, realiza un reinicio mas.




      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    9. #29
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola, este es combofix:


      ComboFix 12-09-16.01 - Cristian 17/09/2012 7:37.1.4 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.54.3082.18.6142.4581 [GMT -3:00]
      Running from: c:\users\Cristian\Desktop\ComboFix.exe
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\users\Cristian\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
      c:\users\Cristian\AppData\Roaming\inst.exe
      c:\users\Cristian\AppData\Roaming\Microsoft\Windows\Recent\LISTA PRECIOS pcone.url
      c:\users\Cristian\AppData\Roaming\vso_ts_preview.xml
      c:\users\Cristian\Documents\~WRL0003.tmp
      c:\windows\Installer\$PatchCache$\Managed\211FAFEF8AD4C974982ED72E051917A1\1.0.0\game.ini2
      c:\windows\SysWow64\Config.ini
      c:\windows\SysWow64\muzapp.exe
      c:\windows\SysWow64\System32\MASetupCleaner.exe
      c:\windows\SysWow64\System32\muzapp.exe
      c:\windows\SysWow64\URTTemp
      c:\windows\SysWow64\URTTemp\regtlib.exe
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-17 to 2012-09-17 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-15 11:47 . 2012-09-15 11:48 -------- d-----w- c:\program files (x86)\Ask.com
      2012-09-15 11:46 . 2012-09-15 11:46 -------- d-----w- c:\programdata\Ask
      2012-09-14 23:25 . 2012-08-23 08:26 9310152 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8381FE37-DA77-44A3-9332-B8AA378BB096}\mpengine.dll
      2012-09-12 10:17 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-09-12 10:17 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
      2012-09-12 10:17 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-09-12 10:17 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2012-09-12 10:17 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-09-12 10:17 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-09-12 10:17 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-09-09 18:56 . 2012-09-09 18:56 -------- d-----w- C:\_OTM
      2012-08-31 13:25 . 2009-06-30 13:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
      2012-08-31 13:25 . 2012-08-31 13:25 -------- d-----w- c:\program files (x86)\Panda Security
      2012-08-30 09:47 . 2012-03-13 02:27 11776 ----a-w- c:\windows\Colous.exe
      2012-08-30 09:47 . 2008-03-25 13:39 69660 ----a-w- c:\windows\Fart.exe
      2012-08-29 21:07 . 2012-08-29 21:07 -------- d-----w- c:\users\Cristian\AppData\Local\VS Revo Group
      2012-08-29 21:07 . 2009-12-30 14:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
      2012-08-29 21:07 . 2012-08-29 21:07 -------- d-----w- c:\program files\VS Revo Group
      2012-08-28 02:28 . 2012-08-28 02:28 -------- d-----w- c:\users\Cristian\AppData\Local\Thinstall
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-09-16 22:35 . 2010-05-28 17:39 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
      2012-09-16 14:09 . 2010-05-28 17:39 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
      2012-09-13 18:50 . 2010-10-19 18:07 282472 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
      2012-09-12 10:18 . 2010-06-09 13:17 64462936 ----a-w- c:\windows\system32\MRT.exe
      2012-08-21 09:13 . 2011-03-18 12:44 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-08-21 09:13 . 2010-05-25 21:09 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-08-21 09:13 . 2010-05-25 21:09 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-08-21 09:13 . 2012-03-03 13:27 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2012-08-21 09:13 . 2010-05-25 21:09 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-08-21 09:13 . 2010-05-25 21:09 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-08-21 09:12 . 2010-06-29 10:29 41224 ----a-w- c:\windows\avastSS.scr
      2012-08-21 09:12 . 2010-05-25 21:09 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
      2012-08-21 09:12 . 2011-01-14 10:33 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-07-30 16:32 . 2012-07-30 16:32 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
      2012-07-30 16:32 . 2012-07-30 16:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
      2012-07-30 16:32 . 2012-07-30 16:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
      2012-07-18 18:15 . 2012-08-15 19:03 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-07-09 12:40 . 2012-04-06 12:27 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-07-09 12:40 . 2011-05-23 18:22 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-04 22:16 . 2012-08-15 19:03 73216 ----a-w- c:\windows\system32\netapi32.dll
      2012-07-04 22:13 . 2012-08-15 19:03 59392 ----a-w- c:\windows\system32\browcli.dll
      2012-07-04 22:13 . 2012-08-15 19:03 136704 ----a-w- c:\windows\system32\browser.dll
      2012-07-04 21:14 . 2012-08-15 19:03 41984 ----a-w- c:\windows\SysWow64\browcli.dll
      2012-07-02 16:13 . 2012-07-02 16:13 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-07-02 16:13 . 2010-05-25 23:28 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-06-29 04:55 . 2012-08-15 19:06 17809920 ----a-w- c:\windows\system32\mshtml.dll
      2012-06-29 04:09 . 2012-08-15 19:06 10925568 ----a-w- c:\windows\system32\ieframe.dll
      2012-06-29 03:56 . 2012-08-15 19:06 2312704 ----a-w- c:\windows\system32\jscript9.dll
      2012-06-29 03:49 . 2012-08-15 19:06 1346048 ----a-w- c:\windows\system32\urlmon.dll
      2012-06-29 03:49 . 2012-08-15 19:06 1392128 ----a-w- c:\windows\system32\wininet.dll
      2012-06-29 03:48 . 2012-08-15 19:06 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
      2012-06-29 03:47 . 2012-08-15 19:06 237056 ----a-w- c:\windows\system32\url.dll
      2012-06-29 03:45 . 2012-08-15 19:06 85504 ----a-w- c:\windows\system32\jsproxy.dll
      2012-06-29 03:44 . 2012-08-15 19:06 816640 ----a-w- c:\windows\system32\jscript.dll
      2012-06-29 03:43 . 2012-08-15 19:06 173056 ----a-w- c:\windows\system32\ieUnatt.exe
      2012-06-29 03:42 . 2012-08-15 19:06 2144768 ----a-w- c:\windows\system32\iertutil.dll
      2012-06-29 03:40 . 2012-08-15 19:06 96768 ----a-w- c:\windows\system32\mshtmled.dll
      2012-06-29 03:39 . 2012-08-15 19:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb
      2012-06-29 03:35 . 2012-08-15 19:06 248320 ----a-w- c:\windows\system32\ieui.dll
      2012-06-29 00:16 . 2012-08-15 19:06 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
      2012-06-29 00:09 . 2012-08-15 19:06 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
      2012-06-29 00:08 . 2012-08-15 19:06 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
      2012-06-29 00:04 . 2012-08-15 19:06 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
      2012-06-29 00:00 . 2012-08-15 19:06 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
      2012-06-26 15:25 . 2012-07-08 18:10 18856 ----a-w- c:\windows\system32\roboot64.exe
      2012-06-25 19:04 . 2012-06-25 19:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
      "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-07 1519304]
      .
      [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
      .
      [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
      2012-06-07 00:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-07 1519304]
      .
      [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
      [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2011-07-25 3332608]
      "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
      "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
      "DIMDescargando la actualización...1300677038363"="c:\program files (x86)\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" [2010-05-21 95592]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-30 39408]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "avast"="c:\program files\PROTECCION\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
      "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
      "PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-04-22 724536]
      "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-07 1564872]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
      Trusted 2fd3
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
      "BDRegion"=c:\program files (x86)\Cyberlink\Shared files\brs.exe
      "RemoteControl10"="c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe"
      "KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
      "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de actualización de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 136176]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\MULTIMEDIA\Skype\Updater\Updater.exe [2012-02-29 158856]
      R3 ALSysIO;ALSysIO;c:\users\Cristian\AppData\Local\Temp\ALSysIO64.sys [x]
      R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
      R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
      R3 cpuz130;cpuz130;c:\users\Cristian\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
      R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
      R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
      R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
      R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
      R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 136176]
      R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
      R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
      R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
      R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-05-30 82816]
      R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 19936]
      R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 13280]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
      R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
      R3 RivaTuner64;RivaTuner64;c:\program files (x86)\UTILITARIOS\RivaTuner v2.24\RivaTuner64.sys [2010-05-31 19952]
      R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
      R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
      R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
      R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
      R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 vpcuxd;Servicio auxiliar de virtualización de USB;c:\windows\system32\drivers\vpcuxd.sys [2010-11-20 16384]
      S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2009-11-24 28264]
      S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
      S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2010-01-12 142848]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
      S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/17 12:39];c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [2010-04-02 12:11 146928]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
      S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
      S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
      S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-04-22 474168]
      S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
      S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\program files (x86)\UTILITARIOS\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [2010-12-22 209920]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
      S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
      S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
      .
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 02:48]
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 02:48]
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600557901-3426723644-4057276692-1000Core.job
      - c:\users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-28 15:59]
      .
      2012-09-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600557901-3426723644-4057276692-1000UA.job
      - c:\users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-28 15:59]
      .
      2012-09-16 c:\windows\Tasks\RegClean Pro_DEFAULT.job
      - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-07-08 15:25]
      .
      2012-09-12 c:\windows\Tasks\RegClean Pro_UPDATES.job
      - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-07-08 15:25]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-08-21 09:11 133400 ----a-w- c:\program files\PROTECCION\Alwil Software\Avast5\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-08 10060832]
      "IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]
      "IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
      "LoadAppInit_DLLs"=0x0
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      uStart Page = hxxp://es.ask.com/?l=dis&o=15383
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 190.1.0.14 190.1.0.2
      .
      - - - - ORPHANS REMOVED - - - -
      .
      SafeBoot-42561140.sys
      WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
      AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
      AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
      "ImagePath"="\??\c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      @Denied: (2) (LocalSystem)
      "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,38,7e,b5,ef,7b,6d,6e,4f,9a,84,3e,\
      "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,38,7e,b5,ef,7b,6d,6e,4f,9a,84,3e,\
      .
      [HKEY_USERS\S-1-5-21-3600557901-3426723644-4057276692-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BAD5B20B-8E39-F527-DAAE-708601477D1E}*]
      "iafckanoimmpliiabb"=hex:6a,61,68,6b,6c,66,6e,6a,69,68,6a,69,69,65,61,62,6c,6a,
      6d,67,00,00
      "haldapilanpodikm"=hex:6a,61,68,6b,6c,66,6e,6a,69,68,6a,69,69,65,61,62,6c,6a,
      6d,67,00,00
      "hammldekonjjimdo"=hex:61,63,6c,68,69,70,66,6b,65,6f,62,69,6e,68,64,65,69,6e,
      63,70,63,67,61,63,6c,6c,6e,6e,66,68,65,62,67,70,68,66,6d,66,70,69,6f,6b,70,\
      .
      [HKEY_USERS\S-1-5-21-3600557901-3426723644-4057276692-1000\Software\SecuROM\License information*]
      "datasecu"=hex:3b,80,44,9a,4c,b9,8f,fa,3c,6b,c8,9c,3e,63,29,14,e4,89,d6,16,9a,
      1a,bd,de,21,ac,91,7f,c4,10,7a,46,ca,27,f2,87,8d,f0,3b,c2,12,b2,d3,ba,54,e8,\
      "rkeysecu"=hex:1b,b5,52,6d,b9,b0,2c,c1,55,51,23,8c,25,8e,a7,8c
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\PROTECCION\Alwil Software\Avast5\AvastSvc.exe
      c:\windows\SysWOW64\PnkBstrA.exe
      c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      c:\program files (x86)\MULTIMEDIA\Photodex\ProShowProducer\ScsiAccess.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-17 08:19:18 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-17 11:19
      .
      Pre-Run: 75.549.200.384 bytes libres
      Post-Run: 75.130.486.784 bytes libres
      .
      - - End Of File - - 65B58010896EF3C69346888A9B934977

      ---Te recuerdo que todavia no instale el mbam, lo instalo y pruebo???---

    10. #30
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola Neo:




      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR

      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache:: 
      
      Folder::
      c:\program files (x86)\Ask.com
      c:\programdata\Ask
      
      Registry::
      [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
       "{00000000-6E41-4FD3-8538-502F5495E5FC}"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
      "{D4027C7F-154A-4066-A1AD-4243D8127440}"=-
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      ApnUpdater"=-
      
      [-HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
      [-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
      [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
      [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
      [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
      
      DDS:: 
      uStart Page = hxxp://es.ask.com/?l=dis&o=15383
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?



      Luego de reiniciar intenta nuevamente la Instalación de Malwarebytes pero esta vez intenta primero un escaneo rápido y si se completa luego uno completo.


      Si aun no se ejecuta bien intenta correrlo en su Modo Chamaleon >>> Manual de Malwarebytes Anti-Malware 2


      Nos comentas.


      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.