• Registrarse
  • Iniciar sesión


  • Página 4 de 4 PrimeroPrimero 1234
    Resultados 31 al 34 de 34

    Malwarebytes se bloquea normal y modo seguro

    Primero quería agradecer por los molestias ocasionadas y el tiempo que he hecho perder a algunos usuarios con mi problema, que aun persiste en mi pc, aca paso el txt del combofix: ComboFix 12-09-22.02 - ...

    1. #31
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Primero quería agradecer por los molestias ocasionadas y el tiempo que he hecho perder a algunos usuarios con mi problema, que aun persiste en mi pc, aca paso el txt del combofix:


      ComboFix 12-09-22.02 - Cristian 22/09/2012 16:33:05.2.4 - x64
      Microsoft Windows 7 Ultimate 6.1.7601.1.1252.54.3082.18.6142.4399 [GMT -3:00]
      Running from: c:\users\Cristian\Desktop\ComboFix.exe
      Command switches used :: c:\users\Cristian\Desktop\CFScript.txt
      AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
      SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
      SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files (x86)\Ask.com
      c:\program files (x86)\Ask.com\assets\oobe\b.png
      c:\program files (x86)\Ask.com\assets\oobe\bl.png
      c:\program files (x86)\Ask.com\assets\oobe\br.png
      c:\program files (x86)\Ask.com\assets\oobe\l.png
      c:\program files (x86)\Ask.com\assets\oobe\pointer.png
      c:\program files (x86)\Ask.com\assets\oobe\r.png
      c:\program files (x86)\Ask.com\assets\oobe\t.png
      c:\program files (x86)\Ask.com\assets\oobe\tl.png
      c:\program files (x86)\Ask.com\assets\oobe\tr.png
      c:\program files (x86)\Ask.com\cobrand.ico
      c:\program files (x86)\Ask.com\config.xml
      c:\program files (x86)\Ask.com\favicon.ico
      c:\program files (x86)\Ask.com\fv_383f.ico
      c:\program files (x86)\Ask.com\GenericAskToolbar.dll
      c:\program files (x86)\Ask.com\mupcfg.xml
      c:\program files (x86)\Ask.com\precache.exe
      c:\program files (x86)\Ask.com\SaUpdate.exe
      c:\program files (x86)\Ask.com\Updater\config.xml
      c:\program files (x86)\Ask.com\Updater\Updater.exe
      c:\program files (x86)\Ask.com\UpdateTask.exe
      c:\programdata\Ask
      c:\users\Cristian\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-08-22 to 2012-09-22 )))))))))))))))))))))))))))))))
      .
      .
      2012-09-22 19:40 . 2012-09-22 19:40 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
      2012-09-22 19:40 . 2012-09-22 19:40 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-09-22 19:40 . 2012-09-22 19:40 -------- d-----w- c:\users\Alicia\AppData\Local\temp
      2012-09-22 13:11 . 2012-09-22 13:11 -------- d-----w- c:\users\Cristian\AppData\Roaming\Thinstall
      2012-09-21 17:45 . 2012-08-30 07:27 9308616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4C82EF53-24D4-41FA-B17F-3A981302EED3}\mpengine.dll
      2012-09-12 10:17 . 2012-08-22 18:12 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
      2012-09-12 10:17 . 2012-07-04 20:26 41472 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
      2012-09-12 10:17 . 2012-08-02 17:58 574464 ----a-w- c:\windows\system32\d3d10level9.dll
      2012-09-12 10:17 . 2012-08-02 16:57 490496 ----a-w- c:\windows\SysWow64\d3d10level9.dll
      2012-09-12 10:17 . 2012-08-22 18:12 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
      2012-09-12 10:17 . 2012-08-22 18:12 376688 ----a-w- c:\windows\system32\drivers\netio.sys
      2012-09-12 10:17 . 2012-08-22 18:12 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
      2012-09-09 18:56 . 2012-09-09 18:56 -------- d-----w- C:\_OTM
      2012-08-31 13:25 . 2009-06-30 13:37 33800 ----a-w- c:\windows\system32\drivers\pavboot64.sys
      2012-08-31 13:25 . 2012-08-31 13:25 -------- d-----w- c:\program files (x86)\Panda Security
      2012-08-30 09:47 . 2012-03-13 02:27 11776 ----a-w- c:\windows\Colous.exe
      2012-08-30 09:47 . 2008-03-25 13:39 69660 ----a-w- c:\windows\Fart.exe
      2012-08-29 21:07 . 2012-08-29 21:07 -------- d-----w- c:\users\Cristian\AppData\Local\VS Revo Group
      2012-08-29 21:07 . 2009-12-30 14:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
      2012-08-29 21:07 . 2012-08-29 21:07 -------- d-----w- c:\program files\VS Revo Group
      2012-08-28 02:28 . 2012-08-28 02:28 -------- d-----w- c:\users\Cristian\AppData\Local\Thinstall
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-09-19 00:00 . 2010-05-28 17:39 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
      2012-09-16 22:35 . 2010-05-28 17:39 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
      2012-09-13 18:50 . 2010-10-19 18:07 282472 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
      2012-09-12 10:18 . 2010-06-09 13:17 64462936 ----a-w- c:\windows\system32\MRT.exe
      2012-08-21 09:13 . 2011-03-18 12:44 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-08-21 09:13 . 2010-05-25 21:09 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
      2012-08-21 09:13 . 2010-05-25 21:09 59728 ----a-w- c:\windows\system32\drivers\aswTdi.sys
      2012-08-21 09:13 . 2012-03-03 13:27 54072 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
      2012-08-21 09:13 . 2010-05-25 21:09 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
      2012-08-21 09:13 . 2010-05-25 21:09 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
      2012-08-21 09:12 . 2010-06-29 10:29 41224 ----a-w- c:\windows\avastSS.scr
      2012-08-21 09:12 . 2010-05-25 21:09 227648 ----a-w- c:\windows\SysWow64\aswBoot.exe
      2012-08-21 09:12 . 2011-01-14 10:33 285328 ----a-w- c:\windows\system32\aswBoot.exe
      2012-07-30 16:32 . 2012-07-30 16:32 203104 ----a-w- c:\windows\system32\drivers\ssudobex.sys
      2012-07-30 16:32 . 2012-07-30 16:32 203104 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
      2012-07-30 16:32 . 2012-07-30 16:32 102240 ----a-w- c:\windows\system32\drivers\ssudbus.sys
      2012-07-18 18:15 . 2012-08-15 19:03 3148800 ----a-w- c:\windows\system32\win32k.sys
      2012-07-09 12:40 . 2012-04-06 12:27 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
      2012-07-09 12:40 . 2011-05-23 18:22 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
      2012-07-04 22:16 . 2012-08-15 19:03 73216 ----a-w- c:\windows\system32\netapi32.dll
      2012-07-04 22:13 . 2012-08-15 19:03 59392 ----a-w- c:\windows\system32\browcli.dll
      2012-07-04 22:13 . 2012-08-15 19:03 136704 ----a-w- c:\windows\system32\browser.dll
      2012-07-04 21:14 . 2012-08-15 19:03 41984 ----a-w- c:\windows\SysWow64\browcli.dll
      2012-07-02 16:13 . 2012-07-02 16:13 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
      2012-07-02 16:13 . 2010-05-25 23:28 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll
      2012-06-26 15:25 . 2012-07-08 18:10 18856 ----a-w- c:\windows\system32\roboot64.exe
      2012-06-25 19:04 . 2012-06-25 19:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "OscarEditor"="c:\program files (x86)\OSCAR Editor X7\OscarEditor.exe" [2011-07-25 3332608]
      "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
      "KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
      "DIMDescargando la actualización...1300677038363"="c:\program files (x86)\Corel\CorelDRAW Graphics Suite X5\Draw\DIM.exe" [2010-05-21 95592]
      "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-01-30 39408]
      "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
      "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
      "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
      "avast"="c:\program files\PROTECCION\Alwil Software\Avast5\avastUI.exe" [2012-08-21 4282728]
      "BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2010-06-10 2621440]
      "PMBVolumeWatcher"="c:\program files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe" [2012-04-22 724536]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "ConsentPromptBehaviorAdmin"= 5 (0x5)
      "ConsentPromptBehaviorUser"= 3 (0x3)
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
      Trusted 2fd3
      .
      [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
      @=""
      .
      [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
      "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
      "BDRegion"=c:\program files (x86)\Cyberlink\Shared files\brs.exe
      "RemoteControl10"="c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\PDVD10Serv.exe"
      "KiesTrayAgent"=c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe
      "AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
      .
      R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
      R2 gupdate;Servicio de actualización de Google (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 136176]
      R2 SkypeUpdate;Skype Updater;c:\program files (x86)\MULTIMEDIA\Skype\Updater\Updater.exe [2012-02-29 158856]
      R3 ALSysIO;ALSysIO;c:\users\Cristian\AppData\Local\Temp\ALSysIO64.sys [x]
      R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
      R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760]
      R3 cpuz130;cpuz130;c:\users\Cristian\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
      R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]
      R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
      R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [2008-09-17 12744]
      R3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2011-07-29 16776]
      R3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2011-07-29 9096]
      R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
      R3 gupdatem;Google Update Servicio (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 136176]
      R3 nmwcdcx64;Nokia USB Generic;c:\windows\system32\drivers\ccdcmbox64.sys [2008-05-02 23552]
      R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys [2011-08-17 171008]
      R3 nmwcdx64;Nokia USB Phone Parent;c:\windows\system32\drivers\ccdcmbx64.sys [2008-05-02 18432]
      R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2010-05-30 82816]
      R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2010-04-09 19936]
      R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2010-04-09 13280]
      R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
      R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
      R3 RivaTuner64;RivaTuner64;c:\program files (x86)\UTILITARIOS\RivaTuner v2.24\RivaTuner64.sys [2010-05-31 19952]
      R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
      R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
      R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
      R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
      R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]
      R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]
      R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
      R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
      R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
      R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
      R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
      R3 vpcuxd;Servicio auxiliar de virtualización de USB;c:\windows\system32\drivers\vpcuxd.sys [2010-11-20 16384]
      S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [2009-11-24 28264]
      S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot64.sys [2009-06-30 33800]
      S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys [2010-01-12 142848]
      S1 aswSnx;aswSnx; [x]
      S1 aswSP;aswSP; [x]
      S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
      S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
      S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
      S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/06/17 12:39];c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl [2010-04-02 12:11 146928]
      S2 aswFsBlk;aswFsBlk; [x]
      S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
      S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]
      S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-03-01 2348352]
      S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-04-22 474168]
      S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe [2010-08-19 386344]
      S2 SCPDFReadSpool;SolidConverterPDFReadSpool;c:\program files (x86)\UTILITARIOS\SolidDocuments\Solid Converter PDF\SCPDF\SolidConverterPDFServicex64.exe [2010-12-22 209920]
      S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-02-29 382272]
      S3 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys [2009-09-15 42088]
      S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys [2010-07-01 38992]
      .
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 02:48]
      .
      2012-09-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
      - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-30 02:48]
      .
      2012-09-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600557901-3426723644-4057276692-1000Core.job
      - c:\users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-28 15:59]
      .
      2012-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3600557901-3426723644-4057276692-1000UA.job
      - c:\users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-05-28 15:59]
      .
      2012-09-22 c:\windows\Tasks\RegClean Pro_DEFAULT.job
      - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-07-08 15:25]
      .
      2012-09-19 c:\windows\Tasks\RegClean Pro_UPDATES.job
      - c:\program files (x86)\RegClean Pro\RegCleanPro.exe [2012-07-08 15:25]
      .
      .
      --------- X64 Entries -----------
      .
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
      @="{472083B0-C522-11CF-8763-00608CC02F24}"
      [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
      2012-08-21 09:11 133400 ----a-w- c:\program files\PROTECCION\Alwil Software\Avast5\ashShA64.dll
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-08 10060832]
      "IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-27 1464928]
      "IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-27 2004584]
      .
      ------- Supplementary Scan -------
      .
      uLocal Page = c:\windows\system32\blank.htm
      mStart Page = hxxp://www.google.com
      mLocal Page = c:\windows\SysWOW64\blank.htm
      IE: E&xportar a Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 190.1.0.14 190.1.0.2
      .
      - - - - ORPHANS REMOVED - - - -
      .
      Wow6432Node-HKLM-Run-ApnUpdater - c:\program files (x86)\Ask.com\Updater\Updater.exe
      AddRemove-{79A765E1-C399-405B-85AF-466F52E918B0} - c:\program files (x86)\Ask.com\Updater\Updater.exe
      .
      .
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\services\{1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}]
      "ImagePath"="\??\c:\program files (x86)\MULTIMEDIA\CyberLink\PowerDVD10\PowerDVD10\NavFilter\000.fcl"
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
      @Denied: (2) (LocalSystem)
      "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,38,7e,b5,ef,7b,6d,6e,4f,9a,84,3e,\
      "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
      d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,38,7e,b5,ef,7b,6d,6e,4f,9a,84,3e,\
      .
      [HKEY_USERS\S-1-5-21-3600557901-3426723644-4057276692-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BAD5B20B-8E39-F527-DAAE-708601477D1E}*]
      "iafckanoimmpliiabb"=hex:6a,61,68,6b,6c,66,6e,6a,69,68,6a,69,69,65,61,62,6c,6a,
      6d,67,00,00
      "haldapilanpodikm"=hex:6a,61,68,6b,6c,66,6e,6a,69,68,6a,69,69,65,61,62,6c,6a,
      6d,67,00,00
      "hammldekonjjimdo"=hex:61,63,6c,68,69,70,66,6b,65,6f,62,69,6e,68,64,65,69,6e,
      63,70,63,67,61,63,6c,6c,6e,6e,66,68,65,62,67,70,68,66,6d,66,70,69,6f,6b,70,\
      .
      [HKEY_USERS\S-1-5-21-3600557901-3426723644-4057276692-1000\Software\SecuROM\License information*]
      "datasecu"=hex:3b,80,44,9a,4c,b9,8f,fa,3c,6b,c8,9c,3e,63,29,14,e4,89,d6,16,9a,
      1a,bd,de,21,ac,91,7f,c4,10,7a,46,ca,27,f2,87,8d,f0,3b,c2,12,b2,d3,ba,54,e8,\
      "rkeysecu"=hex:1b,b5,52,6d,b9,b0,2c,c1,55,51,23,8c,25,8e,a7,8c
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
      @Denied: (A 2) (Everyone)
      @="FlashBroker"
      "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
      "Enabled"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Shockwave Flash Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
      @="0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
      @="ShockwaveFlash.ShockwaveFlash.11"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="ShockwaveFlash.ShockwaveFlash"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
      @Denied: (A 2) (Everyone)
      @="Macromedia Flash Factory Object"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
      "ThreadingModel"="Apartment"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
      @="FlashFactory.FlashFactory.1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
      @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
      @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
      @="1.0"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
      @="FlashFactory.FlashFactory"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
      @Denied: (A 2) (Everyone)
      @="IFlashBroker4"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
      @="{00020424-0000-0000-C000-000000000046}"
      .
      [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
      @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
      "Version"="1.0"
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
      @Denied: (Full) (Everyone)
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\program files\PROTECCION\Alwil Software\Avast5\AvastSvc.exe
      c:\windows\SysWOW64\PnkBstrA.exe
      c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
      c:\program files (x86)\MULTIMEDIA\Photodex\ProShowProducer\ScsiAccess.exe
      .
      **************************************************************************
      .
      Completion time: 2012-09-22 16:48:05 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-09-22 19:48
      ComboFix2.txt 2012-09-17 11:19
      .
      Pre-Run: 80.628.756.480 bytes libres
      Post-Run: 80.074.473.472 bytes libres
      .
      - - End Of File - - 87446C6A64AE191DF2A917158840A0BD

      ------Todo sigue igual se traba el mbam y el chamaleon, espero directivas......

    2. #32
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola Neo:


      Tu caso si que esta bien raro....


      Una consulta, cuando reinstalas Malwarebytes utilizas siempre el mismo ejecutable ? O bien descargas uno nuevo cada vez?


      Otra pregunta cuando lo instalas, aceptas el Malwarebytes Pro de prueba por treinta días, o instalas la versión Free ?




      Probemos lo siguiente:


      Desinstala los programas de seguridad que tengas como Avast o Superantiespyware con >>> Herramientas de desinstalación de Antivirus, AntiSpyware y Firewall.



      Desinstala Malwarebytes nuevamente tal como lo has hecho aqui >>> Post 23


      Cuida por donde navegas por que estarás sin protección, y luego:





      Descarga OTL By OldTimer


      >>> Para Ejecutar OTL

      • Cerrar todos programas que tengas abiertos y hacer doble clic en el ícono de OTL para ejecutarlo.
      • Dejarlo correr y esperar a que aparezca el menú de OTL..
      • Cuando salga el menú de OTL, solo debes cambiar debajo de: "Tipo de Análisis" poniendo Resultado Mínimo.
      • Marcar las opciones: Buscar LOP y Buscar Purity.
      • Marcar las Opciones >> Omitir Archivos De Microsoft y Usar Listado de Compañías Reconocidas.
      • Copiar y Pegar el siguiente script bajo la casilla Análisis Personalizados/Código de Reparación:

        NOTA: No copiar la palabra Cita.
        netsvcs
        msconfig
        %SYSTEMDRIVE%\*.*
      • Por favor No cambies el resto de la configuración a menos que te lo solicitemos.




      • Presionar el botón >>
      • Una vez que termine, se abrirán dos (2) archivos, OTL.Txt y Extras.Txt. Éstos archivos estarán grabados en el mismo lugar donde OTL.exe fue descargado.
      • Copiar y pegar el contenido del archivo OTL.txt en tu próxima respuesta.




      Salu2

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #33
      Neo
      Neo está offline
      Usuario Avatar de Neo
      Registrado
      ago 2012
      Ubicación
      Argentina
      Mensajes
      18

      Re: Malwarebytes se bloquea normal y modo seguro

      Las ultimas 2 instalaciones baje uno nuevo, instale siempre la version free, dame un par de dias para probar esto nuevo y te aviso, ya que la uso para trabajar

    4. #34
      Ex-Colaboradora Avatar de @SanMar
      Registrado
      jun 2008
      Ubicación
      Argentina
      Mensajes
      22.290

      Re: Malwarebytes se bloquea normal y modo seguro

      Hola:


      Perfecto...en cuanto puedas esperamos el reporte.



      Salu2.

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 4 de 4 PrimeroPrimero 1234