• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 20 de 20

    No funciona el Windows defender en mi PC( Windows Vista)

    ############################## | UsbFix V 7.096 | [Supresión] Usuario: Madworld (Administrador) # CARMEN Actualizado el 15/08/2012 por El Desaparecido Comenzó a 13:53:11 | 08/11/2012 Sitio web: http://eldesaparecido.com Foro: SoSVirus • Portail Archivo sospechoso ? : http://eldesaparecido.com/upload.php ...

    1. #11
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      ############################## | UsbFix V 7.096 | [Supresión]

      Usuario: Madworld (Administrador) # CARMEN
      Actualizado el 15/08/2012 por El Desaparecido
      Comenzó a 13:53:11 | 08/11/2012

      Sitio web: http://eldesaparecido.com
      Foro: SoSVirus • Portail
      Archivo sospechoso ? : http://eldesaparecido.com/upload.php
      Contacto: [email protected]

      PC: Hewlett-Packard (HP Pavilion dv6700(KQ166EA#ABE) ) (X86-based PC) # Notebook
      CPU: Intel(R) Core(TM)2 Duo CPU T8100 @ 2.10GHz (2101)
      RAM -> [Total : 3070 | Free : 1975]
      BIOS: Ver 1.00PARTTBL
      BOOT: Normal boot

      OS: Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2
      WB: Windows Internet Explorer 9.0.8112.16421

      SC: Security Center Service [Enabled]
      WU: Windows Update Service [Enabled]
      AV: AVG Anti-Virus Free Edition 2013 [Enabled | Updated]
      FW: Windows FireWall Service [Enabled]

      C:\ (%systemdrive%) -> Disco fijo # 221 Gb (113 Mb libre(s) - 51%) [] # NTFS
      D:\ -> Disco fijo # 12 Gb (3 Mb libre(s) - 24%) [HP_RECOVERY] # NTFS
      E:\ -> CD-ROM
      G:\ -> Disco fijo # 466 Gb (337 Mb libre(s) - 72%) [Lau] # NTFS

      ################## | Procesos Activos |

      C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (596)
      C:\Program Files\AVG\AVG2013\avgcsrvx.exe (636)
      C:\Windows\system32\csrss.exe (844)
      C:\Windows\system32\wininit.exe (896)
      C:\Windows\system32\csrss.exe (908)
      C:\Windows\system32\services.exe (944)
      C:\Windows\system32\lsass.exe (956)
      C:\Windows\system32\lsm.exe (968)
      C:\Windows\system32\winlogon.exe (1072)
      C:\Windows\system32\svchost.exe (1156)
      C:\Windows\system32\svchost.exe (1228)
      C:\Windows\System32\svchost.exe (1328)
      C:\Windows\System32\svchost.exe (1360)
      C:\Windows\system32\svchost.exe (1372)
      C:\Windows\system32\svchost.exe (1484)
      C:\Windows\system32\svchost.exe (1536)
      C:\Windows\system32\svchost.exe (1652)
      C:\Windows\system32\svchost.exe (1880)
      C:\Program Files\AVG\AVG2013\avgidsagent.exe (848)
      C:\Program Files\AVG\AVG2013\avgwdsvc.exe (912)
      C:\Windows\system32\svchost.exe (2088)
      C:\Program Files\AVG\AVG2013\avgnsx.exe (2288)
      C:\Program Files\AVG\AVG2013\avgemcx.exe (2304)
      C:\Windows\system32\svchost.exe (2660)
      C:\Windows\system32\svchost.exe (2736)
      C:\Windows\System32\svchost.exe (2788)
      C:\Windows\system32\Dwm.exe (3784)
      C:\Program Files\AVG\AVG2013\avgui.exe (2912)
      C:\Windows\system32\svchost.exe (5104)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5344)
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5464)
      C:\Windows\system32\SearchIndexer.exe (4844)
      C:\Program Files\Windows Media Player\wmpnetwk.exe (5420)
      C:\Windows\System32\spoolsv.exe (2316)
      C:\Windows\system32\taskeng.exe (6096)
      c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5936)
      C:\Windows\system32\taskeng.exe (3360)
      C:\Windows\system32\SLsvc.exe (4784)
      C:\Windows\explorer.exe (1648)
      C:\Program Files\Windows Media Player\wmpnscfg.exe (6056)
      C:\Windows\system32\wbem\unsecapp.exe (3156)
      C:\Windows\system32\wbem\wmiprvse.exe (4900)
      C:\Program Files\AVG\AVG2013\avgcfgex.exe (4608)
      C:\Windows\system32\SearchProtocolHost.exe (2148)
      C:\Windows\system32\SearchFilterHost.exe (3712)
      C:\UsbFix\Go.exe (5276)
      C:\Windows\system32\wbem\wmiprvse.exe (6032)

      ################## | Procesos Parados |

      Parado! C:\PROGRA~1\AVG\AVG2013\avgrsx.exe (596)
      Parado! C:\Program Files\AVG\AVG2013\avgcsrvx.exe (636)
      Parado! C:\Program Files\AVG\AVG2013\avgidsagent.exe (848)
      Parado! C:\Program Files\AVG\AVG2013\avgwdsvc.exe (912)
      Parado! C:\Program Files\AVG\AVG2013\avgnsx.exe (2288)
      Parado! C:\Program Files\AVG\AVG2013\avgemcx.exe (2304)
      Parado! C:\Program Files\AVG\AVG2013\avgui.exe (2912)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (5344)
      Parado! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (5464)
      Parado! C:\Windows\system32\SearchIndexer.exe (4844)
      Parado! C:\Program Files\Windows Media Player\wmpnetwk.exe (5420)
      Parado! C:\Windows\System32\spoolsv.exe (2316)
      Parado! C:\Windows\system32\taskeng.exe (6096)
      Parado! c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (5936)
      Parado! C:\Windows\system32\taskeng.exe (3360)
      Parado! C:\Windows\system32\SLsvc.exe (4784)
      Parado! C:\Program Files\Windows Media Player\wmpnscfg.exe (6056)
      Parado! C:\Program Files\AVG\AVG2013\avgcfgex.exe (4608)
      Parado! C:\Windows\system32\SearchProtocolHost.exe (2148)
      Parado! C:\Windows\system32\SearchFilterHost.exe (5732)

      ################## | Archivos # Carpetas infectadas |

      Suprimido ! C:\$RECYCLE.BIN\S-1-5-21-1391232487-138261970-863980433-1000
      Suprimido ! D:\$RECYCLE.BIN\S-1-5-21-1391232487-138261970-863980433-1000
      Suprimido ! G:\$RECYCLE.BIN\S-1-5-21-1391232487-138261970-863980433-1000

      (!) Archivos temporales suprimido.

      ################## | Registro |


      ################## | Mountpoints2 |

      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{a9b3fe51-a5f5-11df-8461-001e6819acc5}
      Suprimido ! HKCU\.\.\.\.\Explorer\MountPoints2\{d5409529-c88a-11dd-979c-001e6819acc5}

      ################## | Listing |

      [21/10/2012 - 12:31:47 | D ] C:\$AVG
      [08/11/2012 - 13:55:58 | SHD ] C:\$RECYCLE.BIN
      [05/12/2008 - 18:31:03 | D ] C:\Archivos de programa
      [18/09/2006 - 22:43:36 | N | 24] C:\autoexec.bat
      [08/11/2012 - 13:17:33 | RASHD ] C:\Autorun.inf
      [28/05/2009 - 17:38:50 | SHD ] C:\boot
      [11/04/2009 - 07:36:36 | RASH | 333257] C:\bootmgr
      [18/09/2006 - 22:43:37 | N | 10] C:\config.sys
      [25/02/2012 - 14:16:19 | D ] C:\ConversionOutput
      [24/06/2008 - 08:38:02 | D ] C:\CVS
      [24/08/2010 - 20:41:50 | N | 41736] C:\debug1214.txt
      [05/12/2008 - 18:31:03 | SHD ] C:\Documents and Settings
      [08/11/2012 - 13:00:39 | ASH | 3217514496] C:\hiberfil.sys
      [24/06/2008 - 09:29:33 | D ] C:\HP
      [24/06/2008 - 08:00:49 | N | 358] C:\IPH.PH
      [24/06/2008 - 08:23:44 | RHD ] C:\MSOCache
      [27/10/2012 - 13:31:29 | D ] C:\NVIDIA
      [08/11/2012 - 13:00:35 | ASH | 3533369344] C:\pagefile.sys
      [14/12/2008 - 14:04:14 | D ] C:\PerfLogs
      [08/11/2012 - 12:34:58 | D ] C:\Program Files
      [06/11/2012 - 22:36:24 | HD ] C:\ProgramData
      [06/12/2008 - 14:02:35 | N | 236] C:\sqmdata00.sqm
      [06/12/2008 - 14:02:35 | N | 200] C:\sqmnoopt00.sqm
      [04/02/2009 - 13:57:58 | D ] C:\SWSETUP
      [08/11/2012 - 12:37:52 | SHD ] C:\System Volume Information
      [04/02/2009 - 13:12:59 | D ] C:\System.sav
      [29/03/2011 - 23:53:24 | N | 812] C:\updatedatfix.log
      [08/11/2012 - 13:55:59 | D ] C:\UsbFix
      [08/11/2012 - 13:55:59 | A | 6500] C:\UsbFix.txt
      [08/11/2012 - 13:20:27 | N | 278468329] C:\UsbFix_Upload_Me_CARMEN.zip
      [03/08/2012 - 21:24:05 | N | 294] C:\user.js
      [28/10/2012 - 16:51:20 | D ] C:\Users
      [07/11/2012 - 22:01:49 | D ] C:\WINDOWS
      [08/11/2012 - 12:34:00 | D ] C:\_OTL
      [09/03/2012 - 14:28:24 | N | 2600] C:\{3F743F44-748B-49D0-8312-04319497DF98}
      [08/11/2012 - 13:55:58 | SHD ] D:\$RECYCLE.BIN
      [11/09/2005 - 16:18:54 | N | 340] D:\AUTOMODE
      [08/11/2012 - 13:17:33 | RASHD ] D:\Autorun.inf
      [07/07/2008 - 11:39:12 | N | 13] D:\BLOCK.RIN
      [07/07/2008 - 12:33:27 | SHD ] D:\boot
      [04/10/2006 - 00:02:44 | SH | 438328] D:\bootmgr
      [06/09/2008 - 12:19:22 | SH | 891] D:\Desktop.ini
      [10/09/2002 - 17:14:28 | N | 8134] D:\Folder.htt
      [07/07/2008 - 12:33:27 | D ] D:\HP
      [07/07/2008 - 12:23:31 | N | 820] D:\MASTER.LOG
      [27/10/2012 - 15:20:13 | SHD ] D:\preload
      [16/09/2002 - 15:37:48 | SH | 181898] D:\protect.chinese hong kong
      [16/09/2002 - 15:37:40 | SH | 181916] D:\protect.chinese simplified
      [16/09/2002 - 15:37:48 | SH | 181898] D:\protect.chinese traditional
      [27/04/2006 - 17:19:40 | SH | 181865] D:\protect.czech
      [03/11/2005 - 16:21:26 | SH | 181726] D:\protect.danish
      [10/09/2002 - 14:56:12 | SH | 181605] D:\protect.dutch
      [10/09/2002 - 14:50:18 | N | 181651] D:\protect.ed
      [22/11/2004 - 16:28:30 | SH | 181648] D:\protect.english
      [03/11/2005 - 16:20:20 | SH | 181673] D:\protect.finnish
      [03/11/2005 - 16:19:52 | SH | 181736] D:\protect.french
      [03/11/2005 - 16:18:10 | SH | 181669] D:\protect.german
      [23/11/2005 - 16:56:46 | SH | 182689] D:\protect.greek
      [23/01/2006 - 10:18:00 | SH | 182605] D:\protect.hebrew
      [28/08/2007 - 15:58:08 | N | 181696] D:\protect.hungarian
      [03/11/2005 - 16:17:00 | SH | 181554] D:\protect.italian
      [10/04/2006 - 10:46:30 | SH | 182566] D:\protect.japanese
      [24/11/2005 - 12:24:44 | SH | 218295] D:\protect.korean
      [03/11/2005 - 16:15:12 | SH | 181578] D:\protect.norwegian
      [25/04/2006 - 15:44:10 | SH | 181789] D:\protect.polish
      [03/11/2005 - 16:13:12 | SH | 181624] D:\protect.portuguese
      [27/10/2005 - 20:24:10 | SH | 181882] D:\protect.portuguese brazilian
      [28/06/2004 - 09:52:46 | SH | 211936] D:\protect.russian
      [03/11/2005 - 16:11:46 | SH | 181586] D:\protect.spanish
      [10/09/2002 - 15:15:06 | SH | 181602] D:\protect.swedish
      [12/08/2003 - 11:37:30 | SH | 181783] D:\protect.turkish
      [07/07/2008 - 12:33:29 | RD ] D:\RECOVERY
      [07/07/2008 - 12:33:28 | SHD ] D:\SOURCES
      [21/10/2012 - 12:15:04 | SHD ] D:\System Volume Information
      [07/07/2008 - 12:33:29 | D ] D:\Tools
      [27/10/2012 - 15:20:38 | N | 14] D:\USER
      [07/07/2008 - 12:33:29 | D ] D:\WINDOWS
      [08/11/2012 - 13:55:58 | SHD ] G:\$RECYCLE.BIN
      [08/11/2012 - 13:17:33 | RASHD ] G:\Autorun.inf
      [26/10/2012 - 14:36:47 | D ] G:\Documentos y proyectos
      [26/10/2012 - 23:05:58 | D ] G:\Fotos
      [26/10/2012 - 14:37:17 | D ] G:\Imagenes Found
      [30/10/2012 - 23:32:29 | D ] G:\Musica
      [01/11/2012 - 17:02:42 | D ] G:\Pelis
      [26/10/2012 - 23:18:03 | D ] G:\photoshop
      [08/11/2012 - 12:54:45 | SHD ] G:\RECYCLER
      [30/09/2012 - 10:28:18 | SHD ] G:\System Volume Information

      ################## | Vaccin |

      C:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      D:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)
      G:\Autorun.inf -> Vacuna creada por UsbFix (El Desaparecido)

      ################## | Upload |

      Por favor, envie el archivo: C:\UsbFix_Upload_Me_CARMEN.zip
      http://eldesaparecido.com/upload.php
      Gracias por su contribución.

      ################## | E.O.F |

    2. #12
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      Hola.

      Realice lo siguiente:

      1. Sombree el contenido del siguiente recuadro (excepto la palabra código), luego haga clic derecho con el ratón > Copiar.
        Código:
        :reg
        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
        "DisableAntiSpyware"=-
        
        :commands
        [resethosts]
        [emptytemp]
        [createrestorepoint]
      2. Ejecutar OTL.exe
        • Clic derecho con el ratón bajo la casilla Análisis Personalizados/Código de Reparación > Pegar.
        • Luego haga clic en el botón Reparar ubicado en la parte superior.
        • Deje que el programa se ejecute sin trabas, reinicie cuando lo pida hacer.
        • Al reiniciar se creará un reporte por defecto en C:\_OTL\MovedFiles, copie y pegue ese log en la próxima respuesta.

      3. Luego ve a al Menú Inicio > Panel de Control
        1. Selecciona al opción “Mostrar todos los elementos
        2. Doble clic sobre “Window Defender
        3. En la ventana selecciona la opción “Usar Windows Defender
        4. Reinicia el sistema.


      Nos comentas los resultados.

      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #13
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      All processes killed
      ========== REGISTRY ==========
      Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\\DisableAntiSpyware scheduled to be deleted on reboot.
      ========== COMMANDS ==========
      C:\Windows\System32\drivers\etc\Hosts moved successfully.
      HOSTS file reset successfully

      [EMPTYTEMP]

      User: All Users

      User: Default
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Default User
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      User: Madworld
      ->Temp folder emptied: 67480 bytes
      ->Temporary Internet Files folder emptied: 35382942 bytes
      ->Java cache emptied: 0 bytes
      ->FireFox cache emptied: 0 bytes
      ->Google Chrome cache emptied: 73510942 bytes
      ->Flash cache emptied: 623 bytes

      User: Public

      User: UpdatusUser
      ->Temp folder emptied: 0 bytes
      ->Temporary Internet Files folder emptied: 0 bytes

      %systemdrive% .tmp files removed: 0 bytes
      %systemroot% .tmp files removed: 0 bytes
      %systemroot%\System32 .tmp files removed: 0 bytes
      %systemroot%\System32\drivers .tmp files removed: 0 bytes
      Windows Temp folder emptied: 68 bytes
      RecycleBin emptied: 0 bytes

      Total Files Cleaned = 104,00 mb

      Restore point Set: OTL Restore Point

      OTL by OldTimer - Version 3.2.69.0 log created on 11102012_012101

      Files\Folders moved on Reboot...
      C:\Users\Madworld\AppData\Local\Temp\ehmsas.txt moved successfully.

      PendingFileRenameOperations files...

      Registry entries deleted on Reboot...
      Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\\DisableAntiSpyware scheduled to be deleted on reboot.

    4. #14
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      No me deja abrir el Widows Defender. Hago doble click, e inmediatamente me sale una ventana informando de que Windows defender dejó de funcionar.

    5. #15
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      Hola.


      Realiza lo siguiente:

      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
      • Cuando termine, generara un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.
      • Recuerda contarnos los resultados.


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      ComboFix 12-11-08.01 - Madworld 10/11/2012 15:59:45.1.2 - x86
      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.34.3082.18.3070.2072 [GMT 1:00]
      Running from: c:\users\Madworld\Desktop\ComboFix.exe
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      c:\program files\I Want This
      c:\program files\I Want This\I Want This.ico
      c:\program files\I Want This\I Want This.ini
      c:\program files\I Want This\Uninstall.exe
      c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\hpoddt01.exe.lnk
      c:\windows\system32\KBL.LOG
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-10 to 2012-11-10 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-10 15:12 . 2012-11-10 15:12 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-10 13:53 . 2012-11-10 13:53 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
      2012-11-08 11:49 . 2012-11-08 13:00 -------- d-----w- C:\UsbFix
      2012-11-08 11:34 . 2012-11-08 11:34 -------- d-----w- C:\_OTL
      2012-10-29 00:39 . 2012-10-29 00:39 -------- d-----w- c:\users\Madworld\AppData\Roaming\Apple Computer
      2012-10-29 00:04 . 2012-10-29 00:04 -------- d-----w- c:\users\Madworld\AppData\Roaming\Malwarebytes
      2012-10-29 00:04 . 2012-10-29 00:04 -------- d-----w- c:\programdata\Malwarebytes
      2012-10-29 00:04 . 2012-11-08 21:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-10-28 23:51 . 2012-11-08 21:51 -------- d-----w- c:\program files\Bonjour
      2012-10-28 23:48 . 2012-10-28 23:49 -------- d-----w- c:\program files\QuickTime(95)
      2012-10-28 23:34 . 2012-10-28 23:34 -------- d-----w- c:\program files\Apple Software Update(0)
      2012-10-28 15:51 . 2012-10-28 15:51 -------- d-----w- c:\users\UpdatusUser
      2012-10-28 15:47 . 2012-10-28 15:47 -------- d-----w- c:\programdata\NVIDIA Corporation
      2012-10-28 15:46 . 2012-11-06 21:37 -------- d-----w- c:\users\Madworld\{affdbf26-28cd-4520-bee1-89d33757ee98}
      2012-10-28 15:44 . 2012-10-28 15:51 -------- d-----w- c:\program files\NVIDIA Corporation
      2012-10-27 15:10 . 2012-10-27 15:10 -------- d-----w- c:\program files\Research In Motion Limited
      2012-10-27 15:09 . 2012-10-27 15:13 -------- d-----w- c:\users\Madworld\AppData\Local\Research In Motion
      2012-10-27 15:08 . 2012-10-27 15:11 -------- d-----w- c:\users\Madworld\AppData\Roaming\Research In Motion
      2012-10-27 15:07 . 2011-07-20 12:13 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\programdata\Research In Motion
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Common Files\Research In Motion
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Common Files\XCPCSync.OEM
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Research In Motion
      2012-10-27 12:31 . 2012-10-27 12:31 -------- d-----w- C:\NVIDIA
      2012-10-27 12:23 . 2012-10-27 12:23 -------- d-----w- c:\program files\SystemRequirementsLab
      2012-10-26 15:49 . 2012-10-26 15:49 -------- d-----w- c:\program files\Common Files\Java
      2012-10-26 15:43 . 2012-10-26 15:42 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-10-25 22:47 . 2012-10-25 22:47 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
      2012-10-21 11:32 . 2012-10-21 11:32 -------- d-----w- c:\users\Madworld\AppData\Roaming\TuneUp Software
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-08 13:00 . 2012-11-08 12:59 278471649 ----a-w- C:\UsbFix_Upload_Me_CARMEN.zip
      2012-10-26 15:42 . 2012-08-07 15:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-10-26 15:42 . 2010-05-14 14:11 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-09-13 13:28 . 2012-10-09 19:37 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-08-29 11:27 . 2012-10-09 19:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-08-29 11:27 . 2012-10-09 19:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-24 15:53 . 2012-10-09 19:37 172544 ----a-w- c:\windows\system32\wintrust.dll
      2011-12-15 22:59 . 2011-12-15 22:58 21073936 ----a-w- c:\program files\vlc-1.1.11-win32.exe
      2012-03-13 04:38 . 2012-03-30 13:25 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
      "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
      "Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2009-04-11 1233920]
      "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
      "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
      "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
      "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
      "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
      "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
      "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
      "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
      "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
      "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
      "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
      "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
      "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
      "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1458176]
      "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
      .
      c:\users\Madworld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001
      .
      --- Other Services/Drivers In Memory ---
      .
      *NewlyCreated* - WS2IFSL
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1391232487-138261970-863980433-1000Core.job
      - c:\users\Madworld\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 13:24]
      .
      2012-11-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1391232487-138261970-863980433-1000UA.job
      - c:\users\Madworld\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 13:24]
      .
      2012-10-21 c:\windows\Tasks\HPCeeScheduleForMadworld.job
      - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-24 09:58]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com/
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254
      DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20091001020847
      FF - ProfilePath - c:\users\Madworld\AppData\Roaming\Mozilla\Firefox\Profiles\irc0tnyq.default\
      FF - prefs.js: browser.search.selectedEngine -
      FF - prefs.js: browser.startup.homepage -
      FF - user.js: extensions.BabylonToolbar.autoRvrt - false
      FF - user.js: extensions.BabylonToolbar_i.newTab - false
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
      FF - user.js: extensions.BabylonToolbar.id - f0a5ff03000000000000001cbfab5d33
      FF - user.js: extensions.BabylonToolbar.instlDay - 15555
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.122:24
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - base
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101387
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      .
      - - - - ORPHANS REMOVED - - - -
      .
      WebBrowser-{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - (no file)
      WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
      HKCU-Run-AdobeBridge - (no file)
      HKCU-Run-Nokia Internet Modem - c:\program files\Nokia\Nokia Internet Modem\WellPhone2.exe
      AddRemove-BrowserCompanion - c:\program files\BrowserCompanion\uninstall.exe
      AddRemove-I Want This - c:\program files\I Want This\Uninstall.exe
      .
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
      Rootkit scan 2012-11-10 16:12
      Windows 6.0.6002 Service Pack 2 NTFS
      .
      scanning hidden processes ...
      .
      scanning hidden autostart entries ...
      .
      scanning hidden files ...
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      "MSCurrentCountry"=dword:000000b5
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      Completion time: 2012-11-10 16:15:34
      ComboFix-quarantined-files.txt 2012-11-10 15:15
      .
      Pre-Run: 131.243.876.352 bytes libres
      Post-Run: 131.197.038.592 bytes libres
      .
      - - End Of File - - D12FA12D914FEE710A1B8626C01412F2

    7. #17
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      Hola.

      Realiza lo siguiente:

      1.-Abrir el Notepad (Bloc de Notas)
      • Ir a INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR


      2.-Ahora copia y pega estos archivos dentro del Notepad

      Código:
      KillAll::
      
      ClearJavaCache::
      
      Firefox::
      FF - ProfilePath - c:\users\Madworld\AppData\Roaming\Mozilla\Firefox\Profiles\irc0tnyq.default\
      FF - user.js: extensions.BabylonToolbar.autoRvrt - false
      FF - user.js: extensions.BabylonToolbar_i.newTab - false
      FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
      FF - user.js: extensions.BabylonToolbar.id - f0a5ff03000000000000001cbfab5d33
      FF - user.js: extensions.BabylonToolbar.instlDay - 15555
      FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
      FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.122:24
      FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
      FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
      FF - user.js: extensions.BabylonToolbar.aflt - babsst
      FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
      FF - user.js: extensions.BabylonToolbar.tlbrId - base
      FF - user.js: extensions.BabylonToolbar.instlRef - sst
      FF - user.js: extensions.BabylonToolbar.dfltLng - en
      FF - user.js: extensions.BabylonToolbar.excTlbr - false
      FF - user.js: extensions.BabylonToolbar.admin - false
      FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101387
      FF - user.js: extensions.BabylonToolbar_i.babExt -
      FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
      3.- Graba este archivo con el nombre CFScript.txt y déjalo en tu escritorio.

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.


      .- Luego haces lo señalado acá.

      • Reinicia tu PC y nos dejas un el nuevo reporte de ComboFix, comentándonos como esta funcionado todo actualmente?


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    8. #18
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      ComboFix 12-11-08.01 - Madworld 11/11/2012 14:14:52.2.2 - x86
      Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.34.3082.18.3070.1991 [GMT 1:00]
      Running from: c:\users\Madworld\Desktop\ComboFix.exe
      Command switches used :: c:\users\Madworld\Desktop\CFScript.txt
      SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
      .
      .
      ((((((((((((((((((((((((( Files Created from 2012-10-11 to 2012-11-11 )))))))))))))))))))))))))))))))
      .
      .
      2012-11-11 13:27 . 2012-11-11 13:35 -------- d-----w- c:\users\Madworld\AppData\Local\temp
      2012-11-11 13:27 . 2012-11-11 13:27 -------- d-----w- c:\users\Default\AppData\Local\temp
      2012-11-10 13:53 . 2012-11-10 13:53 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
      2012-11-08 11:49 . 2012-11-08 13:00 -------- d-----w- C:\UsbFix
      2012-11-08 11:34 . 2012-11-08 11:34 -------- d-----w- C:\_OTL
      2012-10-29 00:39 . 2012-10-29 00:39 -------- d-----w- c:\users\Madworld\AppData\Roaming\Apple Computer
      2012-10-29 00:04 . 2012-10-29 00:04 -------- d-----w- c:\users\Madworld\AppData\Roaming\Malwarebytes
      2012-10-29 00:04 . 2012-10-29 00:04 -------- d-----w- c:\programdata\Malwarebytes
      2012-10-29 00:04 . 2012-11-08 21:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
      2012-10-28 23:51 . 2012-11-08 21:51 -------- d-----w- c:\program files\Bonjour
      2012-10-28 23:48 . 2012-10-28 23:49 -------- d-----w- c:\program files\QuickTime(95)
      2012-10-28 23:34 . 2012-10-28 23:34 -------- d-----w- c:\program files\Apple Software Update(0)
      2012-10-28 15:51 . 2012-10-28 15:51 -------- d-----w- c:\users\UpdatusUser
      2012-10-28 15:47 . 2012-10-28 15:47 -------- d-----w- c:\programdata\NVIDIA Corporation
      2012-10-28 15:46 . 2012-11-06 21:37 -------- d-----w- c:\users\Madworld\{affdbf26-28cd-4520-bee1-89d33757ee98}
      2012-10-28 15:44 . 2012-10-28 15:51 -------- d-----w- c:\program files\NVIDIA Corporation
      2012-10-27 15:10 . 2012-10-27 15:10 -------- d-----w- c:\program files\Research In Motion Limited
      2012-10-27 15:09 . 2012-10-27 15:13 -------- d-----w- c:\users\Madworld\AppData\Local\Research In Motion
      2012-10-27 15:08 . 2012-10-27 15:11 -------- d-----w- c:\users\Madworld\AppData\Roaming\Research In Motion
      2012-10-27 15:07 . 2011-07-20 12:13 35328 ----a-w- c:\windows\system32\drivers\RimSerial.sys
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\programdata\Research In Motion
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Common Files\Research In Motion
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Common Files\XCPCSync.OEM
      2012-10-27 15:05 . 2012-10-27 15:05 -------- d-----w- c:\program files\Research In Motion
      2012-10-27 12:31 . 2012-10-27 12:31 -------- d-----w- C:\NVIDIA
      2012-10-27 12:23 . 2012-10-27 12:23 -------- d-----w- c:\program files\SystemRequirementsLab
      2012-10-26 15:49 . 2012-10-26 15:49 -------- d-----w- c:\program files\Common Files\Java
      2012-10-26 15:43 . 2012-10-26 15:42 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2012-10-25 22:47 . 2012-10-25 22:47 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
      2012-10-21 11:32 . 2012-10-21 11:32 -------- d-----w- c:\users\Madworld\AppData\Roaming\TuneUp Software
      .
      .
      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2012-11-08 13:00 . 2012-11-08 12:59 278471649 ----a-w- C:\UsbFix_Upload_Me_CARMEN.zip
      2012-10-26 15:42 . 2012-08-07 15:10 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
      2012-10-26 15:42 . 2010-05-14 14:11 746984 ----a-w- c:\windows\system32\deployJava1.dll
      2012-09-13 13:28 . 2012-10-09 19:37 2048 ----a-w- c:\windows\system32\tzres.dll
      2012-08-29 11:27 . 2012-10-09 19:39 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2012-08-29 11:27 . 2012-10-09 19:39 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
      2012-08-24 15:53 . 2012-10-09 19:37 172544 ----a-w- c:\windows\system32\wintrust.dll
      2011-12-15 22:59 . 2011-12-15 22:58 21073936 ----a-w- c:\program files\vlc-1.1.11-win32.exe
      2012-03-13 04:38 . 2012-03-30 13:25 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
      .
      .
      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
      @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
      @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
      @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
      [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
      2012-06-30 04:19 94208 ----a-w- c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      .
      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-08-23 455968]
      "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
      "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
      "Sidebar"="c:\program files\windows sidebar\sidebar.exe" [2009-04-11 1233920]
      "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
      .
      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
      "RtHDVCpl"="RtHDVCpl.exe" [2007-08-17 4702208]
      "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-07-25 174616]
      "QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-09-30 181544]
      "QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
      "OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
      "UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-16 218408]
      "HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
      "hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
      "WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
      "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-10-14 2299176]
      "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
      "AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
      "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792]
      "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-10-03 13826664]
      "HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]
      "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368]
      "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-29 937920]
      "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
      "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2009-10-26 1458176]
      "RIMBBLaunchAgent.exe"="c:\program files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2011-11-02 90448]
      .
      c:\users\Madworld\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
      Recorte de pantalla e Inicio rápido de OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
      "EnableUIADesktopToggle"= 0 (0x0)
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
      "DisableMonitoring"=dword:00000001
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
      LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
      .
      [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
      2007-08-23 15:34 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
      .
      Contents of the 'Scheduled Tasks' folder
      .
      2012-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1391232487-138261970-863980433-1000Core.job
      - c:\users\Madworld\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 13:24]
      .
      2012-11-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1391232487-138261970-863980433-1000UA.job
      - c:\users\Madworld\AppData\Local\Google\Update\GoogleUpdate.exe [2011-01-22 13:24]
      .
      2012-10-21 c:\windows\Tasks\HPCeeScheduleForMadworld.job
      - c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-06-24 09:58]
      .
      .
      ------- Supplementary Scan -------
      .
      uStart Page = hxxp://www.google.com/
      IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
      TCP: DhcpNameServer = 192.168.1.254
      DPF: {0972B098-DEE9-4279-AC7E-4BAAA029102D} - hxxp://assets.photobox.com/assets/aurigma/ImageUploader5.cab?20091001020847
      FF - ProfilePath - c:\users\Madworld\AppData\Roaming\Mozilla\Firefox\Profiles\irc0tnyq.default\
      FF - prefs.js: browser.search.selectedEngine -
      FF - prefs.js: browser.startup.homepage -
      .
      .
      **************************************************************************
      .
      catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
      Rootkit scan 2012-11-11 14:36
      Windows 6.0.6002 Service Pack 2 NTFS
      .
      scanning hidden processes ...
      .
      scanning hidden autostart entries ...
      .
      scanning hidden files ...
      .
      scan completed successfully
      hidden files: 0
      .
      **************************************************************************
      .
      --------------------- LOCKED REGISTRY KEYS ---------------------
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      "MSCurrentCountry"=dword:000000b5
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
      @Denied: (A) (Users)
      @Denied: (A) (Everyone)
      @Allowed: (B 1 2 3 4 5) (S-1-5-20)
      "BlindDial"=dword:00000000
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------
      .
      - - - - - - - > 'Explorer.exe'(3564)
      c:\users\Madworld\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
      c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      c:\windows\system32\nvvsvc.exe
      c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
      c:\program files\Common Files\LightScribe\LSSrvc.exe
      c:\windows\system32\NMSAccess32.exe
      c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
      c:\program files\CyberLink\Shared Files\RichVideo.exe
      c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      c:\program files\Hewlett-Packard\Shared\hpqwmiex.exe
      c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe
      c:\windows\system32\nvvsvc.exe
      c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
      c:\windows\servicing\TrustedInstaller.exe
      c:\windows\system32\conime.exe
      c:\windows\system32\wbem\unsecapp.exe
      .
      **************************************************************************
      .
      Completion time: 2012-11-11 14:40:15 - machine was rebooted
      ComboFix-quarantined-files.txt 2012-11-11 13:40
      ComboFix2.txt 2012-11-10 15:15
      .
      Pre-Run: 130.756.509.696 bytes libres
      Post-Run: 130.614.001.664 bytes libres
      .
      - - End Of File - - 7CB4A2D24CDBC41408F0E5C9408FF44D

    9. #19
      Usuario Avatar de Laura Zion
      Registrado
      nov 2012
      Ubicación
      Parma, Italy
      Mensajes
      12

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      Aún sigue el error:

      Windows Defender User Interface dejó de funcionar:
      El programa dejó de funcionar correctamente por un problema.
      Windows cerrará el programa y notificará si existe una solución.

      La misma ventana de aviso que me salia anteriormente.

    10. #20
      Moderador
      Avatar de @Maxfernandez
      Registrado
      dic 2007
      Ubicación
      Venezuela
      Mensajes
      16.076

      Re: No funciona el Windows defender en mi PC( Windows Vista)

      Hola.

      Realiza lo siguiente:
      1. Dale doble clic a OTL.exe y luego pulsa la opción LIMPIAR.

      2. Restaura el sistema seleccionando una fecha previa a la aparicion de los problemas.

      3. Si lo anterior no funciona prueba reparar el sistema utilizando el CD o DVD de instalación.


      Saludos.
      [email protected]


      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    Página 2 de 2 PrimeroPrimero 12