Problema con el firewall

Estado
Cerrado para nuevas respuestas

LinNNUX

Nuevo Miembro
Miembro
Hola, estoy desesperado con un problema que tengo con mi firewall que no encuentro la solución.
Al querer activar mi firewall me tira un error que es el siguiente:

problema1-1.png


Mirando algúnas respuestas encontré que el problema podría ser, porque no tenia activado el Motor de Filtrado de Base, al querer activarlo me tiro este error

problema2-1.png


Creo yo que el problema es porque mi hermano instaló un antivirus hace tiempo con un nuevo firewall que bloqueo todos los programas, mi pregunta es : ¿Cómo puedo sacar ese firewall y activar nuevamente el FIREWALL DE WINDOWS que es lo recomendable?

Espero su solidaridad conmigo, de antemano los agradezco
 

cfuentesviera

Miembro
Miembro
Que antivirus tienes instalados en el sistema ?

podrias probar desintalandolo completamente (ojala sin conexión a internet) y tratar de activar el firewall de windows.

Saludos
 

Pato_py

Miembro Activo
Miembro
Una consulta, cuando intentas activar el Motor de Filtrado de Base, tu ejecutas el services.msc con una cuenta de administrador? o sea, le das boton derecho y elijes la opción "ejecutar como administrador"?

Ten en cuenta que el error de acceso denegado que te da al intentar iniciar el servicio, suele ser porque lo intentas hacer con un usuario normal sin permisos de administrador.

De todos modos si no te funciona con el metodo recomendado mas arriba, es buena la idea del compañero cfuentesviera de desinstalar el antivirus actual, y para no dejar rastro deberias de desinstalarlo con la herramienta de desinstalacion (la mayoria de los antivirus de hoy en dia lo tienen).

Espero puedas solucionarlo.

Saludos.
 

LinNNUX

Nuevo Miembro
Miembro
Bueno les agradezco por su rápida respuesta; les comento que actualmente no uso ningún antivirus por este problema, yo ejecuto el services.msc como Administrador, pero igual no puedo activarlo...
 

LinNNUX

Nuevo Miembro
Miembro
ComboFix 12-03-20.02 - HOME 20/03/2012 23:50:44.1.1 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.51.3082.18.895.416 [GMT -5:00]
Insertar CODE, HTML o PHP:
Running from: c:\users\HOME\Descargas\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\HOME\AppData\Local\.#
c:\users\HOME\AppData\Local\.#\MBX@1704@A2866B0.###
c:\users\HOME\AppData\Local\.#\MBX@1704@A2866D0.###
c:\users\HOME\AppData\Local\.#\MBX@CF4@94966B0.###
c:\users\HOME\AppData\Local\.#\MBX@CF4@94966D0.###
c:\users\HOME\AppData\Roaming\13AE.exe
c:\users\HOME\AppData\Roaming\391B.exe
c:\users\HOME\AppData\Roaming\C9C3.exe
c:\users\HOME\AppData\Roaming\cglogs.dat
c:\users\HOME\AppData\Roaming\D24B.exe
c:\users\HOME\AppData\Roaming\HOMElog.dat
c:\users\HOME\AppData\Roaming\install\winver.exe
c:\users\HOME\AppData\Roaming\Likekp.exe
c:\users\HOME\AppData\Roaming\svm32.dat
C:\w7lxe.exe
c:\w7lxe.exe\w7lxe.exe
c:\windows\iun6002.exe
.
.
(((((((((((((((((((((((((   Files Created from 2012-02-21 to 2012-03-21  )))))))))))))))))))))))))))))))
.
.
2012-03-21 04:56 . 2012-03-21 04:56    --------    d-----w-    c:\users\Default\AppData\Local\temp
2012-03-20 11:24 . 2012-03-20 11:24    --------    d-----w-    c:\program files\Sol Edit
2012-03-18 04:11 . 2012-03-18 04:11    592824    ----a-w-    c:\program files\Mozilla Firefox\gkmedias.dll
2012-03-18 04:11 . 2012-03-18 04:11    44472    ----a-w-    c:\program files\Mozilla Firefox\mozglue.dll
2012-03-16 20:29 . 2012-03-01 19:34    6552120    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{E105B33B-C8C0-4826-BF23-BF63F9BCEF02}\mpengine.dll
2012-03-14 05:41 . 1998-06-24 04:00    115016    ----a-w-    c:\windows\MSINET.OCX
2012-03-14 05:41 . 2002-12-20 18:02    1077336    ----a-w-    c:\windows\MSCOMCTL.OCX
2012-03-14 05:41 . 2012-03-14 05:41    --------    d-----w-    c:\program files\Kyalon
2012-03-14 04:02 . 2011-11-19 14:25    3957616    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2012-03-14 04:02 . 2011-11-19 14:25    3902320    ----a-w-    c:\windows\system32\ntoskrnl.exe
2012-03-13 23:10 . 2012-02-03 04:01    2341376    ----a-w-    c:\windows\system32\win32k.sys
2012-03-13 23:10 . 2012-02-10 05:41    1074176    ----a-w-    c:\windows\system32\DWrite.dll
2012-03-13 23:10 . 2012-02-10 05:41    218624    ----a-w-    c:\windows\system32\d3d10_1core.dll
2012-03-13 23:10 . 2012-02-10 05:41    739840    ----a-w-    c:\windows\system32\d2d1.dll
2012-03-13 23:10 . 2012-02-10 05:41    161792    ----a-w-    c:\windows\system32\d3d10_1.dll
2012-03-13 23:10 . 2012-02-10 05:41    1170944    ----a-w-    c:\windows\system32\d3d10warp.dll
2012-03-13 22:59 . 2012-01-25 05:44    57856    ----a-w-    c:\windows\system32\rdpwsx.dll
2012-03-13 22:59 . 2012-01-25 05:44    129536    ----a-w-    c:\windows\system32\rdpcorekmts.dll
2012-03-13 22:59 . 2012-01-25 05:40    8192    ----a-w-    c:\windows\system32\rdrmemptylst.exe
2012-03-13 22:59 . 2012-02-15 05:44    826368    ----a-w-    c:\windows\system32\rdpcore.dll
2012-03-13 22:59 . 2012-02-15 04:22    177152    ----a-w-    c:\windows\system32\drivers\rdpwd.sys
2012-03-13 22:59 . 2012-02-15 04:22    24064    ----a-w-    c:\windows\system32\drivers\tdtcp.sys
2012-03-10 19:43 . 2012-03-10 19:43    --------    d-----w-    c:\users\HOME\AppData\Local\APN
2012-03-10 19:42 . 2012-03-10 19:42    --------    d-----w-    c:\program files\DsNET Corp
2012-03-08 23:30 . 2012-03-18 16:58    --------    d-----w-    c:\program files\3D Live Pool
2012-03-08 18:11 . 2012-03-08 18:11    --------    d-----w-    c:\programdata\Iminent
2012-03-08 18:06 . 2012-03-08 18:06    --------    d-----w-    c:\program files\Ares
2012-03-08 17:21 . 2012-03-08 17:21    626688    ----a-w-    c:\program files\Mozilla Firefox\msvcr80.dll
2012-03-08 17:21 . 2012-03-08 17:21    548864    ----a-w-    c:\program files\Mozilla Firefox\msvcp80.dll
2012-03-08 17:21 . 2012-03-08 17:21    479232    ----a-w-    c:\program files\Mozilla Firefox\msvcm80.dll
2012-03-07 21:54 . 2012-01-04 09:03    442880    ----a-w-    c:\windows\system32\ntshrui.dll
2012-03-07 21:41 . 2011-11-17 05:41    1288984    ----a-w-    c:\windows\system32\ntdll.dll
2012-03-07 21:41 . 2012-01-03 05:44    478208    ----a-w-    c:\windows\system32\timedate.cpl
2012-03-07 21:41 . 2011-11-05 04:30    2048    ----a-w-    c:\windows\system32\tzres.dll
2012-03-07 21:36 . 2011-11-19 14:06    67072    ----a-w-    c:\windows\system32\packager.dll
2012-03-07 21:32 . 2011-10-26 04:28    1328640    ----a-w-    c:\windows\system32\quartz.dll
2012-03-07 21:32 . 2011-10-26 04:28    514560    ----a-w-    c:\windows\system32\qdvd.dll
2012-03-07 21:31 . 2011-11-17 05:48    134000    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2012-03-07 21:31 . 2011-11-17 05:48    67440    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2012-03-07 21:31 . 2011-11-17 05:42    369352    ----a-w-    c:\windows\system32\drivers\cng.sys
2012-03-07 21:31 . 2011-11-17 05:39    314368    ----a-w-    c:\windows\system32\webio.dll
2012-03-07 21:31 . 2011-11-17 05:39    224768    ----a-w-    c:\windows\system32\schannel.dll
2012-03-07 21:31 . 2011-11-17 05:38    1037312    ----a-w-    c:\windows\system32\lsasrv.dll
2012-03-07 21:31 . 2011-11-17 05:39    99840    ----a-w-    c:\windows\system32\sspicli.dll
2012-03-07 21:31 . 2011-11-17 05:39    15360    ----a-w-    c:\windows\system32\sspisrv.dll
2012-03-07 21:31 . 2011-11-17 05:39    22016    ----a-w-    c:\windows\system32\secur32.dll
2012-03-07 21:31 . 2011-11-17 05:36    22528    ----a-w-    c:\windows\system32\lsass.exe
2012-03-07 21:31 . 2011-12-16 07:59    690688    ----a-w-    c:\windows\system32\msvcrt.dll
2012-03-07 21:18 . 2012-03-07 21:18    --------    d-----w-    c:\windows\system32\wbem\en-US
2012-03-07 19:33 . 2011-10-15 05:48    534528    ----a-w-    c:\windows\system32\EncDec.dll
2012-03-07 19:33 . 2011-10-26 04:25    38912    ----a-w-    c:\windows\system32\csrsrv.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 14:18 . 2011-08-31 12:50    237072    ------w-    c:\windows\system32\MpSigStub.exe
2012-03-18 04:11 . 2011-10-06 00:47    97208    ----a-w-    c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 . 811520 . . [6.1.7601.17514] . . c:\windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
[-] 2009-07-14 . 8626F0C30D4E3564FFDD25C90F4426F1 . 811520 . . [6.1.7600.16385] . . c:\windows\System32\user32.dll
[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7600.16385] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912]
"{ba5844d2-b2c5-49eb-86f5-248d776a6f08}"= "c:\program files\Uptodown\prxtbUpto.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}]
.
[HKEY_CLASSES_ROOT\clsid\{ba5844d2-b2c5-49eb-86f5-248d776a6f08}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{00cbb66b-1d3b-46d3-9577-323a336acb50}]
2011-08-09 14:49    225584    ----a-w-    c:\program files\BrowserCompanion\jsloader.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 21:54    175912    ----a-w-    c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}]
2011-08-09 14:49    141104    ----a-w-    c:\program files\BrowserCompanion\updatebhoWin32.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}]
2011-01-17 21:54    175912    ----a-w-    c:\program files\Messenger_Plus\prxtbMess.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba5844d2-b2c5-49eb-86f5-248d776a6f08}]
2011-05-09 09:49    176936    ----a-w-    c:\program files\Uptodown\prxtbUpto.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{ba5844d2-b2c5-49eb-86f5-248d776a6f08}"= "c:\program files\Uptodown\prxtbUpto.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{ba5844d2-b2c5-49eb-86f5-248d776a6f08}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{B760D5A4-8D24-4CB6-942E-D6BB540AD88C}"= "c:\program files\Messenger_Plus\prxtbMess.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{BA5844D2-B2C5-49EB-86F5-248D776A6F08}"= "c:\program files\Uptodown\prxtbUpto.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{b760d5a4-8d24-4cb6-942e-d6bb540ad88c}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{ba5844d2-b2c5-49eb-86f5-248d776a6f08}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="c:\program files\Microsoft Office\Office14\MSOSYNC.EXE" [2010-03-16 718208]
"E09EXLRD_168325"="c:\program files\Microsoft Encarta\Encarta 2009 Biblioteca Premium DVD\EDICT.EXE" [2008-06-06 351000]
"ares"="c:\program files\Ares\Ares.exe" [2012-02-02 3209216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2011-07-11 74752]
"Browser companion helper"="c:\program files\BrowserCompanion\BCHelper.exe" [2011-08-09 192304]
"PlusService"="c:\program files\Yuna Software\Messenger Plus!\PlusService.exe" [2011-05-26 800768]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
c:\users\HOME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Recorte de pantalla y Selector de OneNote 2010.lnk - c:\program files\Microsoft Office\Office14\ONENOTEM.EXE [2010-3-29 227712]
Stardock ObjectDock.lnk - c:\program files\Stardock\ObjectDockFree\ObjectDock.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Administrador de servicios.lnk - c:\program files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe [N/A]
PDFCreator.lnk - c:\program files\PDFCreator\PDFCreator.exe [2011-2-10 2641920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PDFCreator.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PDFCreator.lnk
backup=c:\windows\pss\PDFCreator.lnk.CommonStartup
backupExtension=.CommonStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC7302_Monitor
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-06-12 07:38    34672    ----a-w-    c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-03-06 08:44    500208    ------w-    c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 19:54    91520    ----a-w-    c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-28 00:03    152872    ----a-w-    c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonMyPrinter]
2010-03-25 02:50    2516296    ----a-w-    c:\program files\Canon\MyPrinter\BJMYPRT.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenuEx]
2010-04-02 15:18    1185112    ----a-w-    c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-02-10 22:40    136176    ----atw-    c:\users\HOME\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2009-09-21 23:40    1681408    ----a-r-    c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 20:57    153136    ----a-w-    c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2009-07-08 16:42    13793824    ----a-w-    c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Antivirus]
2009-12-10 22:53    81920    ----a-w-    c:\program files\USB Disk Security\RunUSBGuard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47    74752    ----a-w-    c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000]
R3 RTL8167;Controlador NT de Realtek 8167;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2011-03-30 25088]
R3 WatAdminSvc;Servicio de tecnologías de activación de Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-10-14 1343400]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbguard.exe [2010-09-17 98304]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\windows\System32\nvSCPAPISvr.exe [2009-07-08 239648]
S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_5\bin\fbserver.exe [2010-09-17 3735552]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2009-09-18 1086976]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-224886382-3761025378-1855908048-1000Core.job
- c:\users\HOME\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 22:40]
.
2012-03-21 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-224886382-3761025378-1855908048-1000UA.job
- c:\users\HOME\AppData\Local\Google\Update\GoogleUpdate.exe [2011-02-10 22:40]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.gux-search.com
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Enviar a OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
TCP: Interfaces\{39576847-844B-49D3-8AFB-EDF1D70FE036}: NameServer = 200.48.225.130,200.48.225.146
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - c:\program files\BrowserCompanion\tdataprotocol.dll
FF - ProfilePath - c:\users\HOME\AppData\Roaming\Mozilla\Firefox\Profiles\5sd2cs07.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.gux-search.com
FF - prefs.js: keyword.URL - hxxp://www.plusnetwork.com/?sp=addr&q=
user_pref(browser.startup.homepage , hxxp://www.gux-search.com);
FF - user.js: browser.startup.page - 1
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - c:\program files\uTorrentBar_ES\prxtbuTor.dll
BHO-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - c:\program files\uTorrentBar_ES\prxtbuTor.dll
Toolbar-{db131c55-60c8-4adc-84dc-9e76ab06e2dc} - c:\program files\uTorrentBar_ES\prxtbuTor.dll
WebBrowser-{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{DB131C55-60C8-4ADC-84DC-9E76AB06E2DC} - c:\program files\uTorrentBar_ES\prxtbuTor.dll
HKCU-Run-CubeDesktop - (no file)
HKCU-Run-AdobeBridge - c:\program files\Adobe\Adobe Bridge CS5\Bridge.exe
HKCU-Run-RDReminder - (no file)
HKCU-Run-Likekp - c:\users\HOME\AppData\Roaming\Likekp.exe
SharedTaskScheduler-{1984D045-52CF-49cd-DB77-08F378FEA4DB} - c:\program files\Stardock\ObjectDockFree\ODMenu.dll
MSConfigStartUp-AdobeCS5ServiceManager - c:\program files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
MSConfigStartUp-BDRegion - c:\program files\Cyberlink\Shared files\brs.exe
MSConfigStartUp-nod32kui - c:\program files\Eset\nod32kui.exe
MSConfigStartUp-RemoteControl10 - c:\program files\CyberLink\PowerDVD10\PDVD10Serv.exe
MSConfigStartUp-SwitchBoard - c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSConfigStartUp-UpdateReminder - c:\program files\Eset\UpdateReminder.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-224886382-3761025378-1855908048-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1D58FDE5-5A55-9371-68B5-DF7137046D5E}*]
"jallhablhhhfnmoepnjp"=hex:63,61,6d,66,69,61,00,00
"padimenlecddjemllcobmepljnlpkcmh"=hex:65,61,69,63,64,69,65,6a,6c,61,00,00
"hallhablhhhfnmoe"=hex:61,61,00,00
.
[HKEY_USERS\S-1-5-21-224886382-3761025378-1855908048-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9F473EE8-D3DF-B4DD-240E-06F86AB8D4D8}*]
@Allowed: (Read) (RestrictedCode)
"iampgcdakkcoeeocfb"=hex:69,61,6d,6d,6c,64,64,6f,68,65,6d,6e,6d,67,62,62,64,6f,
   00,00
"hagamaljgfcfdppe"=hex:69,61,6d,6d,6c,64,64,6f,68,65,6d,6e,6d,67,62,62,64,6f,
   00,00
"iaicodebhjnklelijc"=hex:63,61,6e,6d,6c,64,00,00
"dbhmmnccjjachhldlipkaggbebjgmfemhilldeoo"=hex:68,61,62,67,63,67,6d,66,62,6e,
   62,67,69,63,63,68,00,00
"jbhmmnccjjachhldlipknejopdimajhgfhalbgknffkajmhbfnog"=hex:68,61,62,67,63,67,
   6d,66,62,6e,62,67,69,63,63,68,00,00
"dbhmmnccjjachhldlipklenaheileicbpeblcjdj"=hex:62,61,67,63,00,00
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\AUDIODG.EXE
c:\windows\system32\nvvsvc.exe
c:\program files\Canon\IJPLM\IJPLMSVC.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\conhost.exe
c:\windows\System32\rundll32.exe
.
**************************************************************************
.
Completion time: 2012-03-21  00:00:16 - machine was rebooted
ComboFix-quarantined-files.txt  2012-03-21 05:00
.
Pre-Run: 69,890,125,824 bytes libres
Post-Run: 69,797,502,976 bytes libres
.
- - End Of File - - 1B9354446364DB79E5DA2B5D16E74511

:confused: :confused:
 

LinNNUX

Nuevo Miembro
Miembro
dame tu msn porfa :)! tuve que usar el restaurador de sistemas, cuando aplique el combofix el motor de filtrado de base arrancó pero el firewall sólo cargaba y no funcionaba
 
Estado
Cerrado para nuevas respuestas
Arriba Pie