Imposible activar el firewall

Foro referente al sistema operativo Windows 7
san cherman
Usuario linuxero
Usuario linuxero
Mensajes: 14
Registrado: 26 Dic 2011, 21:58
Agradecido : 1 vez
Contactar:

Imposible activar el firewall

Mensajepor san cherman » 26 Dic 2011, 22:20

Hola gente como va, bueno tengo un error al activar el firewall, ya que no puedo iniciar el Motor de filtrado de base porque me da error 5 acceso denegado, luego intente arreglar con sfc /scannow, y me puso esto:
C:\Windows\system32>sfc /scannow

Iniciando examen en el sistema. Este proceso tardará algún tiempo.

Iniciando la fase de comprobación del examen del sistema.
Se completó la comprobación de 100%.
Protección de recursos de Windows encontró archivos dañados y no consiguió
reparar algunos de ellos. Para obtener más detalles, consulte CBS.Log
windir\Logs\CBS\CBS.log. Por ejemplo, C:\Windows\Logs\CBS\CBS.log.

Si creo el sfcdetails, contiene esto:
2011-12-26 17:26:16, Info CSI 0000002c [SR] Cannot repair member file [l:28{14}]"wdmaud.drv.mui" of Microsoft-Windows-Audio-MMECore-WDM-Audio.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-12-26 17:26:18, Info CSI 0000002f [SR] Cannot repair member file [l:28{14}]"wdmaud.drv.mui" of Microsoft-Windows-Audio-MMECore-WDM-Audio.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-12-26 17:35:34, Info CSI 000002f2 [SR] Cannot repair member file [l:28{14}]"wdmaud.drv.mui" of Microsoft-Windows-Audio-MMECore-WDM-Audio.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2011-12-26 17:35:34, Info CSI 000002f4 [SR] Cannot repair member file [l:28{14}]"wdmaud.drv.mui" of Microsoft-Windows-Audio-MMECore-WDM-Audio.Resources, Version = 6.1.7600.16385, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture = [l:10{5}]"es-ES", VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch


Mi windows 7 es original, diganme que puedo hacer para reparar este problema sin tener que formatear.
Muchas gracias. :triste:

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Imposible activar el firewall

Mensajepor Souto » 26 Dic 2011, 23:17

Hola, bienvenido.

Lo que comentas apunta clraramente a una infección ó a un daño de la librería BFE.dll
Hacen falta más datos.

1. Inicio>>Programas>>Accesorios>>ratón derecho sobre símbolo sistema>>ejecutar como administrador.
Ahí tecleas sucesivamente los comandos que siguen y das intro tras cada uno de ellos

sc qc BFE
sc qc RpcSs
sc qc DcomLaunch


por último ratón derecho sobre el marco superior de esa ventana tipo MSDOS Editar>>Seleccionar todo, pulsas la tecla Intro y con esto ya lo tendrás copiado en el portapapeles. No tienes más que venir al foro>>Ratón derecho>>Pegar

2. Saca un log de HijackThis en la forma en que aquí se indica para Seven y pégalo en el foro
manuales-tutoriales/como-obtener-un-informe-de-hijackthis-en-vista-o-seven-t12460.html


Saludos
Qui dove il mare luccica e tira forte il vento

san cherman
Usuario linuxero
Usuario linuxero
Mensajes: 14
Registrado: 26 Dic 2011, 21:58
Agradecido : 1 vez
Contactar:

Re: Imposible activar el firewall

Mensajepor san cherman » 26 Dic 2011, 23:32

Paso 1
C:\Windows\system32>sc qc BFE
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: BFE
TIPO : 20 WIN32_SHARE_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Windows\system32\svchost.exe -k LocalServiceNoNe
twork
GRUPO_ORDEN_CARGA : NetworkProvider
ETIQUETA : 0
NOMBRE_MOSTRAR : Motor de filtrado de base
DEPENDENCIAS : RpcSs
NOMBRE_INICIO_SERVICIO: NT AUTHORITY\LocalService

C:\Windows\system32>sc qc RpcSs
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: RpcSs
TIPO : 20 WIN32_SHARE_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Windows\system32\svchost.exe -k rpcss
GRUPO_ORDEN_CARGA : COM Infrastructure
ETIQUETA : 0
NOMBRE_MOSTRAR : Llamada a procedimiento remoto (RPC)
DEPENDENCIAS : RpcEptMapper
: DcomLaunch
NOMBRE_INICIO_SERVICIO: NT AUTHORITY\NetworkService

C:\Windows\system32>sc qc DcomLaunch
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: DcomLaunch
TIPO : 20 WIN32_SHARE_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Windows\system32\svchost.exe -k DcomLaunch
GRUPO_ORDEN_CARGA : COM Infrastructure
ETIQUETA : 0
NOMBRE_MOSTRAR : Iniciador de procesos de servidor DCOM
DEPENDENCIAS :
NOMBRE_INICIO_SERVICIO: LocalSystem

C:\Windows\system32>

Paso 2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:30:24 p.m., on 26/12/2011
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\DigitalPersona\Bin\DpAgent.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.la.dell.com/content/default ... l=es&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.facemoods.com/?a=down
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://find.localstrike.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://find.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://find.localstrike.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=down&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:64242
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - (no file)
O2 - BHO: DigitalPersona Fingerprint Software Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: facemoods Helper - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\bh\facemoods.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Aplicación auxiliar de la Grabadora de prueba web de Microsoft 10.0 - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - c:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll
O3 - Toolbar: facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodsTlbr.dll
O4 - HKLM\..\Run: [DpAgent] C:\Program Files (x86)\DigitalPersona\Bin\dpagent.exe
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [DA2.exe] C:\Users\Emiliano Perez\AppData\Roaming\Microsoft\4E54\DA2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Servicio de red')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Servicio de red')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Enviar a OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Enviar imagen al dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Enviar página al dispositivo &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Notas &vinculadas de OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Enviar a Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Enviar a &Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira AntiVir MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira AntiVir Programador (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira AntiVir WebGuard (AntiVirWebService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files (x86)\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_d550fa1f2cf8996d\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: DW WLAN Tray Service (wltrysvc) - Dell Inc. - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13683 bytes

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Imposible activar el firewall

Mensajepor Souto » 26 Dic 2011, 23:55

Tanto el servicio como las dependencias están OK.
El log HJT no aporta nada especial.

La pérdida de permisos, en general, se debe a infección.

Mi consejo:

1. Descarga el RogueKiller
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
ratón derecho sobre él>>ejecutar como administrador. Se iniciará una ventana cuyo final de texto será una petición de intrucción para continuar

Imagen


ahí tecleas 2 y das intro. Lo dejas acabar y se abrirá un informe. Guárdalo en Escritorio para después

2. Descarga el Tdsskiller
http://support.kaspersky.com/downloads/ ... killer.exe

ratón derecho>>ejecutar como administrador
En la primera ventana pulsa sobre "Change parameters " y valida las dos casillas que no aparecen marcadas por defecto (Verify driver digital signatures y Detect TDLFS file system) y das en OK. A continuación pulsa sobre Start Scan
Cuando haya finalizado pulsa arriba a la derecha sobre "Report", copia el contenido y lo guardas en Escritorio

3.Déjalo esta noche realizando un análisis completo con esta aplicación:

http://www.infospyware.com/antispyware/ ... timalware/

Al finalizar mostrará un informe, pégalo también en el foro por favor junto con los dos anteriores.
Mañana, si nadie entra antes, le doy un vistazo.

Saludos
Qui dove il mare luccica e tira forte il vento

san cherman
Usuario linuxero
Usuario linuxero
Mensajes: 14
Registrado: 26 Dic 2011, 21:58
Agradecido : 1 vez
Contactar:

Re: Imposible activar el firewall

Mensajepor san cherman » 27 Dic 2011, 01:41

1
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User: Emiliano Perez [Admin rights]
Mode: Remove -- Date : 12/26/2011 20:01:01

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 7 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : DA2.exe (C:\Users\Emiliano Perez\AppData\Roaming\Microsoft\4E54\DA2.exe) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyEnable (1) -> NOT REMOVED, USE PROXYFIX
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:64242) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤


¤¤¤ MBR Check: ¤¤¤
--- User ---
[MBR] 7f4a2d0ed3895930f0e00aae44fe7a1e
[BSP] 60fc12e9eff6733c42f39fc56b49ce6d : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 41 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 81920 | Size: 10504 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 20598784 | Size: 245273 Mo
3 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 499648512 | Size: 244286 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt

2
20:04:39.0928 3252 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
20:04:40.0787 3252 ============================================================
20:04:40.0787 3252 Current date / time: 2011/12/26 20:04:40.0787
20:04:40.0787 3252 SystemInfo:
20:04:40.0787 3252
20:04:40.0787 3252 OS Version: 6.1.7601 ServicePack: 1.0
20:04:40.0787 3252 Product type: Workstation
20:04:40.0787 3252 ComputerName: EMILIANOPEREZ
20:04:40.0787 3252 UserName: Emiliano Perez
20:04:40.0787 3252 Windows directory: C:\Windows
20:04:40.0787 3252 System windows directory: C:\Windows
20:04:40.0788 3252 Running under WOW64
20:04:40.0788 3252 Processor architecture: Intel x64
20:04:40.0788 3252 Number of processors: 8
20:04:40.0788 3252 Page size: 0x1000
20:04:40.0788 3252 Boot type: Normal boot
20:04:40.0788 3252 ============================================================
20:04:41.0231 3252 Initialize success
20:05:22.0918 4488 ============================================================
20:05:22.0918 4488 Scan started
20:05:22.0918 4488 Mode: Manual; SigCheck; TDLFS;
20:05:22.0918 4488 ============================================================
20:05:23.0304 4488 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:05:23.0491 4488 1394ohci - ok
20:05:23.0529 4488 Acceler (4216c0208b4b4f6334dd6c1779bfad7b) C:\Windows\system32\DRIVERS\Accelern.sys
20:05:24.0684 4488 Acceler - ok
20:05:24.0769 4488 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:05:24.0793 4488 ACPI - ok
20:05:24.0812 4488 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:05:24.0887 4488 AcpiPmi - ok
20:05:24.0952 4488 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
20:05:25.0001 4488 adp94xx - ok
20:05:25.0025 4488 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
20:05:25.0062 4488 adpahci - ok
20:05:25.0084 4488 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
20:05:25.0116 4488 adpu320 - ok
20:05:25.0169 4488 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
20:05:25.0242 4488 AFD - ok
20:05:25.0258 4488 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:05:25.0279 4488 agp440 - ok
20:05:25.0300 4488 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:05:25.0325 4488 aliide - ok
20:05:25.0342 4488 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:05:25.0367 4488 amdide - ok
20:05:25.0383 4488 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
20:05:25.0457 4488 AmdK8 - ok
20:05:25.0470 4488 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
20:05:25.0504 4488 AmdPPM - ok
20:05:25.0540 4488 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:05:25.0570 4488 amdsata - ok
20:05:25.0640 4488 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
20:05:25.0671 4488 amdsbs - ok
20:05:25.0700 4488 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:05:25.0716 4488 amdxata - ok
20:05:25.0771 4488 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:05:25.0849 4488 AppID - ok
20:05:25.0883 4488 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
20:05:25.0898 4488 arc - ok
20:05:25.0912 4488 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
20:05:25.0926 4488 arcsas - ok
20:05:25.0958 4488 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:05:26.0002 4488 AsyncMac - ok
20:05:26.0024 4488 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:05:26.0033 4488 atapi - ok
20:05:26.0068 4488 avgntflt (c30b5fc0adcdfba7668e99baf0cbf58e) C:\Windows\system32\DRIVERS\avgntflt.sys
20:05:26.0111 4488 avgntflt - ok
20:05:26.0144 4488 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
20:05:26.0241 4488 b06bdrv - ok
20:05:26.0283 4488 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:05:26.0351 4488 b57nd60a - ok
20:05:26.0443 4488 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys
20:05:26.0501 4488 BCM42RLY - ok
20:05:26.0607 4488 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys
20:05:26.0753 4488 BCM43XX - ok
20:05:26.0819 4488 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:05:26.0896 4488 Beep - ok
20:05:27.0035 4488 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
20:05:27.0085 4488 blbdrive - ok
20:05:27.0129 4488 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:05:27.0164 4488 bowser - ok
20:05:27.0200 4488 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:05:27.0254 4488 BrFiltLo - ok
20:05:27.0274 4488 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:05:27.0314 4488 BrFiltUp - ok
20:05:27.0350 4488 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:05:27.0430 4488 Brserid - ok
20:05:27.0448 4488 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:05:27.0513 4488 BrSerWdm - ok
20:05:27.0544 4488 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:05:27.0590 4488 BrUsbMdm - ok
20:05:27.0603 4488 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:05:27.0680 4488 BrUsbSer - ok
20:05:27.0727 4488 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:05:27.0771 4488 BthEnum - ok
20:05:27.0802 4488 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
20:05:27.0833 4488 BTHMODEM - ok
20:05:27.0853 4488 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:05:27.0895 4488 BthPan - ok
20:05:27.0947 4488 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:05:28.0019 4488 BTHPORT - ok
20:05:28.0057 4488 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:05:28.0083 4488 BTHUSB - ok
20:05:28.0095 4488 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys
20:05:28.0122 4488 btwaudio - ok
20:05:28.0170 4488 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
20:05:28.0218 4488 btwavdt - ok
20:05:28.0253 4488 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:05:28.0270 4488 btwl2cap - ok
20:05:28.0284 4488 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
20:05:28.0332 4488 btwrchid - ok
20:05:28.0348 4488 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:05:28.0402 4488 cdfs - ok
20:05:28.0441 4488 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
20:05:28.0482 4488 cdrom - ok
20:05:28.0521 4488 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
20:05:28.0582 4488 circlass - ok
20:05:28.0620 4488 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:05:28.0652 4488 CLFS - ok
20:05:28.0694 4488 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
20:05:28.0705 4488 CmBatt - ok
20:05:28.0721 4488 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:05:28.0732 4488 cmdide - ok
20:05:28.0762 4488 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
20:05:28.0813 4488 CNG - ok
20:05:28.0836 4488 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
20:05:28.0854 4488 Compbatt - ok
20:05:28.0886 4488 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:05:28.0919 4488 CompositeBus - ok
20:05:28.0981 4488 cpuz133 (641243746597fbd650e5000d95811ea3) C:\Windows\system32\drivers\cpuz133_x64.sys
20:05:29.0026 4488 cpuz133 - ok
20:05:29.0081 4488 cpuz135 (76355d5eafdfa3e9b7580b9153de1f30) C:\Windows\system32\drivers\cpuz135_x64.sys
20:05:29.0138 4488 cpuz135 - ok
20:05:29.0162 4488 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
20:05:29.0182 4488 crcdisk - ok
20:05:29.0219 4488 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
20:05:29.0307 4488 CSC - ok
20:05:29.0337 4488 CtClsFlt (fbe228abeab2be13b9c3a3a112d4d8dc) C:\Windows\system32\DRIVERS\CtClsFlt.sys
20:05:29.0392 4488 CtClsFlt - ok
20:05:29.0437 4488 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:05:29.0483 4488 DfsC - ok
20:05:29.0515 4488 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:05:29.0574 4488 discache - ok
20:05:29.0599 4488 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
20:05:29.0608 4488 Disk - ok
20:05:29.0642 4488 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:05:29.0666 4488 drmkaud - ok
20:05:29.0710 4488 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:05:29.0776 4488 DXGKrnl - ok
20:05:29.0859 4488 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
20:05:29.0993 4488 ebdrv - ok
20:05:30.0030 4488 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
20:05:30.0054 4488 elxstor - ok
20:05:30.0082 4488 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:05:30.0123 4488 ErrDev - ok
20:05:30.0163 4488 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:05:30.0249 4488 exfat - ok
20:05:30.0277 4488 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:05:30.0326 4488 fastfat - ok
20:05:30.0356 4488 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
20:05:30.0401 4488 fdc - ok
20:05:30.0439 4488 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:05:30.0460 4488 FileInfo - ok
20:05:30.0476 4488 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:05:30.0533 4488 Filetrace - ok
20:05:30.0543 4488 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
20:05:30.0558 4488 flpydisk - ok
20:05:30.0597 4488 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:05:30.0628 4488 FltMgr - ok
20:05:30.0648 4488 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:05:30.0656 4488 FsDepends - ok
20:05:30.0683 4488 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:05:30.0694 4488 Fs_Rec - ok
20:05:30.0711 4488 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:05:30.0725 4488 fvevol - ok
20:05:30.0745 4488 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
20:05:30.0758 4488 gagp30kx - ok
20:05:30.0826 4488 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
20:05:30.0885 4488 hamachi - ok
20:05:30.0909 4488 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:05:31.0045 4488 hcw85cir - ok
20:05:31.0071 4488 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:05:31.0089 4488 HDAudBus - ok
20:05:31.0114 4488 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:05:31.0172 4488 HECIx64 - ok
20:05:31.0190 4488 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
20:05:31.0227 4488 HidBatt - ok
20:05:31.0246 4488 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
20:05:31.0305 4488 HidBth - ok
20:05:31.0341 4488 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
20:05:31.0406 4488 HidIr - ok
20:05:31.0438 4488 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
20:05:31.0470 4488 HidUsb - ok
20:05:31.0534 4488 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:05:31.0564 4488 HpSAMD - ok
20:05:31.0613 4488 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:05:31.0701 4488 HTTP - ok
20:05:31.0737 4488 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:05:31.0745 4488 hwpolicy - ok
20:05:31.0761 4488 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:05:31.0773 4488 i8042prt - ok
20:05:31.0800 4488 iaStor (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
20:05:31.0828 4488 iaStor - ok
20:05:31.0870 4488 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:05:31.0918 4488 iaStorV - ok
20:05:31.0952 4488 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
20:05:31.0974 4488 iirsp - ok
20:05:32.0013 4488 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:05:32.0037 4488 intelide - ok
20:05:32.0057 4488 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
20:05:32.0070 4488 intelppm - ok
20:05:32.0110 4488 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:05:32.0182 4488 IpFilterDriver - ok
20:05:32.0206 4488 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:05:32.0223 4488 IPMIDRV - ok
20:05:32.0244 4488 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:05:32.0324 4488 IPNAT - ok
20:05:32.0353 4488 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:05:32.0448 4488 IRENUM - ok
20:05:32.0466 4488 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:05:32.0486 4488 isapnp - ok
20:05:32.0521 4488 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:05:32.0549 4488 iScsiPrt - ok
20:05:32.0583 4488 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:05:32.0597 4488 kbdclass - ok
20:05:32.0619 4488 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:05:32.0662 4488 kbdhid - ok
20:05:32.0711 4488 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
20:05:32.0721 4488 KSecDD - ok
20:05:32.0746 4488 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
20:05:32.0756 4488 KSecPkg - ok
20:05:32.0772 4488 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:05:32.0843 4488 ksthunk - ok
20:05:32.0886 4488 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:05:32.0980 4488 lltdio - ok
20:05:33.0037 4488 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
20:05:33.0068 4488 LSI_FC - ok
20:05:33.0085 4488 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
20:05:33.0098 4488 LSI_SAS - ok
20:05:33.0113 4488 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:05:33.0126 4488 LSI_SAS2 - ok
20:05:33.0144 4488 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:05:33.0157 4488 LSI_SCSI - ok
20:05:33.0168 4488 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:05:33.0230 4488 luafv - ok
20:05:33.0260 4488 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
20:05:33.0272 4488 megasas - ok
20:05:33.0292 4488 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
20:05:33.0311 4488 MegaSR - ok
20:05:33.0338 4488 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:05:33.0370 4488 Modem - ok
20:05:33.0391 4488 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:05:33.0417 4488 monitor - ok
20:05:33.0441 4488 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:05:33.0449 4488 mouclass - ok
20:05:33.0475 4488 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:05:33.0516 4488 mouhid - ok
20:05:33.0545 4488 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:05:33.0568 4488 mountmgr - ok
20:05:33.0601 4488 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:05:33.0618 4488 mpio - ok
20:05:33.0641 4488 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:05:33.0712 4488 mpsdrv - ok
20:05:33.0738 4488 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:05:33.0834 4488 MRxDAV - ok
20:05:33.0853 4488 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:05:33.0907 4488 mrxsmb - ok
20:05:33.0958 4488 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:05:34.0049 4488 mrxsmb10 - ok
20:05:34.0118 4488 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:05:34.0165 4488 mrxsmb20 - ok
20:05:34.0192 4488 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:05:34.0218 4488 msahci - ok
20:05:34.0240 4488 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:05:34.0265 4488 msdsm - ok
20:05:34.0293 4488 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:05:34.0339 4488 Msfs - ok
20:05:34.0376 4488 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:05:34.0435 4488 mshidkmdf - ok
20:05:34.0445 4488 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:05:34.0453 4488 msisadrv - ok
20:05:34.0493 4488 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:05:34.0554 4488 MSKSSRV - ok
20:05:34.0590 4488 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:05:34.0667 4488 MSPCLOCK - ok
20:05:34.0696 4488 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:05:34.0762 4488 MSPQM - ok
20:05:34.0799 4488 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:05:34.0815 4488 MsRPC - ok
20:05:34.0830 4488 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:05:34.0839 4488 mssmbios - ok
20:05:34.0862 4488 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:05:34.0908 4488 MSTEE - ok
20:05:34.0934 4488 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
20:05:34.0966 4488 MTConfig - ok
20:05:34.0986 4488 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:05:35.0007 4488 Mup - ok
20:05:35.0053 4488 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:05:35.0134 4488 NativeWifiP - ok
20:05:35.0206 4488 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:05:35.0259 4488 NDIS - ok
20:05:35.0274 4488 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:05:35.0308 4488 NdisCap - ok
20:05:35.0336 4488 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:05:35.0409 4488 NdisTapi - ok
20:05:35.0438 4488 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:05:35.0505 4488 Ndisuio - ok
20:05:35.0545 4488 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:05:35.0626 4488 NdisWan - ok
20:05:35.0665 4488 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:05:35.0698 4488 NDProxy - ok
20:05:35.0718 4488 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:05:35.0782 4488 NetBIOS - ok
20:05:35.0819 4488 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:05:35.0913 4488 NetBT - ok
20:05:35.0965 4488 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
20:05:35.0978 4488 nfrd960 - ok
20:05:36.0011 4488 nmwcd (88f2f2cb9faee2e14bccf384f4c88061) C:\Windows\system32\drivers\ccdcmbx64.sys
20:05:36.0103 4488 nmwcd - ok
20:05:36.0134 4488 nmwcdc (31c1fac4ae14fb2f8771c59ba3f90bad) C:\Windows\system32\drivers\ccdcmbox64.sys
20:05:36.0218 4488 nmwcdc - ok
20:05:36.0266 4488 NPF (c31fa031335eff434b2d94278e74bcce) C:\Windows\system32\drivers\npf.sys
20:05:36.0332 4488 NPF - ok
20:05:36.0344 4488 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:05:36.0408 4488 Npfs - ok
20:05:36.0432 4488 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:05:36.0474 4488 nsiproxy - ok
20:05:36.0542 4488 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:05:36.0596 4488 Ntfs - ok
20:05:36.0612 4488 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:05:36.0677 4488 Null - ok
20:05:36.0716 4488 NVHDA (cddd4478757288df4bb1494bfd084259) C:\Windows\system32\drivers\nvhda64v.sys
20:05:36.0762 4488 NVHDA - ok
20:05:36.0965 4488 nvlddmkm (056d8b45fd4869947045bdc25e8734df) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:05:37.0334 4488 nvlddmkm - ok
20:05:37.0377 4488 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:05:37.0410 4488 nvraid - ok
20:05:37.0432 4488 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:05:37.0465 4488 nvstor - ok
20:05:37.0511 4488 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:05:37.0544 4488 nv_agp - ok
20:05:37.0562 4488 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:05:37.0599 4488 ohci1394 - ok
20:05:37.0658 4488 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
20:05:37.0691 4488 Parport - ok
20:05:37.0718 4488 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:05:37.0741 4488 partmgr - ok
20:05:37.0780 4488 pccsmcfd (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:05:37.0836 4488 pccsmcfd - ok
20:05:37.0850 4488 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:05:37.0870 4488 pci - ok
20:05:37.0889 4488 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:05:37.0897 4488 pciide - ok
20:05:37.0915 4488 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
20:05:37.0939 4488 pcmcia - ok
20:05:37.0952 4488 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:05:37.0973 4488 pcw - ok
20:05:38.0006 4488 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:05:38.0109 4488 PEAUTH - ok
20:05:38.0238 4488 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:05:38.0297 4488 PptpMiniport - ok
20:05:38.0310 4488 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
20:05:38.0340 4488 Processor - ok
20:05:38.0377 4488 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:05:38.0426 4488 Psched - ok
20:05:38.0441 4488 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:05:38.0465 4488 PxHlpa64 - ok
20:05:38.0515 4488 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
20:05:38.0619 4488 ql2300 - ok
20:05:38.0651 4488 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
20:05:38.0684 4488 ql40xx - ok
20:05:38.0703 4488 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:05:38.0747 4488 QWAVEdrv - ok
20:05:38.0776 4488 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:05:38.0845 4488 RasAcd - ok
20:05:38.0875 4488 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:05:38.0922 4488 RasAgileVpn - ok
20:05:38.0954 4488 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:05:39.0042 4488 Rasl2tp - ok
20:05:39.0054 4488 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:05:39.0093 4488 RasPppoe - ok
20:05:39.0104 4488 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:05:39.0141 4488 RasSstp - ok
20:05:39.0168 4488 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:05:39.0235 4488 rdbss - ok
20:05:39.0262 4488 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
20:05:39.0309 4488 rdpbus - ok
20:05:39.0352 4488 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:05:39.0434 4488 RDPCDD - ok
20:05:39.0469 4488 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
20:05:39.0526 4488 RDPDR - ok
20:05:39.0542 4488 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:05:39.0588 4488 RDPENCDD - ok
20:05:39.0618 4488 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:05:39.0648 4488 RDPREFMP - ok
20:05:39.0669 4488 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
20:05:39.0705 4488 RDPWD - ok
20:05:39.0739 4488 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:05:39.0751 4488 rdyboost - ok
20:05:39.0801 4488 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:05:39.0851 4488 RFCOMM - ok
20:05:39.0883 4488 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
20:05:39.0943 4488 rimspci - ok
20:05:39.0980 4488 RimUsb (7b04c9843921ab1f695fb395422c5360) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
20:05:40.0008 4488 RimUsb - ok
20:05:40.0038 4488 risdpcie (a6da2b0c8f5bb3f9f5423cff8d6a02d9) C:\Windows\system32\DRIVERS\risdpe64.sys
20:05:40.0073 4488 risdpcie - ok
20:05:40.0086 4488 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
20:05:40.0133 4488 rixdpcie - ok
20:05:40.0219 4488 RsFx0103 (cd553b8633466a6d1c115812f2619f1f) C:\Windows\system32\DRIVERS\RsFx0103.sys
20:05:40.0263 4488 RsFx0103 - ok
20:05:40.0306 4488 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:05:40.0375 4488 rspndr - ok
20:05:40.0425 4488 RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
20:05:41.0524 4488 RTL8167 - ok
20:05:41.0607 4488 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
20:05:41.0666 4488 s3cap - ok
20:05:41.0696 4488 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:05:41.0713 4488 sbp2port - ok
20:05:41.0768 4488 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:05:41.0838 4488 scfilter - ok
20:05:41.0872 4488 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:05:41.0934 4488 secdrv - ok
20:05:41.0968 4488 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
20:05:42.0007 4488 Serenum - ok
20:05:42.0045 4488 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
20:05:42.0098 4488 Serial - ok
20:05:42.0132 4488 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
20:05:42.0157 4488 sermouse - ok
20:05:42.0184 4488 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:05:42.0200 4488 sffdisk - ok
20:05:42.0220 4488 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:05:42.0257 4488 sffp_mmc - ok
20:05:42.0270 4488 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:05:42.0309 4488 sffp_sd - ok
20:05:42.0336 4488 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
20:05:42.0364 4488 sfloppy - ok
20:05:42.0409 4488 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
20:05:42.0466 4488 Sftfs - ok
20:05:42.0503 4488 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
20:05:42.0519 4488 Sftplay - ok
20:05:42.0532 4488 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
20:05:42.0539 4488 Sftredir - ok
20:05:42.0557 4488 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
20:05:42.0566 4488 Sftvol - ok
20:05:42.0598 4488 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:05:42.0634 4488 SiSRaid2 - ok
20:05:42.0656 4488 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
20:05:42.0677 4488 SiSRaid4 - ok
20:05:42.0707 4488 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:05:42.0774 4488 Smb - ok
20:05:42.0806 4488 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:05:42.0815 4488 spldr - ok
20:05:42.0860 4488 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:05:42.0952 4488 srv - ok
20:05:42.0978 4488 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:05:43.0011 4488 srv2 - ok
20:05:43.0025 4488 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:05:43.0057 4488 srvnet - ok
20:05:43.0100 4488 stdcfltn (9c7be3666b8953854fefa2ad9c291d5a) C:\Windows\system32\DRIVERS\stdcfltn.sys
20:05:43.0150 4488 stdcfltn - ok
20:05:43.0175 4488 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
20:05:43.0186 4488 stexstor - ok
20:05:43.0220 4488 STHDA (3fe584503dc68cd206143bc334c43484) C:\Windows\system32\DRIVERS\stwrt64.sys
20:05:43.0284 4488 STHDA - ok
20:05:43.0323 4488 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
20:05:43.0336 4488 storflt - ok
20:05:43.0364 4488 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
20:05:43.0389 4488 storvsc - ok
20:05:43.0409 4488 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:05:43.0420 4488 swenum - ok
20:05:43.0459 4488 SynTP (e5d73228176c9f69072d1f91ced83484) C:\Windows\system32\DRIVERS\SynTP.sys
20:05:43.0541 4488 SynTP - ok
20:05:43.0634 4488 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:05:43.0704 4488 Tcpip - ok
20:05:43.0760 4488 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:05:43.0799 4488 TCPIP6 - ok
20:05:43.0824 4488 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:05:43.0902 4488 tcpipreg - ok
20:05:43.0931 4488 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:05:44.0001 4488 TDPIPE - ok
20:05:44.0020 4488 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
20:05:44.0051 4488 TDTCP - ok
20:05:44.0094 4488 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:05:44.0176 4488 tdx - ok
20:05:44.0214 4488 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:05:44.0223 4488 TermDD - ok
20:05:44.0269 4488 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:05:44.0327 4488 tssecsrv - ok
20:05:44.0390 4488 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:05:44.0445 4488 TsUsbFlt - ok
20:05:44.0530 4488 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
20:05:44.0581 4488 TuneUpUtilitiesDrv - ok
20:05:44.0614 4488 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:05:44.0691 4488 tunnel - ok
20:05:44.0718 4488 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
20:05:44.0731 4488 uagp35 - ok
20:05:44.0773 4488 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:05:44.0824 4488 udfs - ok
20:05:44.0855 4488 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:05:44.0882 4488 uliagpkx - ok
20:05:44.0915 4488 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:05:44.0937 4488 umbus - ok
20:05:44.0957 4488 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
20:05:45.0001 4488 UmPass - ok
20:05:45.0056 4488 upperdev (fbd861e69e1f583bec906fcd04e4f84e) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
20:05:45.0134 4488 upperdev - ok
20:05:45.0160 4488 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:05:45.0191 4488 usbccgp - ok
20:05:45.0212 4488 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:05:45.0274 4488 usbcir - ok
20:05:45.0380 4488 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:05:45.0391 4488 usbehci - ok
20:05:45.0425 4488 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:05:45.0475 4488 usbhub - ok
20:05:45.0510 4488 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:05:45.0526 4488 usbohci - ok
20:05:45.0563 4488 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:05:45.0595 4488 usbprint - ok
20:05:45.0616 4488 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\DRIVERS\usbser.sys
20:05:45.0645 4488 usbser - ok
20:05:45.0667 4488 UsbserFilt (0fbb0080b287bbcbf5c7076e3d74a35c) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
20:05:45.0731 4488 UsbserFilt - ok
20:05:45.0764 4488 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:05:45.0802 4488 USBSTOR - ok
20:05:45.0894 4488 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:05:45.0918 4488 usbuhci - ok
20:05:45.0950 4488 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:05:45.0999 4488 usbvideo - ok
20:05:46.0029 4488 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:05:46.0037 4488 vdrvroot - ok
20:05:46.0064 4488 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:05:46.0080 4488 vga - ok
20:05:46.0104 4488 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:05:46.0165 4488 VgaSave - ok
20:05:46.0190 4488 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:05:46.0201 4488 vhdmp - ok
20:05:46.0238 4488 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:05:46.0263 4488 viaide - ok
20:05:46.0278 4488 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
20:05:46.0299 4488 vmbus - ok
20:05:46.0316 4488 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
20:05:46.0329 4488 VMBusHID - ok
20:05:46.0339 4488 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:05:46.0348 4488 volmgr - ok
20:05:46.0365 4488 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:05:46.0382 4488 volmgrx - ok
20:05:46.0395 4488 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:05:46.0407 4488 volsnap - ok
20:05:46.0509 4488 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
20:05:46.0540 4488 vsmraid - ok
20:05:46.0621 4488 VSPerfDrv100 (1928b9ca20f51bfbbad54d2c2c447b13) c:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys
20:05:46.0638 4488 VSPerfDrv100 - ok
20:05:46.0661 4488 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:05:46.0699 4488 vwifibus - ok
20:05:46.0718 4488 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:05:46.0736 4488 vwififlt - ok
20:05:46.0766 4488 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:05:46.0817 4488 vwifimp - ok
20:05:46.0858 4488 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
20:05:46.0908 4488 WacomPen - ok
20:05:46.0922 4488 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:05:46.0977 4488 WANARP - ok
20:05:46.0980 4488 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:05:47.0008 4488 Wanarpv6 - ok
20:05:47.0051 4488 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
20:05:47.0063 4488 Wd - ok
20:05:47.0088 4488 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:05:47.0106 4488 Wdf01000 - ok
20:05:47.0132 4488 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:05:47.0163 4488 WfpLwf - ok
20:05:47.0174 4488 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:05:47.0185 4488 WIMMount - ok
20:05:47.0237 4488 WinUSB (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
20:05:47.0286 4488 WinUSB - ok
20:05:47.0319 4488 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:05:47.0330 4488 WmiAcpi - ok
20:05:47.0350 4488 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:05:47.0399 4488 ws2ifsl - ok
20:05:47.0445 4488 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:05:47.0514 4488 WudfPf - ok
20:05:47.0617 4488 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:05:47.0694 4488 WUDFRd - ok
20:05:47.0735 4488 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
20:05:47.0907 4488 \Device\Harddisk0\DR0 - ok
20:05:47.0913 4488 Boot (0x1200) (260a9494911db1b7b5058801fb6873a5) \Device\Harddisk0\DR0\Partition0
20:05:47.0915 4488 \Device\Harddisk0\DR0\Partition0 - ok
20:05:47.0941 4488 Boot (0x1200) (18310cef097f1e1aa9cb4d94f358847a) \Device\Harddisk0\DR0\Partition1
20:05:47.0944 4488 \Device\Harddisk0\DR0\Partition1 - ok
20:05:47.0968 4488 Boot (0x1200) (ff1d2fb148ca8590bde3da11a5a497c7) \Device\Harddisk0\DR0\Partition2
20:05:47.0970 4488 \Device\Harddisk0\DR0\Partition2 - ok
20:05:47.0971 4488 ============================================================
20:05:47.0971 4488 Scan finished
20:05:47.0971 4488 ============================================================
20:05:47.0993 2568 Detected object count: 0
20:05:47.0993 2568 Actual detected object count: 0

3
Malwarebytes' Anti-Malware 1.51.2.1300
http://www.malwarebytes.org

Versión de la Base de Datos: 911122605

Windows 6.1.7601 Service Pack 1
Internet Explorer 8.0.7601.17514

26/12/2011 09:35:20 p.m.
mbam-log-2011-12-26 (21-35-11).txt

Tipos de Análisis: Análisis Completo (C:\|E:\|Q:\|)
Objetos examinados: 427395
Tiempo transcurrido: 1 hora(s), 9 minuto(s), 3 segundo(s)

Procesos en Memoria Infectados: 0
Módulos de Memoria Infectados: 0
Claves del Registro Infectadas: 0
Valores del Registro Infectados: 1
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Archivos Infectados: 11

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos de Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
(No se han detectado elementos maliciosos)

Valores del Registro Infectados:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer -> No action taken.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Archivos Infectados:
c:\$Recycle.Bin\s-1-5-21-3400664773-2186871817-1166603051-1000\$R6JP9HT.exe (PUP.BundleOffer.Downloader.S) -> No action taken.
c:\$Recycle.Bin\s-1-5-21-3400664773-2186871817-1166603051-1000\$RDWFL4H.exe (PUP.BundleOffer.Downloader.S) -> No action taken.
c:\program files (x86)\Cain\Abel64.exe (HackTool.Cain) -> No action taken.
c:\program files (x86)\Cain\Cain.exe (PUP.Passwordtool.Cain) -> No action taken.
c:\program files (x86)\electronic arts\battlefield bad company 2\rld-bbc2.exe (RiskWare.Tool.HCK) -> No action taken.
c:\Users\emiliano perez\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\SQ3EHVUO\2[1].exe (Trojan.Dropper.PE4) -> No action taken.
c:\Users\emiliano perez\AppData\LocalLow\Sun\Java\deployment\cache\6.0\15\5eccff8f-4851e6f1 (Trojan.FakeMS) -> No action taken.
c:\Users\emiliano perez\AppData\Roaming\wmplayer.exe (Trojan.Dropper.PE4) -> No action taken.
c:\Users\emiliano perez\AppData\Roaming\microsoft\4E54\7C28.tmp (Trojan.Dropper.PE4) -> No action taken.
c:\Users\emiliano perez\AppData\Roaming\microsoft\4E54\DA2.exe (Trojan.Dropper.PE4) -> No action taken.
c:\Users\emiliano perez\Desktop\rk_quarantine\da2.exe.vir (Trojan.Dropper.PE4) -> No action taken.


Muchisimas gracias por la ayuda

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Imposible activar el firewall

Mensajepor Souto » 27 Dic 2011, 09:16

Los datos d infección son poco relevantes.

Tu log HijackThis dice:

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe


Es una incidencia conocida el que la instalación del Tune-Up genera problemas con Restaurar sistema y con el Firewall. Justamente el tipo de problema (permisos) que tú tienes.

Desinstala el Tune Up, reinicia el equipo comprueba si el tema se ha solucionado.
De no se así le damos otra vuelta.


Saludos
Qui dove il mare luccica e tira forte il vento

san cherman
Usuario linuxero
Usuario linuxero
Mensajes: 14
Registrado: 26 Dic 2011, 21:58
Agradecido : 1 vez
Contactar:

Re: Imposible activar el firewall

Mensajepor san cherman » 28 Dic 2011, 00:35

Hola, bueno hice lo que me dijiste de desinstalar el tune up, reinicie, pero el problema persiste, es el mismo.
Que otra cosa podria hacer.
Muchas gracias por responder.

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Imposible activar el firewall

Mensajepor Souto » 28 Dic 2011, 10:10

1. Inicio>>Programas>>Accesorios>>ratón derecho sobre símbolo sistema>>ejecutar como administrador.
Ahí tecleas sucesivamente los comandos que siguen y das intro tras cada uno de ellos

netsh firewall show state
net stop mpssvc
net start mpssvc
netsh firewall reset



por último ratón derecho sobre el marco superior de esa ventana tipo MSDOS Editar>>Seleccionar todo, pulsas la tecla Intro y con esto ya lo tendrás copiado en el portapapeles. No tienes más que venir al foro>>Ratón derecho>>Pegar

2. Ejecuta esta herramienta y comprueba si se ha solucionado el problema:
http://support.microsoft.com/mats/windo ... stic/en-us




Saludos
Qui dove il mare luccica e tira forte il vento

san cherman
Usuario linuxero
Usuario linuxero
Mensajes: 14
Registrado: 26 Dic 2011, 21:58
Agradecido : 1 vez
Contactar:

Re: Imposible activar el firewall

Mensajepor san cherman » 29 Dic 2011, 02:05

Microsoft Windows [Versión 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Reservados todos los derechos.

C:\Windows\system32>netsh firewall show state

IMPORTANTE: "netsh firewall" está desusado;
use "netsh advfirewall firewall" en su lugar.
Para obtener información sobre el uso de los comandos
"netsh advfirewall firewall" en lugar de "netsh firewall", vea el artículo
947709 de Knowledge Base en la dirección
http://go.microsoft.com/fwlink/?linkid=121488.

El servidor RPC no está disponible.



C:\Windows\system32>net stop mpssvc
El servicio de Firewall de Windows no se ha iniciado.

Puede obtener más ayuda con el comando NET HELPMSG 3521.


C:\Windows\system32>net start mpssvc
Error de sistema 1068.

No se puede iniciar el servicio o grupo de dependencia.


C:\Windows\system32>netsh firewall reset

IMPORTANTE: "netsh firewall" está desusado;
use "netsh advfirewall firewall" en su lugar.
Para obtener información sobre el uso de los comandos
"netsh advfirewall firewall" en lugar de "netsh firewall", vea el artículo
947709 de Knowledge Base en la dirección
http://go.microsoft.com/fwlink/?linkid=121488.

No se ha iniciado el servicio.



C:\Windows\system32>


2
Imagen
El fixit lo corri y dice que el solucionador de problemas no esta disponible temporalmente

Avatar de Usuario
Souto
Usuario Bill Gates
Usuario Bill Gates
Mensajes: 10665
Registrado: 25 Feb 2008, 10:21
Ubicación: Galicia
Agradecido : 6 veces
Agradecimiento recibido: 647 veces
Contactar:

Re: Imposible activar el firewall

Mensajepor Souto » 29 Dic 2011, 09:59

Ejecuta como administrador los comandos que siguen y dime si hay alguna diferencia entre lo que yo obtengo y lo que te da a ti (los comandos van en azul)


Microsoft Windows [Versión 6.0.6002]
Copyright (c) 2006 Microsoft Corporation. Reservados todos los derechos.

C:\Windows\system32>sc qc rpcss
[SC] QueryServiceConfig CORRECTO

NOMBRE_SERVICIO: rpcss
TIPO : 20 WIN32_SHARE_PROCESS
TIPO_INICIO : 2 AUTO_START
CONTROL_ERROR : 1 NORMAL
NOMBRE_RUTA_BINARIO: C:\Windows\system32\svchost.exe -k rpcss
GRUPO_ORDEN_CARGA : COM Infrastructure
ETIQUETA : 0
NOMBRE_MOSTRAR : Llamada a procedimiento remoto (RPC)
DEPENDENCIAS : DcomLaunch
NOMBRE_INICIO_SERVICIO: NT AUTHORITY\NetworkService

C:\Windows\system32>net start rpcss
El servicio solicitado ya ha sido iniciado.

Puede obtener más ayuda con el comando NET HELPMSG 2182.


C:\Windows\system32>reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs
DisplayName REG_SZ @oleres.dll,-5010
Group REG_SZ COM Infrastructure
ImagePath REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k rpcss
Description REG_SZ @oleres.dll,-5011
ObjectName REG_SZ NT AUTHORITY\NetworkService
ErrorControl REG_DWORD 0x1
Start REG_DWORD 0x2
Type REG_DWORD 0x20
DependOnService REG_MULTI_SZ DcomLaunch
FailureActions REG_BINARY 00000000000000000000000001000000000000000200000060EA0000
RequiredPrivileges REG_MULTI_SZ SeChangeNotifyPrivilege\0SeCreateGlobalPrivilege\0SeImpersonatePrivilege
ServiceSidType REG_DWORD 0x1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs\Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs\Enum

C:\Windows\system32>








Saludos
Qui dove il mare luccica e tira forte il vento


Volver a “Windows 7”

¿Quién está conectado?

Usuarios navegando por este Foro: Yahoo [Bot] y 1 invitado