Firewall

Miguelgrado · 20 Enero, 2019 20:18

Deberás desinstalar antes Zone Alarm

Luego realizas.

Bien… y ahora sigue estos pasos, MUY Importante ~ Realiza una copia de seguridad del registro :

Para hacerlo descarga Delfix en tu escritorio.
Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona "Ejecutar como Administrador.")
Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO
Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

En el equipo con los demas programas cerrados:

Inicio >>> Ejecutar >>>Escribes notepad.exe.

Ahora copia y pega estos archivos dentro del Notepad:


Start
CreateRestorePoint:
CloseProcesses:
GroupPolicyScripts: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-297820468-187987108-3971814952-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://ar.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10440__180401__yaie&p={searchTerms}
FF Extension: (Symantec Intrusion Prevention) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn [2013-07-01] [Legacy] [not signed]
FF Extension: (Norton Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_9_4 [2018-01-31] [Legacy] [not signed]
C:\ProgramData\Norton
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
S3 SRTSP; C:\windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-31] (Symantec Corporation)
R1 SRTSPX; C:\windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-31] (Symantec Corporation)
R0 SymDS; C:\windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2013-05-30] (Symantec Corporation)
R1 SymIRON; C:\windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
U3 iswSvc; no ImagePath
S3 MREMP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 MRESP50a64; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS [X]
2015-12-09 20:15 - 2015-12-09 20:15 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{0C213795-078D-4192-8894-E55995C86F03}
2017-10-10 19:28 - 2017-10-10 19:28 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{1B062759-EB48-49F3-B2F0-5D9F1C436E80}
2016-03-10 17:25 - 2016-03-10 17:25 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{21D525A5-8C07-4128-A2B6-8EC3B46EC8CF}
2018-01-08 17:16 - 2018-01-08 17:16 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{3A58E67E-862B-4E90-823E-5197843BC769}
2017-05-20 12:16 - 2017-05-20 12:16 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{5EB48E99-BDA6-4981-804B-541663771DA4}
2016-08-21 18:13 - 2016-08-21 18:13 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{61772A00-82B9-4566-89C5-A129FE1A29F1}
2016-08-15 18:40 - 2016-08-15 18:40 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{73AAB017-39E5-4760-931F-74F46E4382FB}
2017-12-16 03:49 - 2017-12-16 03:49 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{755D553A-D990-4308-8CF0-3B185F6AAA48}
2016-08-11 16:22 - 2016-08-11 16:22 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{76B708F8-A444-419C-A1FD-66445CD82DDA}
2018-01-10 12:26 - 2018-01-10 12:26 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{825BAD9F-632A-4ACA-BBE4-A78601F081B5}
2017-10-08 17:48 - 2017-10-08 17:48 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{8FE9FDF2-38C9-4CFB-9A5E-B776F0D0503A}
2017-12-17 05:40 - 2017-12-17 05:40 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{B046ABCE-230A-41BB-8BB2-CDD317710292}
2017-10-04 20:13 - 2017-10-04 20:13 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{BD67F23D-ED39-46CA-8427-6B75A51FFD32}
2016-04-12 12:18 - 2016-04-12 12:18 - 000000000 _____ () C:\Users\Gabriela\AppData\Local\{EF0593FD-B03E-477B-B3C2-90DA50F7002C}
ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\NavShExt.dll [2012-06-07] (Symantec Corporation)
ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files (x86)\Norton Internet Security\Engine64\18.7.2.3\NavShExt.dll [2012-06-07] (Symantec Corporation)
C:\Program Files (x86)\Norton Internet Security
Task: {07CB5A75-96E0-4D66-88C7-F2666F94077D} - no filepath
Task: {567AB5F6-7B7F-4D40-9CD6-07C0C881FB7A} - no filepath
Task: {6A02E356-8F73-4897-897D-24DF20596254} - no filepath
Task: {7403A64B-C5F5-45E1-9B83-6418BA37B83D} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
Task: {AA8B58E1-3E8D-42FD-A07E-0263B44DA802} - no filepath
Task: {9BB059FE-AF1E-413A-B70E-43D0368471A2} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
Task: {AA8B58E1-3E8D-42FD-A07E-0263B44DA802} - no filepath
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":
WMI:subscription\__EventFilter->BVTFilter:
WMI:subscription\CommandLineEventConsumer->BVTConsumer:
ShortcutWithArgument: C:\Users\Gabriela\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_blpcfgokakmgnkcojhhkbfbldkacnbeo\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=blpcfgokakmgnkcojhhkbfbldkacnbeo
ShortcutWithArgument: C:\Users\Gabriela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js\Node.js command prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /k "C:\Program Files (x86)\nodejs\nodevars.bat"
ShortcutWithArgument: C:\Users\Gabriela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
AlternateDataStreams: C:\ProgramData:NT [40]
AlternateDataStreams: C:\ProgramData:NT2 [322]
AlternateDataStreams: C:\Users\All Users:NT [40]
AlternateDataStreams: C:\Users\All Users:NT2 [322]
AlternateDataStreams: C:\ProgramData\Application Data:NT [40]
AlternateDataStreams: C:\ProgramData\Application Data:NT2 [322]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT [40]
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2 [322]
AlternateDataStreams: C:\Users\Gabriela\Datos de programa:NT [40]
AlternateDataStreams: C:\Users\Gabriela\Datos de programa:NT2 [322]
AlternateDataStreams: C:\Users\Gabriela\AppData\Roaming:NT [40]
AlternateDataStreams: C:\Users\Gabriela\AppData\Roaming:NT2 [322]



HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Lo guardas bajo el nombre de fixlist.txt en el escritorio <<< Esto es muy importante.<<

Nota: Es importante que la Hta Frst.exe y fixlist.txt se encuentren en la misma ubicación (escritorio) o si no no trabajara.

Y ahora usa esta Faq de Windows[SIZE=2][COLOR=#006400][B] https://forospyware.com/t/como-iniciar-el-pc-en-modo-a-prueba-de-fallos/162[/B][/COLOR][/SIZE], para trabajar desde ese modo de windows
Ejecutas Frst.exe.
Presionas el botón Fix y aguardas a que termine.
La Herramienta guardara el reporte en tu escritorio (Fixlog.txt).

Lo pegas en tu próxima respuesta, comentado como va el problema