[Ayuda] Virus que no permite abrir msconfig, taskmgr, cmd, y no permite ejecutar en modo seguro.

Tema en 'Seguridad y Hacking' iniciado por Pensamientos, 4 Mar 2012.

< Tema Anterior | Siguiente Tema >
Página 1 de 2
  1. Pensamientos

    Pensamientos Usuario Nuevo nvl. 1
    17/41

    Registrado:
    23 Ene 2012
    Mensajes:
    31
    Me Gusta recibidos:
    0
    Hola amigos, hoy me encontre con que tenía un virus muy desagradable en mi pc: Comenzó cuando ponía un USB y mi antivirus detectaba muchas cosas como virus. Luego empeoró, ya que al hacer una revisión con él (avast! antivirus) encontré una cantidad bestial de amenazas, muchas de las cuales no parecían serlo. Entre estas "amenazas" habían archivos como "CCleaner.exe", "cmd.exe", "FacebookVideoCalling.exe", "notepad.exe" (2 veces), "photoshop.exe", "regedit.exe" (2 veces), "VisualVoyAdvance.exe", y un laaaaaaaaaaaaargo etc.

    Por lo demás, trate de ejecutar un antimalware que está disfrazado como "iExplorer.exe" y no me deja activarlo. Cuando ejecuté el Malwarebytes Anti-Malware muchas veces la alarma del antivirus saltaba indicando la presencia de amenazas.

    Cuando trataba de ejecutar componentes como el Administrador de tareas (desde Ctrl+Alt+Del y ejecutar como "taskmgr"), notepad, msconfig, cmd y quien sabe que más, no podía, ya que salía que dicho programa no existía.

    Ah, lo otro: Intente ejecutar windows en modo seguro apretando F8 al inicio del sistema, y no podia. Salía una pantalla azul que indicaba que tal vez el PC estaba infectado de virus.

    Me ha pasado que he tenido que instalar programas varias veces: Al ejecutarlos el antivirus los bloquea, pero al bajarlos denuevo y analizarlos (muchas veces de la misma página), no detecta amenaza alguna.

    Traté de restaurar el sistema y no lo pude arreglar. Espero que me puedan ayudar a erradicar este virus sin necesidad de formatear.

    Un saludo.
     
    #1 Pensamientos, 4 Mar 2012
  2. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Dependiendo de la familia del virus, este puede infectar los .exe dejandolos corruptos e inservibles, en este caso lo mejor es reinstalar el sistema operativo.

    Ahora, como posible solucion te recomiendo lo siguiente:

    Descarga este software (presiona donde dice Download now) y ejecutalo --> http://www.bleepingcomputer.com/download/anti-virus/combofix

    Si todo va bien ya deberias estar "limpio" y podrias correr un antivirus (en lo personal avira)

    Si el virus no te deja ejecutar el software, deberemos detener su proceso antes, para eso necesito mas información asi que de momento intenta bajar el software.

    Saludos
     
    #2 cfuentes.viera, 6 Mar 2012
  3. Something

    Something Usuario Nuevo nvl. 1
    17/41

    Registrado:
    25 Mar 2011
    Mensajes:
    699
    Me Gusta recibidos:
    2
    Malwarebytes, analisis intensivo, reiniciar y queda tikitaka.
     
    #3 Something, 6 Mar 2012
  4. Pensamientos

    Pensamientos Usuario Nuevo nvl. 1
    6/41

    Registrado:
    23 Ene 2012
    Mensajes:
    31
    Me Gusta recibidos:
    0
    Ejecuté el ComboFix... la primera vez cuando iba poco más de la mitad apareció el error de "windows (bla bla bla) Enviar/No Enviar... luego lo volvi a ejecutar, y se quedo pegado casi al final... copio y pego lo qe aparecio en el programa por si acaso:

    Output folder: C:\32788R22FWJFWDelete file: C:\32788R22FWJFW\023.dat
    Delete file: C:\32788R22FWJFW\023v.dat
    Delete file: C:\32788R22FWJFW\023w7.dat
    Delete file: C:\32788R22FWJFW\ActiveDrv.vbs
    Delete file: C:\32788R22FWJFW\AppDataFile.cfx
    Delete file: C:\32788R22FWJFW\AppDataFolder.cfx
    Delete file: C:\32788R22FWJFW\appinit.bad
    Delete file: C:\32788R22FWJFW\asp.str
    Delete file: C:\32788R22FWJFW\Assoc.cmd
    Delete file: C:\32788R22FWJFW\Auto-RC.cmd
    Delete file: C:\32788R22FWJFW\av.cmd
    Delete file: C:\32788R22FWJFW\av.vbs
    Delete file: C:\32788R22FWJFW\AWF.cmd
    Delete file: C:\32788R22FWJFW\badclsid.c
    Delete file: C:\32788R22FWJFW\BFE.dat
    Delete file: C:\32788R22FWJFW\Boot-Rk.cmd
    Delete file: C:\32788R22FWJFW\Boot.bat
    Delete file: C:\32788R22FWJFW\BootDrv.vbs
    Delete file: C:\32788R22FWJFW\c.bat
    Delete file: C:\32788R22FWJFW\Catch-sub.cmd
    Delete file: C:\32788R22FWJFW\catchme.3XE
    Delete file: C:\32788R22FWJFW\CF-Script.cmd
    Delete file: C:\32788R22FWJFW\clsid.c
    Delete file: C:\32788R22FWJFW\Combo-Fix.sys
    Delete file: C:\32788R22FWJFW\Combobatch.bat
    Delete file: C:\32788R22FWJFW\ComboFix-Download.3XE
    Delete file: C:\32788R22FWJFW\Create.cmd
    Delete file: C:\32788R22FWJFW\Creg.dat
    Delete file: C:\32788R22FWJFW\CregC.cmd
    Delete file: C:\32788R22FWJFW\CregC.dat
    Delete file: C:\32788R22FWJFW\dd.3XE
    Delete file: C:\32788R22FWJFW\ddsDo.sed
    Delete file: C:\32788R22FWJFW\DelClsid.bat
    Delete file: C:\32788R22FWJFW\DelClsid64.bat
    Delete file: C:\32788R22FWJFW\desktop.ini
    Delete file: C:\32788R22FWJFW\DesktopFile.cfx
    Delete file: C:\32788R22FWJFW\Dnl.dat
    Delete file: C:\32788R22FWJFW\DPF.str
    Delete file: C:\32788R22FWJFW\DrvRun.vbs
    Delete file: C:\32788R22FWJFW\dumphive.3XE
    Delete file: C:\32788R22FWJFW\embedded.sed
    Delete file: C:\32788R22FWJFW\EN-US\iexplore.exe
    Remove folder: C:\32788R22FWJFW\EN-US\
    Delete file: C:\32788R22FWJFW\ERDNT.e_e
    Delete file: C:\32788R22FWJFW\ERDNTDOS.LOC
    Delete file: C:\32788R22FWJFW\ERDNTWIN.LOC
    Delete file: C:\32788R22FWJFW\ERUNT.3XE
    Delete file: C:\32788R22FWJFW\ERUNT.LOC
    Delete file: C:\32788R22FWJFW\Exe.reg
    Delete file: C:\32788R22FWJFW\extract.3XE
    Delete file: C:\32788R22FWJFW\FavoriteFolder.cfx
    Delete file: C:\32788R22FWJFW\FavoritesFile.cfx
    Delete file: C:\32788R22FWJFW\FD-SV.cmd
    Delete file: C:\32788R22FWJFW\ffdefstr.dll
    Delete file: C:\32788R22FWJFW\FileKill.3XE
    Delete file: C:\32788R22FWJFW\files.pif
    Delete file: C:\32788R22FWJFW\Fin.dat
    Delete file: C:\32788R22FWJFW\FIND3M.bat
    Delete file: C:\32788R22FWJFW\firefox.exe
    Delete file: C:\32788R22FWJFW\FIXLSP.bat
    Delete file: C:\32788R22FWJFW\FKMGen.cmd
    Delete file: C:\32788R22FWJFW\GetHive.cmd
    Delete file: C:\32788R22FWJFW\grep.3XE
    Delete file: C:\32788R22FWJFW\gsar.3XE
    Delete file: C:\32788R22FWJFW\handle.3XE
    Delete file: C:\32788R22FWJFW\hidec.3XE
    Delete file: C:\32788R22FWJFW\history.bat
    Delete file: C:\32788R22FWJFW\hwid.pif
    Delete file: C:\32788R22FWJFW\iexplore.exe
    Delete file: C:\32788R22FWJFW\image001.gif
    Delete file: C:\32788R22FWJFW\Imefile.dat
    Delete file: C:\32788R22FWJFW\Install-RC.cmd
    Delete file: C:\32788R22FWJFW\katch.cmd
    Delete file: C:\32788R22FWJFW\Kill-All.cmd
    Delete file: C:\32788R22FWJFW\Ksvchost.vbs
    Delete file: C:\32788R22FWJFW\Lang.bat
    Delete file: C:\32788R22FWJFW\License\Curl - license.txt
    Delete file: C:\32788R22FWJFW\License\dumphive-license.txt
    Delete file: C:\32788R22FWJFW\License\EXTRACT.TXT
    Delete file: C:\32788R22FWJFW\License\FI - license.txt
    Delete file: C:\32788R22FWJFW\License\firefox.exe
    Delete file: C:\32788R22FWJFW\License\iexplore.exe
    Delete file: C:\32788R22FWJFW\License\mtee.txt
    Delete file: C:\32788R22FWJFW\License\ncmd.cfxxe
    Delete file: C:\32788R22FWJFW\License\pv_5_2_2.zip
    Delete file: C:\32788R22FWJFW\License\streamtools.zip
    Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.com
    Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.html
    Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.pif
    Delete file: C:\32788R22FWJFW\License\Zip - license.txt
    Remove folder: C:\32788R22FWJFW\License\
    Delete file: C:\32788R22FWJFW\List-B.bat
    Delete file: C:\32788R22FWJFW\List-C.bat
    Delete file: C:\32788R22FWJFW\List-D.bat
    Delete file: C:\32788R22FWJFW\List.bat
    Delete file: C:\32788R22FWJFW\lnkread.vbs
    Delete file: C:\32788R22FWJFW\LocalAppDataFile.cfx
    Delete file: C:\32788R22FWJFW\LocalAppDataFolder.cfx
    Delete file: C:\32788R22FWJFW\LocalService.dat
    Delete file: C:\32788R22FWJFW\LocalServiceNetworkRestricted.dat
    Delete file: C:\32788R22FWJFW\LocalSettingsFile.cfx
    Delete file: C:\32788R22FWJFW\LocalSystemNetworkRestricted.dat
    Delete file: C:\32788R22FWJFW\mbr.3XE
    Delete file: C:\32788R22FWJFW\mbr.chk
    Delete file: C:\32788R22FWJFW\md5sum.pif
    Delete file: C:\32788R22FWJFW\md5sum00.pif
    Delete file: C:\32788R22FWJFW\MoveIt.bat
    Delete file: C:\32788R22FWJFW\MpsSvc.dat
    Delete file: C:\32788R22FWJFW\mtee.3XE
    Delete file: C:\32788R22FWJFW\mynul.dat
    Delete file: C:\32788R22FWJFW\n.pif
    Delete file: C:\32788R22FWJFW\ncmd.com
    Delete file: C:\32788R22FWJFW\ndis_combofix.dat
    Delete file: C:\32788R22FWJFW\ND_.bat
    Delete file: C:\32788R22FWJFW\ND_64.bat
    Delete file: C:\32788R22FWJFW\netsvc.bad.dat
    Delete file: C:\32788R22FWJFW\netsvc.dat
    Delete file: C:\32788R22FWJFW\netsvc.vista.dat
    Delete file: C:\32788R22FWJFW\netsvc.xp.dat
    Delete file: C:\32788R22FWJFW\NetworkService.dat
    Delete file: C:\32788R22FWJFW\NirCmd.3XE
    Delete file: C:\32788R22FWJFW\NirCmd.chm
    Delete file: C:\32788R22FWJFW\NirCmdC.3XE
    Delete file: C:\32788R22FWJFW\NT-OS.cmd
    Remove folder: C:\32788R22FWJFW\N_\
    Delete file: C:\32788R22FWJFW\OSid.vbs
    Delete file: C:\32788R22FWJFW\P.cmd
    Delete file: C:\32788R22FWJFW\pausep.3XE
    Delete file: C:\32788R22FWJFW\PersonalFile.cfx
    Delete file: C:\32788R22FWJFW\PersonalFolder.cfx
    Delete file: C:\32788R22FWJFW\pev.3XE
    Delete file: C:\32788R22FWJFW\pevb.3XE
    Delete file: C:\32788R22FWJFW\Policies.dat
    Delete file: C:\32788R22FWJFW\powp.dat
    Delete file: C:\32788R22FWJFW\Prep.inf
    Delete file: C:\32788R22FWJFW\ProfilesFile.cfx
    Delete file: C:\32788R22FWJFW\ProfilesFolder.cfx
    Delete file: C:\32788R22FWJFW\ProgramsFile.cfx
    Delete file: C:\32788R22FWJFW\ProgramsFolder.cfx
    Delete file: C:\32788R22FWJFW\Purity.dat
    Delete file: C:\32788R22FWJFW\pv.com
    Delete file: C:\32788R22FWJFW\rar_sfx.cmd
    Delete file: C:\32788R22FWJFW\RCLink.dat
    Delete file: C:\32788R22FWJFW\REGDACL.sed
    Delete file: C:\32788R22FWJFW\RegDo.sed
    Delete file: C:\32788R22FWJFW\region.dat
    Delete file: C:\32788R22FWJFW\RegScan.cmd
    Delete file: C:\32788R22FWJFW\RegScan64.cmd
    Delete file: C:\32788R22FWJFW\restore_pt.vbs
    Delete file: C:\32788R22FWJFW\Rkey.cmd
    Delete file: C:\32788R22FWJFW\rmbr.3XE
    Delete file: C:\32788R22FWJFW\rogues.dat
    Delete file: C:\32788R22FWJFW\run2.sed
    Delete file: C:\32788R22FWJFW\Rust.str
    Delete file: C:\32788R22FWJFW\s0rt.3XE
    Delete file: C:\32788R22FWJFW\safeboot.dat
    Delete file: C:\32788R22FWJFW\safeboot.def.dat
    Delete file: C:\32788R22FWJFW\safeboot.def.vista.dat
    Delete file: C:\32788R22FWJFW\Safeboot.def.w7.dat
    Delete file: C:\32788R22FWJFW\sed.3XE
    Delete file: C:\32788R22FWJFW\SetEnvmt.bat
    Delete file: C:\32788R22FWJFW\setpath.3XE
    Delete file: C:\32788R22FWJFW\setpath_N.cmd
    Delete file: C:\32788R22FWJFW\SnapShot.cmd
    Delete file: C:\32788R22FWJFW\SRestore.cmd
    Delete file: C:\32788R22FWJFW\srizbi.md5
    Delete file: C:\32788R22FWJFW\StartMenuFile.cfx
    Delete file: C:\32788R22FWJFW\StartMenuFolder.cfx
    Delete file: C:\32788R22FWJFW\StartUpFile.cfx
    Delete file: C:\32788R22FWJFW\SuppScan.cmd
    Delete file: C:\32788R22FWJFW\SvcDrv.vbs
    Delete file: C:\32788R22FWJFW\svchost.dat
    Delete file: C:\32788R22FWJFW\svchost.vista.dat
    Delete file: C:\32788R22FWJFW\svchost.vista.x64.dat
    Delete file: C:\32788R22FWJFW\svchost.w7.dat
    Delete file: C:\32788R22FWJFW\svchost.w7.x64.dat
    Delete file: C:\32788R22FWJFW\svc_wht.dat
    Delete file: C:\32788R22FWJFW\swreg.3XE
    Delete file: C:\32788R22FWJFW\swsc.3XE
    Delete file: C:\32788R22FWJFW\swxcacls.3XE
    Delete file: C:\32788R22FWJFW\system_ini.dat
    Delete file: C:\32788R22FWJFW\tail.3XE
    Delete file: C:\32788R22FWJFW\TemplatesFile.cfx
    Delete file: C:\32788R22FWJFW\TemplatesFolder.cfx
    Delete file: C:\32788R22FWJFW\toolbar.sed
    Delete file: C:\32788R22FWJFW\Update-CF.cmd
    Delete file: C:\32788R22FWJFW\VBR.pif
    Delete file: C:\32788R22FWJFW\VInfo
    Delete file: C:\32788R22FWJFW\VInfo2
    Delete file: C:\32788R22FWJFW\VINFO3
    Delete file: C:\32788R22FWJFW\Vipev.dat
    Delete file: C:\32788R22FWJFW\vistaMcode.dat
    Delete file: C:\32788R22FWJFW\vistareg.dat
    Delete file: C:\32788R22FWJFW\vun.dat
    Delete file: C:\32788R22FWJFW\VwinTemp.dacl
    Delete file: C:\32788R22FWJFW\w7Mcode.dat
    Delete file: C:\32788R22FWJFW\w7reg.dat
    Delete file: C:\32788R22FWJFW\Wmi_rem.vbs
    Delete file: C:\32788R22FWJFW\w_sock.dll
    Delete file: C:\32788R22FWJFW\XP.mac
    Delete file: C:\32788R22FWJFW\xpmcode.dat
    Delete file: C:\32788R22FWJFW\xpreg.dat
    Delete file: C:\32788R22FWJFW\XPSBoot.reg
    Delete file: C:\32788R22FWJFW\zDomain.dat
    Delete file: C:\32788R22FWJFW\zhsvc.dat
    Delete file: C:\32788R22FWJFW\zip.3XE
    Extract: 023.dat
    Extract: 023v.dat
    Extract: 023w7.dat
    Extract: AWF.cmd
    Extract: ActiveDrv.vbs
    Extract: AppDataFile.cfx
    Extract: AppDataFolder.cfx
    Extract: Assoc.cmd
    Extract: Auto-RC.cmd
    Extract: BFE.dat
    Extract: Boot-Rk.cmd
    Extract: Boot.bat
    Extract: BootDrv.vbs
    Extract: CF-Script.cmd
    Extract: Catch-sub.cmd
    Extract: Combo-Fix.sys
    Extract: ComboFix-Download.3XE
    Extract: Combobatch.bat
    Extract: Create.cmd
    Extract: Creg.dat
    Extract: CregC.cmd
    Extract: CregC.dat
    Extract: DPF.str
    Extract: DelClsid.bat
    Extract: DelClsid64.bat
    Extract: DesktopFile.cfx
    Extract: Dnl.dat
    Extract: DrvRun.vbs
    Extract: ERDNT.e_e
    Extract: ERDNTDOS.LOC
    Extract: ERDNTWIN.LOC
    Extract: ERUNT.3XE
    Extract: ERUNT.LOC
    Extract: Exe.reg
    Extract: FD-SV.cmd
    Extract: FIND3M.bat
    Extract: FIXLSP.bat
    Extract: FKMGen.cmd
    Extract: FavoriteFolder.cfx
    Extract: FavoritesFile.cfx
    Extract: FileKill.3XE
    Extract: Fin.dat
    Extract: GetHive.cmd
    Extract: Imefile.dat
    Extract: Install-RC.cmd
    Extract: Kill-All.cmd
    Extract: Ksvchost.vbs
    Extract: Lang.bat
    Extract: List-B.bat
    Extract: List-C.bat
    Extract: List-D.bat
    Extract: List.bat
    Extract: LocalAppDataFile.cfx
    Extract: LocalAppDataFolder.cfx
    Extract: LocalService.dat
    Extract: LocalServiceNetworkRestricted.dat
    Extract: LocalSettingsFile.cfx
    Extract: LocalSystemNetworkRestricted.dat
    Extract: MoveIt.bat
    Extract: MpsSvc.dat
    Extract: ND_.bat
    Extract: ND_64.bat
    Extract: NT-OS.cmd
    Extract: NetworkService.dat
    Extract: NirCmd.3XE
    Extract: NirCmd.chm
    Extract: NirCmdC.3XE
    Extract: NirScript.dat
    Extract: OSid.vbs
    Extract: P.cmd
    Extract: PersonalFile.cfx
    Extract: PersonalFolder.cfx
    Extract: Policies.dat
    Extract: Prep.inf
    Extract: ProfilesFile.cfx
    Extract: ProfilesFolder.cfx
    Extract: ProgramsFile.cfx
    Extract: ProgramsFolder.cfx
    Extract: Purity.dat
    Extract: RCLink.dat
    Extract: REGDACL.sed
    Extract: RegDo.sed
    Extract: RegScan.cmd
    Extract: RegScan64.cmd
    Extract: Rkey.cmd
    Extract: Rust.str
    Extract: SRestore.cmd
    Extract: Safeboot.def.w7.dat
    Extract: SetEnvmt.bat
    Extract: SnapShot.cmd
    Extract: StartMenuFile.cfx
    Extract: StartMenuFolder.cfx
    Extract: StartUpFile.cfx
    Extract: SuppScan.cmd
    Extract: SvcDrv.vbs
    Extract: TemplatesFile.cfx
    Extract: TemplatesFolder.cfx
    Extract: Update-CF.cmd
    Extract: VBR.pif
    Extract: VINFO3
    Extract: VInfo
    Extract: VInfo2
    Extract: Vipev.dat
    Extract: VwinTemp.dacl
    Extract: Wmi_rem.vbs
    Extract: XPSBoot.reg
    Extract: appinit.bad
    Extract: asp.str
    Extract: av.cmd
    Extract: av.vbs
    Extract: badclsid.c
    Extract: c.bat
    Extract: catchme.3XE
    Extract: clsid.c
    Extract: dd.3XE
    Extract: ddsDo.sed
    Extract: dumphive.3XE
    Extract: embedded.sed
    Extract: extract.3XE
    Extract: ffdefstr.dll
    Extract: files.pif
    Extract: firefox.exe
    Extract: fl0.bat
    Extract: grep.3XE
    Extract: gsar.3XE
    Extract: handle.3XE
    Extract: hidec.3XE
    Extract: history.bat
    Extract: hwid.pif
    Extract: iexplore.exe
    Extract: image001.gif
    Extract: katch.cmd
    Extract: lnkread.vbs
    Extract: mbr.3XE
    Extract: mbr.chk
    Extract: md5sum.pif
    Extract: md5sum00.pif
    Extract: mtee.3XE
    Extract: mynul.dat
    Extract: n.pif
    Extract: ncmd.com
    Extract: ndis_combofix.dat
    Extract: netsvc.bad.dat
    Extract: netsvc.dat
    Extract: netsvc.vista.dat
    Extract: netsvc.xp.dat
    Extract: pausep.3XE
    Extract: pev.3XE
    Extract: pevb.3XE
    Extract: powp.dat
    Extract: pv.com
    Extract: region.dat
    Extract: restore_pt.vbs
    Extract: rmbr.3XE
    Extract: rogues.dat
    Extract: run2.sed
    Extract: s0rt.3XE
    Extract: safeboot.dat
    Extract: safeboot.def.dat
    Extract: safeboot.def.vista.dat
    Extract: sed.3XE
    Extract: setpath.3XE
    Extract: srizbi.md5
    Extract: svc_wht.dat
    Extract: svchost.dat
    Extract: svchost.vista.dat
    Extract: svchost.vista.x64.dat
    Extract: svchost.w7.dat
    Extract: svchost.w7.x64.dat
    Extract: swreg.3XE
    Extract: swsc.3XE
    Extract: swxcacls.3XE
    Extract: system_ini.dat
    Extract: tail.3XE
    Extract: toolbar.sed
    Extract: vistaMcode.dat
    Extract: vistareg.dat
    Extract: vun.dat
    Extract: w7Mcode.dat
    Extract: w7reg.dat
    Extract: w_sock.dll
    Extract: xpmcode.dat
    Extract: xpreg.dat
    Extract: zDomain.dat
    Extract: zhsvc.dat
    Extract: zip.3XE
    Output folder: C:\32788R22FWJFW\EN-US
    Extract: iexplore.exe
    Output folder: C:\32788R22FWJFW\License
    Extract: Curl - license.txt
    Extract: EXTRACT.TXT
    Extract: FI - license.txt
    Extract: UnxUtilsDist.com
    Extract: UnxUtilsDist.html
    Extract: UnxUtilsDist.pif
    Extract: Zip - license.txt
    Extract: dumphive-license.txt
    Extract: firefox.exe
    Extract: iexplore.exe
    Extract: mtee.txt
    Extract: ncmd.cfxxe
    Extract: pv_5_2_2.zip
    Extract: streamtools.zip
    Output folder: C:\32788R22FWJFW\N_
    Output folder: C:\32788R22FWJFW

    El Malwarebytes ya lo había usado... solo que en análisis rápido, y el antivirus que tengo salto un par de veces detectando en el Malwarebytes un elemento malicioso.
     
    #4 Pensamientos, 7 Mar 2012
  5. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Y como te funciona ahora el equipo? notas alguna mejora?

    Te elimino bastantes archivos infectados, trata de pasar un ccleanner y actualiza tu antivirus.

    Espero te haya funcionado, Saludos
     
    #5 cfuentes.viera, 7 Mar 2012
  6. Pensamientos

    Pensamientos Usuario Nuevo nvl. 1
    6/41

    Registrado:
    23 Ene 2012
    Mensajes:
    31
    Me Gusta recibidos:
    0
    En verdad no se ve ninguna mejora tangible. De todas formas, eché a correr un scanner completo con el Malwarebytes; hasta ahora lleva 2 objetos detectados... De todas formas, aún sigo sin poder activar el taskmgr, cmd, registro y esas cosas, el mismo mensaje de "windows no puede encontrar el archivo"... cuando termine el malwarebytes pasaré el ccleaner, pero que puedo hacer para recuperar el taskmgr y esas cosas?
    Muchas gracias por tu ayuda :)
     
    #6 Pensamientos, 7 Mar 2012
  7. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Si tienes un disco de Windows XP haz esto

    Cierra todos los programas
    Clic en "Menú Inicio", "Ejecutar".
    Escriba "sfc /scannow" (sin comillas) y presiona enter.
    Saldrá una ventana negra llamada: "Protección de archivos de Windows"
    Es probable que este te pida el CD de instalación.
     
    #7 cfuentes.viera, 7 Mar 2012
  8. Pensamientos

    Pensamientos Usuario Nuevo nvl. 1
    6/41

    Registrado:
    23 Ene 2012
    Mensajes:
    31
    Me Gusta recibidos:
    0
    Y no hay una forma de hacerlo sin el CD de instalación?
    Por lo demás, ayer hize un scanner completo con el Malwarebytes. Cuando terminó el scanner, el Avast dio 4 alertas de amezanas, todas tenían relación con el Malwarebytes. ¿Me recomiendas desinstalar el antivirus o qué?
     
    #8 Pensamientos, 8 Mar 2012
  9. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Esperame se me ocurre algo, pero debo instalar el XP en una maquina virtual ya que solo uso win 7. te tengo una respuesta en 2 hrs app

    Saludos
     
    #9 cfuentes.viera, 8 Mar 2012
  10. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Baja lo siguiente y ejecutalo

    http://cristianfuentes.cl/stuff/registro.reg

    Me comentas como te fue, lo otro lo que hicimos no mejora el rendimiento del sistema, si no que te limpia de virus.

    Respecto al Antivirus podrias bajar el Avira, almenos yo uso ese y me funciona bastante bien.

    Saludos
     
    #10 cfuentes.viera, 8 Mar 2012
  11. Pensamientos

    Pensamientos Usuario Nuevo nvl. 1
    6/41

    Registrado:
    23 Ene 2012
    Mensajes:
    31
    Me Gusta recibidos:
    0
    Lo bajé y lo ejecuté, pero igual no pude abrir el regedit desde ejecutar.

    De todas formas, pillé otra forma. Puse "regedit.exe" en el buscador de windows, y apareció un archivo denominado "48_regedit.exe" de igual forma, fui a la carpeta y encontré los archivos "60_taskmgr.exe", "9_cmd.exe" y todos los archivos que no podía abrir desde ejecutar.
    La carpeta donde encontré todos los archivos fue C:\WINDOWS\BricoPacks\SysFiles

    No sé si estos archivos en la carpeta se podran abrir desde ejecutar o aprovecharlos de alguna manera para recuperarlos.

    Saludos
     
    #11 Pensamientos, 9 Mar 2012
  12. cfuentes.viera

    cfuentes.viera Usuario Nuevo nvl. 1
    6/41

    Registrado:
    8 Abr 2011
    Mensajes:
    42
    Me Gusta recibidos:
    0
    Pero a ver... entendamos algo, no puedes abrir los archivos por que no se encuentran en el sistema o por que "estan bloqueados por el administrador" y los archivos que tienes en C:\WINDOWS\BricoPacks\SysFiles debes quitarle el numero y guion "60_" y copiarlos a C:\WINDOWS\

    Me cuentas
     
    #12 cfuentes.viera, 9 Mar 2012
(Tienes que entrar o registrarte para publicar acá.)
Página 1 de 2
< Tema Anterior | Siguiente Tema >
Toggle Width
Idioma
Español (LA)