[Ayuda] Virus que no permite abrir msconfig, taskmgr, cmd, y no permite ejecutar en modo seguro.

Pensamientos

Pensamientos

Usuario Nuevo nvl. 1
23 Ene 2012
30
0
6
NULL
Hola amigos, hoy me encontre con que tenía un virus muy desagradable en mi pc: Comenzó cuando ponía un USB y mi antivirus detectaba muchas cosas como virus. Luego empeoró, ya que al hacer una revisión con él (avast! antivirus) encontré una cantidad bestial de amenazas, muchas de las cuales no parecían serlo. Entre estas "amenazas" habían archivos como "CCleaner.exe", "cmd.exe", "FacebookVideoCalling.exe", "notepad.exe" (2 veces), "photoshop.exe", "regedit.exe" (2 veces), "VisualVoyAdvance.exe", y un laaaaaaaaaaaaargo etc.

Por lo demás, trate de ejecutar un antimalware que está disfrazado como "iExplorer.exe" y no me deja activarlo. Cuando ejecuté el Malwarebytes Anti-Malware muchas veces la alarma del antivirus saltaba indicando la presencia de amenazas.

Cuando trataba de ejecutar componentes como el Administrador de tareas (desde Ctrl+Alt+Del y ejecutar como "taskmgr"), notepad, msconfig, cmd y quien sabe que más, no podía, ya que salía que dicho programa no existía.

Ah, lo otro: Intente ejecutar windows en modo seguro apretando F8 al inicio del sistema, y no podia. Salía una pantalla azul que indicaba que tal vez el PC estaba infectado de virus.

Me ha pasado que he tenido que instalar programas varias veces: Al ejecutarlos el antivirus los bloquea, pero al bajarlos denuevo y analizarlos (muchas veces de la misma página), no detecta amenaza alguna.

Traté de restaurar el sistema y no lo pude arreglar. Espero que me puedan ayudar a erradicar este virus sin necesidad de formatear.

Un saludo.
 
Dependiendo de la familia del virus, este puede infectar los .exe dejandolos corruptos e inservibles, en este caso lo mejor es reinstalar el sistema operativo.

Ahora, como posible solucion te recomiendo lo siguiente:

Descarga este software (presiona donde dice Download now) y ejecutalo --> http://www.bleepingcomputer.com/download/anti-virus/combofix

Si todo va bien ya deberias estar "limpio" y podrias correr un antivirus (en lo personal avira)

Si el virus no te deja ejecutar el software, deberemos detener su proceso antes, para eso necesito mas información asi que de momento intenta bajar el software.

Saludos
 
cfuentes.viera dijo:
Dependiendo de la familia del virus, este puede infectar los .exe dejandolos corruptos e inservibles, en este caso lo mejor es reinstalar el sistema operativo.

Ahora, como posible solucion te recomiendo lo siguiente:

Descarga este software (presiona donde dice Download now) y ejecutalo --> http://www.bleepingcomputer.com/download/anti-virus/combofix

Si todo va bien ya deberias estar "limpio" y podrias correr un antivirus (en lo personal avira)

Si el virus no te deja ejecutar el software, deberemos detener su proceso antes, para eso necesito mas información asi que de momento intenta bajar el software.

Saludos
Haz clic para expandir...
Ejecuté el ComboFix... la primera vez cuando iba poco más de la mitad apareció el error de "windows (bla bla bla) Enviar/No Enviar... luego lo volvi a ejecutar, y se quedo pegado casi al final... copio y pego lo qe aparecio en el programa por si acaso:

Output folder: C:\32788R22FWJFWDelete file: C:\32788R22FWJFW\023.dat
Delete file: C:\32788R22FWJFW\023v.dat
Delete file: C:\32788R22FWJFW\023w7.dat
Delete file: C:\32788R22FWJFW\ActiveDrv.vbs
Delete file: C:\32788R22FWJFW\AppDataFile.cfx
Delete file: C:\32788R22FWJFW\AppDataFolder.cfx
Delete file: C:\32788R22FWJFW\appinit.bad
Delete file: C:\32788R22FWJFW\asp.str
Delete file: C:\32788R22FWJFW\Assoc.cmd
Delete file: C:\32788R22FWJFW\Auto-RC.cmd
Delete file: C:\32788R22FWJFW\av.cmd
Delete file: C:\32788R22FWJFW\av.vbs
Delete file: C:\32788R22FWJFW\AWF.cmd
Delete file: C:\32788R22FWJFW\badclsid.c
Delete file: C:\32788R22FWJFW\BFE.dat
Delete file: C:\32788R22FWJFW\Boot-Rk.cmd
Delete file: C:\32788R22FWJFW\Boot.bat
Delete file: C:\32788R22FWJFW\BootDrv.vbs
Delete file: C:\32788R22FWJFW\c.bat
Delete file: C:\32788R22FWJFW\Catch-sub.cmd
Delete file: C:\32788R22FWJFW\catchme.3XE
Delete file: C:\32788R22FWJFW\CF-Script.cmd
Delete file: C:\32788R22FWJFW\clsid.c
Delete file: C:\32788R22FWJFW\Combo-Fix.sys
Delete file: C:\32788R22FWJFW\Combobatch.bat
Delete file: C:\32788R22FWJFW\ComboFix-Download.3XE
Delete file: C:\32788R22FWJFW\Create.cmd
Delete file: C:\32788R22FWJFW\Creg.dat
Delete file: C:\32788R22FWJFW\CregC.cmd
Delete file: C:\32788R22FWJFW\CregC.dat
Delete file: C:\32788R22FWJFW\dd.3XE
Delete file: C:\32788R22FWJFW\ddsDo.sed
Delete file: C:\32788R22FWJFW\DelClsid.bat
Delete file: C:\32788R22FWJFW\DelClsid64.bat
Delete file: C:\32788R22FWJFW\desktop.ini
Delete file: C:\32788R22FWJFW\DesktopFile.cfx
Delete file: C:\32788R22FWJFW\Dnl.dat
Delete file: C:\32788R22FWJFW\DPF.str
Delete file: C:\32788R22FWJFW\DrvRun.vbs
Delete file: C:\32788R22FWJFW\dumphive.3XE
Delete file: C:\32788R22FWJFW\embedded.sed
Delete file: C:\32788R22FWJFW\EN-US\iexplore.exe
Remove folder: C:\32788R22FWJFW\EN-US\
Delete file: C:\32788R22FWJFW\ERDNT.e_e
Delete file: C:\32788R22FWJFW\ERDNTDOS.LOC
Delete file: C:\32788R22FWJFW\ERDNTWIN.LOC
Delete file: C:\32788R22FWJFW\ERUNT.3XE
Delete file: C:\32788R22FWJFW\ERUNT.LOC
Delete file: C:\32788R22FWJFW\Exe.reg
Delete file: C:\32788R22FWJFW\extract.3XE
Delete file: C:\32788R22FWJFW\FavoriteFolder.cfx
Delete file: C:\32788R22FWJFW\FavoritesFile.cfx
Delete file: C:\32788R22FWJFW\FD-SV.cmd
Delete file: C:\32788R22FWJFW\ffdefstr.dll
Delete file: C:\32788R22FWJFW\FileKill.3XE
Delete file: C:\32788R22FWJFW\files.pif
Delete file: C:\32788R22FWJFW\Fin.dat
Delete file: C:\32788R22FWJFW\FIND3M.bat
Delete file: C:\32788R22FWJFW\firefox.exe
Delete file: C:\32788R22FWJFW\FIXLSP.bat
Delete file: C:\32788R22FWJFW\FKMGen.cmd
Delete file: C:\32788R22FWJFW\GetHive.cmd
Delete file: C:\32788R22FWJFW\grep.3XE
Delete file: C:\32788R22FWJFW\gsar.3XE
Delete file: C:\32788R22FWJFW\handle.3XE
Delete file: C:\32788R22FWJFW\hidec.3XE
Delete file: C:\32788R22FWJFW\history.bat
Delete file: C:\32788R22FWJFW\hwid.pif
Delete file: C:\32788R22FWJFW\iexplore.exe
Delete file: C:\32788R22FWJFW\image001.gif
Delete file: C:\32788R22FWJFW\Imefile.dat
Delete file: C:\32788R22FWJFW\Install-RC.cmd
Delete file: C:\32788R22FWJFW\katch.cmd
Delete file: C:\32788R22FWJFW\Kill-All.cmd
Delete file: C:\32788R22FWJFW\Ksvchost.vbs
Delete file: C:\32788R22FWJFW\Lang.bat
Delete file: C:\32788R22FWJFW\License\Curl - license.txt
Delete file: C:\32788R22FWJFW\License\dumphive-license.txt
Delete file: C:\32788R22FWJFW\License\EXTRACT.TXT
Delete file: C:\32788R22FWJFW\License\FI - license.txt
Delete file: C:\32788R22FWJFW\License\firefox.exe
Delete file: C:\32788R22FWJFW\License\iexplore.exe
Delete file: C:\32788R22FWJFW\License\mtee.txt
Delete file: C:\32788R22FWJFW\License\ncmd.cfxxe
Delete file: C:\32788R22FWJFW\License\pv_5_2_2.zip
Delete file: C:\32788R22FWJFW\License\streamtools.zip
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.com
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.html
Delete file: C:\32788R22FWJFW\License\UnxUtilsDist.pif
Delete file: C:\32788R22FWJFW\License\Zip - license.txt
Remove folder: C:\32788R22FWJFW\License\
Delete file: C:\32788R22FWJFW\List-B.bat
Delete file: C:\32788R22FWJFW\List-C.bat
Delete file: C:\32788R22FWJFW\List-D.bat
Delete file: C:\32788R22FWJFW\List.bat
Delete file: C:\32788R22FWJFW\lnkread.vbs
Delete file: C:\32788R22FWJFW\LocalAppDataFile.cfx
Delete file: C:\32788R22FWJFW\LocalAppDataFolder.cfx
Delete file: C:\32788R22FWJFW\LocalService.dat
Delete file: C:\32788R22FWJFW\LocalServiceNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\LocalSettingsFile.cfx
Delete file: C:\32788R22FWJFW\LocalSystemNetworkRestricted.dat
Delete file: C:\32788R22FWJFW\mbr.3XE
Delete file: C:\32788R22FWJFW\mbr.chk
Delete file: C:\32788R22FWJFW\md5sum.pif
Delete file: C:\32788R22FWJFW\md5sum00.pif
Delete file: C:\32788R22FWJFW\MoveIt.bat
Delete file: C:\32788R22FWJFW\MpsSvc.dat
Delete file: C:\32788R22FWJFW\mtee.3XE
Delete file: C:\32788R22FWJFW\mynul.dat
Delete file: C:\32788R22FWJFW\n.pif
Delete file: C:\32788R22FWJFW\ncmd.com
Delete file: C:\32788R22FWJFW\ndis_combofix.dat
Delete file: C:\32788R22FWJFW\ND_.bat
Delete file: C:\32788R22FWJFW\ND_64.bat
Delete file: C:\32788R22FWJFW\netsvc.bad.dat
Delete file: C:\32788R22FWJFW\netsvc.dat
Delete file: C:\32788R22FWJFW\netsvc.vista.dat
Delete file: C:\32788R22FWJFW\netsvc.xp.dat
Delete file: C:\32788R22FWJFW\NetworkService.dat
Delete file: C:\32788R22FWJFW\NirCmd.3XE
Delete file: C:\32788R22FWJFW\NirCmd.chm
Delete file: C:\32788R22FWJFW\NirCmdC.3XE
Delete file: C:\32788R22FWJFW\NT-OS.cmd
Remove folder: C:\32788R22FWJFW\N_\
Delete file: C:\32788R22FWJFW\OSid.vbs
Delete file: C:\32788R22FWJFW\P.cmd
Delete file: C:\32788R22FWJFW\pausep.3XE
Delete file: C:\32788R22FWJFW\PersonalFile.cfx
Delete file: C:\32788R22FWJFW\PersonalFolder.cfx
Delete file: C:\32788R22FWJFW\pev.3XE
Delete file: C:\32788R22FWJFW\pevb.3XE
Delete file: C:\32788R22FWJFW\Policies.dat
Delete file: C:\32788R22FWJFW\powp.dat
Delete file: C:\32788R22FWJFW\Prep.inf
Delete file: C:\32788R22FWJFW\ProfilesFile.cfx
Delete file: C:\32788R22FWJFW\ProfilesFolder.cfx
Delete file: C:\32788R22FWJFW\ProgramsFile.cfx
Delete file: C:\32788R22FWJFW\ProgramsFolder.cfx
Delete file: C:\32788R22FWJFW\Purity.dat
Delete file: C:\32788R22FWJFW\pv.com
Delete file: C:\32788R22FWJFW\rar_sfx.cmd
Delete file: C:\32788R22FWJFW\RCLink.dat
Delete file: C:\32788R22FWJFW\REGDACL.sed
Delete file: C:\32788R22FWJFW\RegDo.sed
Delete file: C:\32788R22FWJFW\region.dat
Delete file: C:\32788R22FWJFW\RegScan.cmd
Delete file: C:\32788R22FWJFW\RegScan64.cmd
Delete file: C:\32788R22FWJFW\restore_pt.vbs
Delete file: C:\32788R22FWJFW\Rkey.cmd
Delete file: C:\32788R22FWJFW\rmbr.3XE
Delete file: C:\32788R22FWJFW\rogues.dat
Delete file: C:\32788R22FWJFW\run2.sed
Delete file: C:\32788R22FWJFW\Rust.str
Delete file: C:\32788R22FWJFW\s0rt.3XE
Delete file: C:\32788R22FWJFW\safeboot.dat
Delete file: C:\32788R22FWJFW\safeboot.def.dat
Delete file: C:\32788R22FWJFW\safeboot.def.vista.dat
Delete file: C:\32788R22FWJFW\Safeboot.def.w7.dat
Delete file: C:\32788R22FWJFW\sed.3XE
Delete file: C:\32788R22FWJFW\SetEnvmt.bat
Delete file: C:\32788R22FWJFW\setpath.3XE
Delete file: C:\32788R22FWJFW\setpath_N.cmd
Delete file: C:\32788R22FWJFW\SnapShot.cmd
Delete file: C:\32788R22FWJFW\SRestore.cmd
Delete file: C:\32788R22FWJFW\srizbi.md5
Delete file: C:\32788R22FWJFW\StartMenuFile.cfx
Delete file: C:\32788R22FWJFW\StartMenuFolder.cfx
Delete file: C:\32788R22FWJFW\StartUpFile.cfx
Delete file: C:\32788R22FWJFW\SuppScan.cmd
Delete file: C:\32788R22FWJFW\SvcDrv.vbs
Delete file: C:\32788R22FWJFW\svchost.dat
Delete file: C:\32788R22FWJFW\svchost.vista.dat
Delete file: C:\32788R22FWJFW\svchost.vista.x64.dat
Delete file: C:\32788R22FWJFW\svchost.w7.dat
Delete file: C:\32788R22FWJFW\svchost.w7.x64.dat
Delete file: C:\32788R22FWJFW\svc_wht.dat
Delete file: C:\32788R22FWJFW\swreg.3XE
Delete file: C:\32788R22FWJFW\swsc.3XE
Delete file: C:\32788R22FWJFW\swxcacls.3XE
Delete file: C:\32788R22FWJFW\system_ini.dat
Delete file: C:\32788R22FWJFW\tail.3XE
Delete file: C:\32788R22FWJFW\TemplatesFile.cfx
Delete file: C:\32788R22FWJFW\TemplatesFolder.cfx
Delete file: C:\32788R22FWJFW\toolbar.sed
Delete file: C:\32788R22FWJFW\Update-CF.cmd
Delete file: C:\32788R22FWJFW\VBR.pif
Delete file: C:\32788R22FWJFW\VInfo
Delete file: C:\32788R22FWJFW\VInfo2
Delete file: C:\32788R22FWJFW\VINFO3
Delete file: C:\32788R22FWJFW\Vipev.dat
Delete file: C:\32788R22FWJFW\vistaMcode.dat
Delete file: C:\32788R22FWJFW\vistareg.dat
Delete file: C:\32788R22FWJFW\vun.dat
Delete file: C:\32788R22FWJFW\VwinTemp.dacl
Delete file: C:\32788R22FWJFW\w7Mcode.dat
Delete file: C:\32788R22FWJFW\w7reg.dat
Delete file: C:\32788R22FWJFW\Wmi_rem.vbs
Delete file: C:\32788R22FWJFW\w_sock.dll
Delete file: C:\32788R22FWJFW\XP.mac
Delete file: C:\32788R22FWJFW\xpmcode.dat
Delete file: C:\32788R22FWJFW\xpreg.dat
Delete file: C:\32788R22FWJFW\XPSBoot.reg
Delete file: C:\32788R22FWJFW\zDomain.dat
Delete file: C:\32788R22FWJFW\zhsvc.dat
Delete file: C:\32788R22FWJFW\zip.3XE
Extract: 023.dat
Extract: 023v.dat
Extract: 023w7.dat
Extract: AWF.cmd
Extract: ActiveDrv.vbs
Extract: AppDataFile.cfx
Extract: AppDataFolder.cfx
Extract: Assoc.cmd
Extract: Auto-RC.cmd
Extract: BFE.dat
Extract: Boot-Rk.cmd
Extract: Boot.bat
Extract: BootDrv.vbs
Extract: CF-Script.cmd
Extract: Catch-sub.cmd
Extract: Combo-Fix.sys
Extract: ComboFix-Download.3XE
Extract: Combobatch.bat
Extract: Create.cmd
Extract: Creg.dat
Extract: CregC.cmd
Extract: CregC.dat
Extract: DPF.str
Extract: DelClsid.bat
Extract: DelClsid64.bat
Extract: DesktopFile.cfx
Extract: Dnl.dat
Extract: DrvRun.vbs
Extract: ERDNT.e_e
Extract: ERDNTDOS.LOC
Extract: ERDNTWIN.LOC
Extract: ERUNT.3XE
Extract: ERUNT.LOC
Extract: Exe.reg
Extract: FD-SV.cmd
Extract: FIND3M.bat
Extract: FIXLSP.bat
Extract: FKMGen.cmd
Extract: FavoriteFolder.cfx
Extract: FavoritesFile.cfx
Extract: FileKill.3XE
Extract: Fin.dat
Extract: GetHive.cmd
Extract: Imefile.dat
Extract: Install-RC.cmd
Extract: Kill-All.cmd
Extract: Ksvchost.vbs
Extract: Lang.bat
Extract: List-B.bat
Extract: List-C.bat
Extract: List-D.bat
Extract: List.bat
Extract: LocalAppDataFile.cfx
Extract: LocalAppDataFolder.cfx
Extract: LocalService.dat
Extract: LocalServiceNetworkRestricted.dat
Extract: LocalSettingsFile.cfx
Extract: LocalSystemNetworkRestricted.dat
Extract: MoveIt.bat
Extract: MpsSvc.dat
Extract: ND_.bat
Extract: ND_64.bat
Extract: NT-OS.cmd
Extract: NetworkService.dat
Extract: NirCmd.3XE
Extract: NirCmd.chm
Extract: NirCmdC.3XE
Extract: NirScript.dat
Extract: OSid.vbs
Extract: P.cmd
Extract: PersonalFile.cfx
Extract: PersonalFolder.cfx
Extract: Policies.dat
Extract: Prep.inf
Extract: ProfilesFile.cfx
Extract: ProfilesFolder.cfx
Extract: ProgramsFile.cfx
Extract: ProgramsFolder.cfx
Extract: Purity.dat
Extract: RCLink.dat
Extract: REGDACL.sed
Extract: RegDo.sed
Extract: RegScan.cmd
Extract: RegScan64.cmd
Extract: Rkey.cmd
Extract: Rust.str
Extract: SRestore.cmd
Extract: Safeboot.def.w7.dat
Extract: SetEnvmt.bat
Extract: SnapShot.cmd
Extract: StartMenuFile.cfx
Extract: StartMenuFolder.cfx
Extract: StartUpFile.cfx
Extract: SuppScan.cmd
Extract: SvcDrv.vbs
Extract: TemplatesFile.cfx
Extract: TemplatesFolder.cfx
Extract: Update-CF.cmd
Extract: VBR.pif
Extract: VINFO3
Extract: VInfo
Extract: VInfo2
Extract: Vipev.dat
Extract: VwinTemp.dacl
Extract: Wmi_rem.vbs
Extract: XPSBoot.reg
Extract: appinit.bad
Extract: asp.str
Extract: av.cmd
Extract: av.vbs
Extract: badclsid.c
Extract: c.bat
Extract: catchme.3XE
Extract: clsid.c
Extract: dd.3XE
Extract: ddsDo.sed
Extract: dumphive.3XE
Extract: embedded.sed
Extract: extract.3XE
Extract: ffdefstr.dll
Extract: files.pif
Extract: firefox.exe
Extract: fl0.bat
Extract: grep.3XE
Extract: gsar.3XE
Extract: handle.3XE
Extract: hidec.3XE
Extract: history.bat
Extract: hwid.pif
Extract: iexplore.exe
Extract: image001.gif
Extract: katch.cmd
Extract: lnkread.vbs
Extract: mbr.3XE
Extract: mbr.chk
Extract: md5sum.pif
Extract: md5sum00.pif
Extract: mtee.3XE
Extract: mynul.dat
Extract: n.pif
Extract: ncmd.com
Extract: ndis_combofix.dat
Extract: netsvc.bad.dat
Extract: netsvc.dat
Extract: netsvc.vista.dat
Extract: netsvc.xp.dat
Extract: pausep.3XE
Extract: pev.3XE
Extract: pevb.3XE
Extract: powp.dat
Extract: pv.com
Extract: region.dat
Extract: restore_pt.vbs
Extract: rmbr.3XE
Extract: rogues.dat
Extract: run2.sed
Extract: s0rt.3XE
Extract: safeboot.dat
Extract: safeboot.def.dat
Extract: safeboot.def.vista.dat
Extract: sed.3XE
Extract: setpath.3XE
Extract: srizbi.md5
Extract: svc_wht.dat
Extract: svchost.dat
Extract: svchost.vista.dat
Extract: svchost.vista.x64.dat
Extract: svchost.w7.dat
Extract: svchost.w7.x64.dat
Extract: swreg.3XE
Extract: swsc.3XE
Extract: swxcacls.3XE
Extract: system_ini.dat
Extract: tail.3XE
Extract: toolbar.sed
Extract: vistaMcode.dat
Extract: vistareg.dat
Extract: vun.dat
Extract: w7Mcode.dat
Extract: w7reg.dat
Extract: w_sock.dll
Extract: xpmcode.dat
Extract: xpreg.dat
Extract: zDomain.dat
Extract: zhsvc.dat
Extract: zip.3XE
Output folder: C:\32788R22FWJFW\EN-US
Extract: iexplore.exe
Output folder: C:\32788R22FWJFW\License
Extract: Curl - license.txt
Extract: EXTRACT.TXT
Extract: FI - license.txt
Extract: UnxUtilsDist.com
Extract: UnxUtilsDist.html
Extract: UnxUtilsDist.pif
Extract: Zip - license.txt
Extract: dumphive-license.txt
Extract: firefox.exe
Extract: iexplore.exe
Extract: mtee.txt
Extract: ncmd.cfxxe
Extract: pv_5_2_2.zip
Extract: streamtools.zip
Output folder: C:\32788R22FWJFW\N_
Output folder: C:\32788R22FWJFW

Something dijo:
Malwarebytes, analisis intensivo, reiniciar y queda tikitaka.
Haz clic para expandir...
El Malwarebytes ya lo había usado... solo que en análisis rápido, y el antivirus que tengo salto un par de veces detectando en el Malwarebytes un elemento malicioso.
 
Y como te funciona ahora el equipo? notas alguna mejora?

Te elimino bastantes archivos infectados, trata de pasar un ccleanner y actualiza tu antivirus.

Espero te haya funcionado, Saludos
 
cfuentes.viera dijo:
Y como te funciona ahora el equipo? notas alguna mejora?

Te elimino bastantes archivos infectados, trata de pasar un ccleanner y actualiza tu antivirus.

Espero te haya funcionado, Saludos
Haz clic para expandir...

En verdad no se ve ninguna mejora tangible. De todas formas, eché a correr un scanner completo con el Malwarebytes; hasta ahora lleva 2 objetos detectados... De todas formas, aún sigo sin poder activar el taskmgr, cmd, registro y esas cosas, el mismo mensaje de "windows no puede encontrar el archivo"... cuando termine el malwarebytes pasaré el ccleaner, pero que puedo hacer para recuperar el taskmgr y esas cosas?
Muchas gracias por tu ayuda :)
 
Si tienes un disco de Windows XP haz esto

Cierra todos los programas
Clic en "Menú Inicio", "Ejecutar".
Escriba "sfc /scannow" (sin comillas) y presiona enter.
Saldrá una ventana negra llamada: "Protección de archivos de Windows"
Es probable que este te pida el CD de instalación.
 
cfuentes.viera dijo:
Si tienes un disco de Windows XP haz esto

Cierra todos los programas
Clic en "Menú Inicio", "Ejecutar".
Escriba "sfc /scannow" (sin comillas) y presiona enter.
Saldrá una ventana negra llamada: "Protección de archivos de Windows"
Es probable que este te pida el CD de instalación.
Haz clic para expandir...

Y no hay una forma de hacerlo sin el CD de instalación?
Por lo demás, ayer hize un scanner completo con el Malwarebytes. Cuando terminó el scanner, el Avast dio 4 alertas de amezanas, todas tenían relación con el Malwarebytes. ¿Me recomiendas desinstalar el antivirus o qué?
 
Esperame se me ocurre algo, pero debo instalar el XP en una maquina virtual ya que solo uso win 7. te tengo una respuesta en 2 hrs app

Saludos
 
cfuentes.viera dijo:
Baja lo siguiente y ejecutalo

http://cristianfuentes.cl/stuff/registro.reg

Me comentas como te fue, lo otro lo que hicimos no mejora el rendimiento del sistema, si no que te limpia de virus.

Respecto al Antivirus podrias bajar el Avira, almenos yo uso ese y me funciona bastante bien.

Saludos
Haz clic para expandir...

Lo bajé y lo ejecuté, pero igual no pude abrir el regedit desde ejecutar.

De todas formas, pillé otra forma. Puse "regedit.exe" en el buscador de windows, y apareció un archivo denominado "48_regedit.exe" de igual forma, fui a la carpeta y encontré los archivos "60_taskmgr.exe", "9_cmd.exe" y todos los archivos que no podía abrir desde ejecutar.
La carpeta donde encontré todos los archivos fue C:\WINDOWS\BricoPacks\SysFiles

No sé si estos archivos en la carpeta se podran abrir desde ejecutar o aprovecharlos de alguna manera para recuperarlos.

Saludos
 
Pero a ver... entendamos algo, no puedes abrir los archivos por que no se encuentran en el sistema o por que "estan bloqueados por el administrador" y los archivos que tienes en C:\WINDOWS\BricoPacks\SysFiles debes quitarle el numero y guion "60_" y copiarlos a C:\WINDOWS\

Me cuentas
 
Debes iniciar sesión o registrarte para responder aquí.
Arriba Pie
Atrás