• Registrarse
  • Iniciar sesión


  • Resultados 1 al 6 de 6

    No puedo desbloquear archivos/carpetas ocultas ni utilizar flash player (Solucionado)

    Resumen del tema: No puedo desbloquear archivos/carpetas ocultas ni utilizar flash player (Solucionado) - Hola, antes que nada permitanme felicitarlos por el foro, me ha sido muy útil en varias ocaciones: Recientemente he tenido problemas para abrir ciertas páginas que utilizan Adobe flash player, intenté descargar denuevo el flash ...

      
    1. #1
      Usuario Avatar de viccduva
      Registrado
      jun 2006
      Ubicación
      mexico
      Mensajes
      5

      No puedo desbloquear archivos/carpetas ocultas ni utilizar flash player (Solucionado)

      Hola, antes que nada permitanme felicitarlos por el foro, me ha sido muy útil en varias ocaciones:

      Recientemente he tenido problemas para abrir ciertas páginas que utilizan Adobe flash player, intenté descargar denuevo el flash player pero por alguna razón no puedo abrir la página, lo descargué de otra página no oficial y aun asi sigue sin funcionar.

      Por lo tanto corrí mi antivirus (NOD32) y el Norton (no actualizado "se me venció") y descubrí varios virus (amvo y otros), traté de entrar a la carpeta del historial y no pude pues, no puedo desbloquear archivos y carpetas ocultas.

      Asi que ahora tengo 2 problemas: No puedo abrir paginas con flash player y no puedo desbloquear archivos y carpetas ocultas.

      Muchas gracias

      Les dejo mi Log del hijack:

      Scan saved at 1:13:46 PM, on 3/28/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\ACS.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Norton AntiVirus\SAVScan.exe
      c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\ltmoh\Ltmoh.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\EzButton\EzButton.EXE
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\TOSHIBA\IVP\ISM\pinger.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Eset\nod32kui.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Program Files\Common Files\Symantec Shared\NMain.exe
      C:\PROGRA~1\NORTON~1\navw32.exe
      C:\Program Files\Windows Media Player\wmplayer.exe
      C:\Program Files\BitComet\BitComet.exe
      C:\WINDOWS\system32\DllHost.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Downloads\HiJackThis_v2.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      O1 - Hosts: 89.149.243.46 boveda.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.boveda.banamex.com.mx
      O1 - Hosts: 89.149.243.46 bancanetempresarial.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.bancanetempresarial.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.banamex.com.mx
      O1 - Hosts: 89.149.243.46 banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.banamex.com
      O1 - Hosts: 89.149.243.46 banamex.com
      O1 - Hosts: 89.149.243.46 boveda.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.boveda.banamex.com.mx
      O1 - Hosts: 89.149.243.46 bancanetempresarial.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.bancanetempresarial.banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.banamex.com.mx
      O1 - Hosts: 89.149.243.46 banamex.com.mx
      O1 - Hosts: 89.149.243.46 www.banamex.com
      O1 - Hosts: 89.149.243.46 banamex.com
      O1 - Hosts: 89.149.243.46 www.hacktheworld.comä¾d¤MÝ-œtٜ!•8•ù¤ÿB™ë2‡‹Iuß/“³y‡êäãó㰉ˆeKwT4
      O1 - Hosts: ÞºOûÎ92𨩀Bž`ݍ÷ž+*åreëÞ-¾j¤÷3K
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
      O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [amva] C:\WINDOWS\system32\amvo.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
      O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
      O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
      O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
      O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189547001937
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189548479000
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://randomn.spaces.live.com/PhotoUpload/MsnPUpld.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
      O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
      O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\ACS.exe
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
      --
      End of file - 12297 bytes

    2. #2
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      22.964

      Re: No puedo desbloquear archivos y carpetas ocultas, no puedo utilizar flash player

      Hola, sigue estos pasos:

      Descarga, actualiza y ejecuta el programa:
      Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      - Descarga la herramienta ComboFix.exe y guárdala en el escritorio.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Cierra todas las ventanas abiertas.
      • Haz doble clic al archivo ComboFix.exe y sigue las instrucciones.
      • Cuando termine, generará un registro en C:\ComboFix.txt.
        • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
        • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.
      Atención!! No use ComboFix a menos que se le haya indicado específicamente en su mensaje por un integrante de nuestro Staff. Es una herramienta de gran alcance destinada por su creador a ser usada bajo la orientación y supervisión de un experto, no para uso privado. El uso de ComboFix incorrectamente podría generar problemas en su sistema. Por favor, lea las "Negaciones de la Garantía" de ComboFix.
      • Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.


      Saludos

    3. #3
      Usuario Avatar de viccduva
      Registrado
      jun 2006
      Ubicación
      mexico
      Mensajes
      5

      Bien Re: No puedo desbloquear archivos y carpetas ocultas, no puedo utilizar flash player

      Muchas gracias,

      El problema del reproductor Flash player, ha quedado resuelto, después de seguir los pasos que me pusiste anteriormente, desinstalé el flashplayer y lo instale de nuevo y problema resuelto.

      En cuanto a lo de las carpetas ocultas, ya puedo ver todos los archivos y carpetas ocultas.

      Te dejo el log que me pediste, espero no tener nada malo por ahí escondido.

      ComboFix 08-03-30.2 - UggO 2008-03-30 15:37:41.1 - NTFSx86
      Running from: C:\Documents and Settings\UggO\Desktop\ComboFix.exe

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\WINDOWS\system32\amvo1.dll

      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      -------\Legacy_WERFGH


      ((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-30 )))))))))))))))))))))))))))))))
      .

      2008-03-30 14:53 . 2008-03-30 15:36 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
      2008-03-30 14:53 . 2008-03-30 14:53 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\SUPERAntiSpyware.com
      2008-03-30 14:53 . 2008-03-30 14:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
      2008-03-27 16:40 . 2008-03-27 16:40 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-03-27 16:40 . 2008-03-27 16:40 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-03-27 14:45 . 2008-03-27 14:45 <DIR> d-------- C:\Program Files\CCleaner
      2008-03-02 16:33 . 2008-03-02 16:33 <DIR> d-------- C:\Program Files\StudyMinder_LITE
      2008-03-02 16:33 . 2008-03-02 16:51 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\StudyMinder
      2008-03-02 16:33 . 2008-03-15 10:40 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2008-03-02 16:33 . 2004-03-09 00:00 440,352 --a------ C:\WINDOWS\system32\MSHFLXGD.OCX
      2008-03-02 16:33 . 2004-03-09 16:45 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
      2008-02-20 19:22 . 2008-02-20 19:22 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\Template
      2008-02-20 19:20 . 2008-02-20 19:20 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\Windows Live Writer
      2008-02-13 16:27 . 2008-02-13 16:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
      2008-02-01 11:17 . 2008-02-01 11:17 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-03-30 20:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
      2008-03-28 22:50 --------- d-----w C:\Program Files\Java
      2008-03-28 19:44 --------- d-----w C:\Program Files\Norton AntiVirus
      2008-03-02 17:35 --------- d-----w C:\Program Files\MSN Messenger
      2008-03-02 17:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
      2008-02-27 06:08 --------- d-----w C:\Program Files\Windows Live
      2008-02-13 22:27 --------- d-----w C:\Program Files\BitComet
      2008-02-12 02:58 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-02-08 23:42 --------- d-----w C:\Documents and Settings\UggO\Application Data\LimeWire
      2008-02-08 21:35 --------- d-----w C:\Program Files\ESET
      2008-01-09 06:40 105,719 --sh--r C:\u.bat
      2008-01-09 06:40 105,719 --sh--r C:\tio8x6.cmd
      2003-08-27 22:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
      2007-11-07 22:15 952 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 05:24 65536]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
      "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 19:05 204288]
      "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 23:10 335872]
      "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 17:43 184320]
      "AGRSMMSG"="AGRSMMSG.exe" [2004-02-20 17:00 88363 C:\WINDOWS\agrsmmsg.exe]
      "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-30 18:46 192512]
      "EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-05-14 12:29 712704]
      "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-05-06 15:12 638976]
      "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-03-15 13:17 53248]
      "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-02-03 16:47 1089589]
      "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2003-11-10 08:30 70816]
      "CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-05-20 11:21 135168]
      "Pinger"="C:\TOSHIBA\IVP\ISM\pinger.exe" [2005-03-17 17:37 151552]
      "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-09-05 15:23 95960]
      "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-01-14 02:05 122939]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
      "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]
      "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
      "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-13 23:57 950664]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
      "NDSTray.exe"="NDSTray.exe" []
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

      C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
      Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-04-19 13:49:52 64864]
      RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2003-12-02 16:45:18 155648]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\BitComet\\BitComet.exe"=
      "C:\\Program Files\\LimeWire\\LimeWire.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "18504:TCP"= 18504:TCP:BitComet 18504 TCP
      "18504:UDP"= 18504:UDP:BitComet 18504 UDP

      R1 ECioctl;ECioctl;C:\WINDOWS\system32\Drivers\ECioctl.sys [2004-05-06 14:40]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{191691de-a739-11dc-b373-00038a000015}]
      \Shell\AutoRun\command - n1deiect.com
      \Shell\explore\Command - n1deiect.com
      \Shell\open\Command - n1deiect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32177378-ab23-11dc-b383-00038a000015}]
      \Shell\AutoRun\command - E:\n1deiect.com
      \Shell\explore\Command - E:\n1deiect.com
      \Shell\open\Command - E:\n1deiect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c5e-938c-11dc-b346-00038a000015}]
      \Shell\AutoRun\command - E:\LaunchU3.exe -a

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c5f-938c-11dc-b346-00038a000015}]
      \Shell\Auto\command - F:\MSOCache\doWTP_RESTORE.exe
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MSOCache\doWTP_RESTORE.exe

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c60-938c-11dc-b346-00038a000015}]
      \Shell\AutoRun\command - G:\ntde1ect.com
      \Shell\explore\Command - G:\ntde1ect.com
      \Shell\open\Command - G:\ntde1ect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{777e1bd4-867b-11dc-b32a-00038a000015}]
      \Shell\AutoRun\command - E:\1weicxa.com
      \Shell\explore\Command - E:\1weicxa.com
      \Shell\open\Command - E:\1weicxa.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{902a2e3f-e95c-11dc-b40e-00038a000015}]
      \Shell\auto\command - Knight.exe open
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Knight.exe open
      \Shell\explore\command - Knight.exe open
      \Shell\find\command - Knight.exe open
      \Shell\install\command - Knight.exe open
      \Shell\open\command - Knight.exe open

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac51-a5f8-11dc-b36f-00023fd709ea}]
      \Shell\AutoRun\command - ntdelect.com
      \Shell\explore\Command - utdetect.com
      \Shell\open\Command - utdetect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac52-a5f8-11dc-b36f-00023fd709ea}]
      \Shell\AutoRun\command - ntdelect.com
      \Shell\explore\Command - utdetect.com
      \Shell\open\Command - utdetect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac57-a5f8-11dc-b36f-00023fd709ea}]
      \Shell\AutoRun\command - E:\nideiect.com
      \Shell\explore\Command - E:\nideiect.com
      \Shell\open\Command - E:\nideiect.com

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8501bd7-6997-11dc-b2f3-00038a000015}]
      \Shell\Auto\command - E:\MSOCache\doWTP_RESTORE_0.exe -autorun
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MSOCache\doWTP_RESTORE_0.exe -autorun

      *Newly Created Service* - SASDIFSV
      .
      Contents of the 'Scheduled Tasks' folder
      "2008-03-08 03:04:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-03-08 07:04:20 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - UggO.job"
      - C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
      "2008-03-30 21:45:01 C:\WINDOWS\Tasks\Symantec NetDetect.job"
      - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-03-30 15:44:23
      Windows 5.1.2600 Service Pack 2 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      PROCESS: C:\WINDOWS\explorer.exe
      -> C:\Program Files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\System32\ACS.exe
      C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Norton AntiVirus\SAVScan.exe
      c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\Program Files\Windows Media Player\WMPNetwk.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\Messenger\msmsgs.exe
      .
      **************************************************************************
      .
      Completion time: 2008-03-30 15:48:00 - machine was rebooted [UggO]
      ComboFix-quarantined-files.txt 2008-03-30 21:47:52
      Pre-Run: 34,119,073,792 bytes free
      Post-Run: 34,023,337,984 bytes free
      .
      2008-03-22 06:22:46 --- E O F ---

    4. #4
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      22.964

      Re: No puedo desbloquear archivos y carpetas ocultas, no puedo utilizar flash player

      ComboFix detectó y eliminó ya algunos Malwares, pero todavía quedaron algunas cosas para sacar, sigue estos pasos:

      1.-Abrir el Notepad

      • Clic en INICIO > EJECUTAR >
      • Y ahí pones notepad.exe y ACEPTAR


      2.- Ahora copia y pega este código dentro del Notepad

      Código HTML:
      KillAll::
      
      File::
      C:\u.bat
      C:\tio8x6.cmd
      
      Registry::
      [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\amva]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{191691de-a739-11dc-b373-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{32177378-ab23-11dc-b383-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c5e-938c-11dc-b346-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c5f-938c-11dc-b346-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d3d6c60-938c-11dc-b346-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{777e1bd4-867b-11dc-b32a-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{902a2e3f-e95c-11dc-b40e-00038a000015}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac51-a5f8-11dc-b36f-00023fd709ea}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac52-a5f8-11dc-b36f-00023fd709ea}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aeefac57-a5f8-11dc-b36f-00023fd709ea}]
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8501bd7-6997-11dc-b2f3-00038a000015}]
      3.- Graba este archivo con el nombre CFScript.txt

      4.- Arrastrar y soltar el archivo CFScript.txt dentro del archivo ComboFix.exe como lo muestra la animación de abajo. Esto activara ComboFix nuevamente.



      Reinicia y nos cuentas los resultados. junto con un nuevo reporte de ComboFix y uno de Hijackthis.

      Saludos

    5. #5
      Usuario Avatar de viccduva
      Registrado
      jun 2006
      Ubicación
      mexico
      Mensajes
      5

      Re: No puedo desbloquear archivos y carpetas ocultas, no puedo utilizar flash player

      Hola denuevo.

      Muchas gracias por atender a mi petición en fin de semana.

      Bien, te dejo el log del ComboFix y el del Hijackthis.
      ********************
      Log Combofix:

      ComboFix 08-03-30.2 - UggO 2008-03-30 23:22:22.2 - NTFSx86
      Running from: C:\Documents and Settings\UggO\Desktop\ComboFix.exe
      Command switches used :: C:\Documents and Settings\UggO\My Documents\CFScript.txt
      * Created a new restore point

      WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

      FILE ::
      C:\tio8x6.cmd
      C:\u.bat
      .

      ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Autorun.inf
      C:\tio8x6.cmd
      C:\u.bat

      .
      ((((((((((((((((((((((((( Files Created from 2008-02-28 to 2008-03-31 )))))))))))))))))))))))))))))))
      .

      2008-03-30 14:53 . 2008-03-30 15:36 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
      2008-03-30 14:53 . 2008-03-30 14:53 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\SUPERAntiSpyware.com
      2008-03-30 14:53 . 2008-03-30 14:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
      2008-03-27 16:40 . 2008-03-27 16:40 54,156 --ah----- C:\WINDOWS\QTFont.qfn
      2008-03-27 16:40 . 2008-03-27 16:40 1,409 --a------ C:\WINDOWS\QTFont.for
      2008-03-27 14:45 . 2008-03-27 14:45 <DIR> d-------- C:\Program Files\CCleaner
      2008-03-02 16:33 . 2008-03-02 16:33 <DIR> d-------- C:\Program Files\StudyMinder_LITE
      2008-03-02 16:33 . 2008-03-02 16:51 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\StudyMinder
      2008-03-02 16:33 . 2008-03-15 10:40 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2008-03-02 16:33 . 2004-03-09 00:00 440,352 --a------ C:\WINDOWS\system32\MSHFLXGD.OCX
      2008-03-02 16:33 . 2004-03-09 16:45 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
      2008-02-20 19:22 . 2008-02-20 19:22 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\Template
      2008-02-20 19:20 . 2008-02-20 19:20 <DIR> d-------- C:\Documents and Settings\UggO\Application Data\Windows Live Writer
      2008-02-13 16:27 . 2008-02-13 16:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
      2008-02-01 11:17 . 2008-02-01 11:17 587,264 --a------ C:\WINDOWS\WLXPGSS.SCR

      .
      (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-03-30 20:52 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
      2008-03-28 22:50 --------- d-----w C:\Program Files\Java
      2008-03-28 19:44 --------- d-----w C:\Program Files\Norton AntiVirus
      2008-03-02 17:35 --------- d-----w C:\Program Files\MSN Messenger
      2008-03-02 17:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
      2008-02-27 06:08 --------- d-----w C:\Program Files\Windows Live
      2008-02-13 22:27 --------- d-----w C:\Program Files\BitComet
      2008-02-12 02:58 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-02-08 23:42 --------- d-----w C:\Documents and Settings\UggO\Application Data\LimeWire
      2008-02-08 21:35 --------- d-----w C:\Program Files\ESET
      2003-08-27 22:19 36,963 ----a-r C:\Program Files\Common Files\SM1updtr.dll
      2007-11-07 22:15 952 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
      .

      ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      *Note* empty entries & legit default entries are not shown
      REGEDIT4

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-05 05:24 65536]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 01:56 15360]
      "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
      "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968]
      "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 19:05 204288]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-04-21 23:10 335872]
      "LtMoh"="C:\Program Files\ltmoh\Ltmoh.exe" [2003-09-26 17:43 184320]
      "AGRSMMSG"="AGRSMMSG.exe" [2004-02-20 17:00 88363 C:\WINDOWS\agrsmmsg.exe]
      "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-30 18:46 192512]
      "EzButton"="C:\Program Files\EzButton\EzButton.EXE" [2004-05-14 12:29 712704]
      "CeEKEY"="C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe" [2004-05-06 15:12 638976]
      "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2004-03-15 13:17 53248]
      "PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-02-03 16:47 1089589]
      "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2003-11-10 08:30 70816]
      "CeEPOWER"="C:\Program Files\TOSHIBA\Power Management\CePMTray.exe" [2004-05-20 11:21 135168]
      "Pinger"="C:\TOSHIBA\IVP\ISM\pinger.exe" [2005-03-17 17:37 151552]
      "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-09-05 15:23 95960]
      "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-01-14 02:05 122939]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
      "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 16:30 249856]
      "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 16:30 81920]
      "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-13 23:57 950664]
      "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
      "NDSTray.exe"="NDSTray.exe" []
      "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

      C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
      Microsoft Office OneNote 2003 Quick Launch.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2007-04-19 13:49:52 64864]
      RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [2003-12-02 16:45:18 155648]

      [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
      "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
      C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\security center]
      "AntiVirusOverride"=dword:00000001

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
      "%windir%\\system32\\sessmgr.exe"=
      "C:\\Program Files\\BitComet\\BitComet.exe"=
      "C:\\Program Files\\LimeWire\\LimeWire.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
      "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

      [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
      "18504:TCP"= 18504:TCP:BitComet 18504 TCP
      "18504:UDP"= 18504:UDP:BitComet 18504 UDP

      R1 ECioctl;ECioctl;C:\WINDOWS\system32\Drivers\ECioctl.sys [2004-05-06 14:40]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8501bd7-6997-11dc-b2f3-00038a000015}]
      \Shell\Auto\command - E:\MSOCache\doWTP_RESTORE_0.exe -autorun
      \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MSOCache\doWTP_RESTORE_0.exe -autorun

      .
      Contents of the 'Scheduled Tasks' folder
      "2008-03-08 03:04:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
      - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
      "2008-03-08 07:04:20 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - UggO.job"
      - C:\PROGRA~1\NORTON~1\Navw32.exeh/task:
      "2008-03-31 05:30:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
      - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-03-30 23:29:10
      Windows 5.1.2600 Service Pack 2 NTFS

      scanning hidden processes ...

      scanning hidden autostart entries ...

      scanning hidden files ...

      scan completed successfully
      hidden files: 0

      **************************************************************************
      .
      --------------------- DLLs Loaded Under Running Processes ---------------------

      PROCESS: C:\WINDOWS\explorer.exe
      -> C:\Program Files\ArcSoft\Software Suite\PhotoImpression\share\pihook.dll
      .
      ------------------------ Other Running Processes ------------------------
      .
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\System32\ACS.exe
      C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Norton AntiVirus\SAVScan.exe
      c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\Program Files\Windows Media Player\WMPNetwk.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\Messenger\msmsgs.exe
      .
      **************************************************************************
      .
      Completion time: 2008-03-30 23:35:15 - machine was rebooted
      ComboFix-quarantined-files.txt 2008-03-31 05:34:57
      ComboFix2.txt 2008-03-30 21:48:01
      Pre-Run: 34,013,265,920 bytes free
      Post-Run: 34,002,800,640 bytes free
      .
      2008-03-22 06:22:46 --- E O F ---


      ********************************************************
      Ahora te pongo el Log del hijackthis.:
      Logfile of Trend Micro HijackThis v2.0.0 (BETA)
      Scan saved at 11:42:03 PM, on 3/30/2008
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      Boot mode: Normal

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\ACS.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\Norton AntiVirus\navapsvc.exe
      C:\Program Files\Eset\nod32krn.exe
      C:\Program Files\Norton AntiVirus\SAVScan.exe
      c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      C:\WINDOWS\wanmpsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Program Files\ltmoh\Ltmoh.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Apoint2K\Apoint.exe
      C:\Program Files\EzButton\EzButton.EXE
      C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      C:\TOSHIBA\IVP\ISM\pinger.exe
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
      C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
      C:\Program Files\Eset\nod32kui.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
      C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Apoint2K\Apntex.exe
      C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Program Files\Windows Media Player\WMPNSCFG.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
      C:\WINDOWS\system32\wuauclt.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Downloads\HiJackThis_v2.exe

      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
      O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
      O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
      O4 - HKLM\..\Run: [EzButton] C:\Program Files\EzButton\EzButton.EXE
      O4 - HKLM\..\Run: [CeEKEY] C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
      O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
      O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
      O4 - HKLM\..\Run: [CeEPOWER] C:\Program Files\TOSHIBA\Power Management\CePMTray.exe
      O4 - HKLM\..\Run: [Pinger] C:\TOSHIBA\IVP\ISM\pinger.exe /run
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
      O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
      O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
      O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
      O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
      O9 - Extra button: Agregar entrada - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Agregar entrada en Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
      O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
      O14 - IERESET.INF: START_PAGE_URL=http://www.toshiba.com
      O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
      O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1189547001937
      O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1189548479000
      O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://randomn.spaces.live.com/PhotoUpload/MsnPUpld.cab
      O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
      O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
      O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
      O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\System32\ACS.exe
      O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
      O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      O23 - Service: CeEPwrSvc - COMPAL ELECTRONIC INC. - C:\Program Files\Toshiba\Power Management\CeEPwrSvc.exe
      O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      O23 - Service: Swupdtmr - Unknown owner - c:\TOSHIBA\Ivp\Swupdate\swupdtmr.exe
      O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

      --
      End of file - 11321 bytes
      ********************************************************

    6. #6
      Ex-Colaborador Avatar de GPastor
      Registrado
      mar 2005
      Ubicación
      Perú
      Mensajes
      22.964

      Re: No puedo desbloquear archivos y carpetas ocultas, no puedo utilizar flash player

      Solo quedó una entrada innecesaria por reparar, sigue estos pasos:

      - Copia y pega este código en el Bloc de Notas
      Código HTML:
      Windows Registry Editor Version 5.00 
      
      [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f8501bd7-6997-11dc-b2f3-00038a000015}]
      Y guarda el archivo como Repara.reg en una ubicación fácil de encontrar.

      - Busca el archivo que acabas de crear Repara.reg y dale doble clic, este te pedirá ingresar los datos al registro, deberás Aceptar.


      Luego procederemos a desinstalar el ComboFix de la siguiente manera:


      • Ir a Inicio > Ejecutar
      • Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:





      Esto realizara las siguientes tareas:


      • Se borraran:
        • ComboFix: sus archivos y carpetas.
        • VundoFix: copias de seguridad (si está presente)
        • La carpeta C:\Deckard (si está presente)
        • La carpeta C: _OtMoveIt (si está presente)
      • Restablece la configuración del reloj.
      • Ocultar extensiones de archivo (si es necesario.)
      • Oculta los archivos que estaban ocultos
      • Reactiva el "Restaurar Sistema"



      Para evitar este tipo de infecciones te recomiendo usar un navegador mas seguro como Firefox

      Saludos