Hola!! Buenos Días!!

Tengo un problema que no me deja ver la opción de "Archivos y carpetas ocultos".

Así me aparece Opciones de Carpeta:



Y así debería salir:



(Imagen de www.teayudo.es)

He probado de todo:

• Realicé los pasos para una buena eliminación rigurosamente
• Revisé el registro, (ya que algún compañero de por aquí ya tuvo ese problema y lo resolvio de esta forma)

Lo único que conseguí con todo ello es que ahora veo continuamente los archivos ocultos, pero, sin embargo, me siguen sin aparecer las opciones de archivos ocultos de "Opciones de Carpeta". Por lo tanto, no puedo elegir no verlos.

Por todo ello, pensé que la solución podría estar en revisar el log de HijackThis. Así que agradecería mucho si alguien me pudiera echar una mano:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:39:28, on 30/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RTHDCPL.EXE
C:\Program Files\Common Files\PWC3800\PWCam.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\owner\AppData\Local\Google\Update\GoogleU pdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Google Update Helper - {77D7E795-33C5-4323-974D-A2A49AB75517} - C:\Program Files\Google\Update\1.2.131.11\GoopdateBho.dll
O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - (no file)
O2 - BHO: Windows Live Aplicación auxiliar de inicio de sesión - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PWCam] C:\Program Files\Common Files\PWC3800\PWCam.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE PLEOMAX PWC-3800
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\Google Update.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Servicio de red')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: ewido is AVG - anti-spyware, anti-malware and anti-virus software
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai.net/f/516/25175...b-20070115.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/ES-ES/.../GAME_UNO1.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary...r.cab56986.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FE5A2841-5730-4E59-A9E3-6BC1F88EEB0B}: NameServer = 87.216.1.65,87.216.1.66
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c900cbb757176d) (gupdate1c900cbb757176d) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32serve r.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: @%SystemRoot%\System32\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software GmbH - C:\Windows\System32\TuneUpDefragService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe

--
End of file - 10482 bytes


Muchísimas gracias!!

Hola Wolfyllow,

Te recomendaría probar utilizando el programa RegUnlocker


De HJT solo te quedaría aplicarle a esta:

O2 - BHO: ActivationManager module - {86A44EF7-78FC-4e18-A564-B18F806F7F56} - (no file)

Salu2

Gracias por la contestación!!

Acabo de utilizar el programa RegUnlocker con la opción "Reparar la visualización de archivos ocultos" en la opción B-Reparadores, y me aparece la siguiente imagen:



Sin embargo, al reiniciar el ordenador, no aparece ningún cambio, y las opciones siguen sin aparecer.

¿Tendría que seleccionar otras opciones en Regunlocker, o las que marqué son las correctas?

Muchas gracias!!

Saludos!!!

- Descarga la herramienta ComboFix.exe y guárdala en el escritorio.

• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

• Reinicia y pega el reporte de C:\ComboFix.txt en este mismo mensaje.

Salu2

Hola!!

Finalmente se solucionó el problema!! Muchas gracias!!! Te lo agradezco mucho ElPiedra!!!

Después de reiniciar el ordenador, no me iba internet. Tras varios intentos frustados, llamé al servicio técnico de la compañía telefónica. Tuve que cambiar la IP y DNS que tenía por la opción "Obtener una dirección IP automáticamente" y "Obtener una dirección del servidor DNS automáticamente", pero ya tengo conexión.

Aquí te dejo el log por si vieras algo fuera de lo normal:

ComboFix 08-10-01.02 - owner 2008-10-02 17:57:19.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.3082.18.1358 [GMT 2:00]
Se ejecuta desde: C:\Users\owner\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Otras eliminaciones )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\InfoSat.txt
C:\Windows\system32\drivers\downld
C:\Windows\system32\drivers\downld\100296.exe
C:\Windows\system32\drivers\downld\101484.exe
C:\Windows\system32\drivers\downld\14654437.exe
C:\Windows\system32\drivers\downld\14655625.exe
C:\Windows\system32\drivers\downld\14678546.exe
C:\Windows\system32\drivers\downld\14710093.exe
C:\Windows\system32\drivers\downld\14736250.exe
C:\Windows\system32\drivers\downld\14743796.exe
C:\Windows\system32\drivers\downld\15011812.exe
C:\Windows\system32\drivers\downld\15041937.exe
C:\Windows\system32\drivers\downld\151281.exe
C:\Windows\system32\drivers\downld\15323718.exe
C:\Windows\system32\drivers\downld\15383750.exe
C:\Windows\system32\drivers\downld\15604953.exe
C:\Windows\system32\drivers\downld\15854953.exe
C:\Windows\system32\drivers\downld\15984953.exe
C:\Windows\system32\drivers\downld\195156.exe
C:\Windows\system32\drivers\downld\213953.exe
C:\Windows\system32\drivers\downld\222468.exe
C:\Windows\system32\drivers\downld\29187859.exe
C:\Windows\system32\drivers\downld\29189078.exe
C:\Windows\system32\drivers\downld\29203640.exe
C:\Windows\system32\drivers\downld\29206562.exe
C:\Windows\system32\drivers\downld\29237812.exe
C:\Windows\system32\drivers\downld\29263125.exe
C:\Windows\system32\drivers\downld\29270140.exe
C:\Windows\system32\drivers\downld\31046093.exe
C:\Windows\system32\drivers\downld\31106109.exe
C:\Windows\system32\drivers\downld\31328031.exe
C:\Windows\system32\drivers\downld\31573203.exe
C:\Windows\system32\drivers\downld\31703515.exe
C:\Windows\system32\drivers\downld\350968.exe
C:\Windows\system32\drivers\downld\353031.exe
C:\Windows\system32\drivers\downld\380937.exe
C:\Windows\system32\drivers\downld\385140.exe
C:\Windows\system32\drivers\downld\424468.exe
C:\Windows\system32\drivers\downld\43711718.exe
C:\Windows\system32\drivers\downld\43712968.exe
C:\Windows\system32\drivers\downld\43730484.exe
C:\Windows\system32\drivers\downld\43733062.exe
C:\Windows\system32\drivers\downld\43765656.exe
C:\Windows\system32\drivers\downld\43787578.exe
C:\Windows\system32\drivers\downld\43795140.exe
C:\Windows\system32\drivers\downld\450046.exe
C:\Windows\system32\drivers\downld\457656.exe
C:\Windows\system32\drivers\downld\58224593.exe
C:\Windows\system32\drivers\downld\58225734.exe
C:\Windows\system32\drivers\downld\58241921.exe
C:\Windows\system32\drivers\downld\58244437.exe
C:\Windows\system32\drivers\downld\58277625.exe
C:\Windows\system32\drivers\downld\58322187.exe
C:\Windows\system32\drivers\downld\58329078.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Servicios )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_MCHINJDRV
-------\Legacy_SROSA


(((((((((((((((((( Archivos creados desde 2008-09-02 - 2008-10-02 )))))))))))))))))))))))))))))))))
.

Ningún archivo ha sido creado durante este intervalo de tiempo

.
(((((((((((((((((((((((((((((((((((((( Reporte Find3M )))))))))))))))))))))))))))))))))))))))))))))))))) )
.
2008-10-02 16:08 352,615 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-09-30 17:48 --------- d-----w C:\Program Files\Talisman 2
2008-09-30 17:35 --------- d-----w C:\Program Files\FreeOCR.net
2008-09-29 23:23 --------- d---a-w C:\PROGRA~2\TEMP
2008-09-29 21:41 --------- d-----w C:\Program Files\Unlocker
2008-09-29 18:10 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-09-29 16:11 --------- d-----w C:\Users\owner\AppData\Roaming\Desktopicon
2008-09-29 11:21 --------- d-----w C:\Program Files\CCleaner
2008-09-29 09:25 --------- d-----w C:\Program Files\SUPERAntiSpyware
2008-09-29 09:20 --------- d-----w C:\Users\owner\AppData\Roaming\SUPERAntiSpyware.co m
2008-09-29 09:19 --------- d-----w C:\Program Files\SpywareBlaster
2008-09-28 16:32 --------- d-----w C:\Program Files\Enigma Software Group
2008-09-28 15:34 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-09-28 14:52 --------- d-----w C:\Program Files\Zone Labs
2008-09-27 12:09 --------- d-----w C:\Users\owner\AppData\Roaming\Audacity
2008-09-27 11:26 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-09-26 08:38 --------- d-----w C:\Program Files\Trend Micro
2008-09-23 23:01 --------- d-----w C:\Program Files\VistaCodecPack
2008-09-23 21:33 --------- d-----w C:\PROGRA~2\VistaCodecs
2008-09-23 14:07 --------- d-----w C:\PROGRA~2\SUPERAntiSpyware.com
2008-09-23 13:39 --------- d-----w C:\Users\owner\AppData\Roaming\uTorrent
2008-09-23 13:32 --------- d-----w C:\Program Files\uTorrent
2008-09-21 17:27 --------- d-----w C:\Users\owner\AppData\Roaming\Synthesia
2008-09-19 19:20 --------- d-----w C:\Program Files\Google
2008-09-17 19:07 --------- d-----w C:\Users\owner\AppData\Roaming\vlc
2008-09-16 17:32 --------- d-----w C:\Program Files\AWC
2008-09-15 13:31 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-12 10:12 --------- d-----w C:\Program Files\PhET-1.0
2008-09-10 21:24 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-09-06 22:54 --------- d-----w C:\Program Files\OrCAD_Demo
2008-08-31 23:02 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-08-30 15:08 --------- d-----w C:\Program Files\Paint.NET
2008-08-30 11:38 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-08-30 01:30 --------- d-----w C:\Program Files\QuickTime
2008-08-29 11:26 --------- d-----w C:\Users\owner\AppData\Roaming\Ace
2008-08-20 00:22 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-18 13:59 --------- d-----w C:\PROGRA~2\FLEXnet
2008-08-18 13:55 --------- d-----w C:\Program Files\Common Files\Adobe
2008-08-18 13:55 --------- d-----w C:\Program Files\Bonjour
2008-08-18 13:41 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-08-18 08:53 --------- d-----w C:\Program Files\Rockstar Games
2008-08-18 00:07 --------- d-----w C:\Users\owner\AppData\Roaming\gtk-2.0
2008-08-16 22:32 --------- d-----w C:\PROGRA~2\Media Center Programs
2008-08-16 22:32 --------- d-----w C:\PROGRA~2\LucasArts
2008-08-16 22:20 --------- d-----w C:\Program Files\LucasArts
2008-08-15 09:45 --------- d-----w C:\Program Files\Windows Mail
2008-08-09 12:38 --------- d-----w C:\Program Files\PASVA
2008-08-08 18:13 --------- d-----w C:\Program Files\Logitech
2008-08-05 18:38 --------- d-----w C:\Users\owner\AppData\Roaming\LimeWire
2008-08-05 13:30 --------- d-----w C:\Program Files\µTorrent
2008-08-05 12:11 130,208 ------r C:\Windows\bwUnin-8.1.1.87-8876480SL.exe
2008-08-04 09:14 --------- d-----w C:\Program Files\Java
2008-07-31 03:34 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-07-31 03:34 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:34 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:34 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-30 23:32 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-07-09 01:21 174 --sha-w C:\Program Files\desktop.ini
2008-07-02 15:02 65,536 ----a-w C:\Windows\IFinst27.exe
2007-09-16 16:53 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\History\History.IE5\index.da t
2007-09-16 16:53 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Lo cal\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-09-16 16:53 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Ro aming\Microsoft\Windows\Cookies\index.dat
2006-05-03 10:06 163,328 --sh--r C:\Windows\System32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\Windows\System32\msfDX.dll
2007-12-17 13:43 27,648 --sh--w C:\Windows\System32\Smab0.dll
2008-02-04 19:26 151,040 --sh--w C:\Windows\System32\VistaUltm.dll
.

((((((((((((((((((((((((((((((((( Cargando Puntos Reg ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vacías & entradas legítimas predeterminadas no son mostradas
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 1232896]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]
"Automatic Wallpaper Changer"="C:\Program Files\AWC\AWC.exe" [2007-11-01 1261568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"PWCam"="C:\Program Files\Common Files\PWC3800\PWCam.exe" [2005-05-04 40960]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp. exe" [2008-07-19 78008]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"BigDogPath"="C:\Windows\VM_STI.EXE" [2003-01-21 40960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-03 959976]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-11 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-11 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray. dll" [2007-09-11 81920]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-12 C:\Windows\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\Windows\SkyTel.exe]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 C:\Windows\RtHDVCpl.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 C:\Windows\KHALMNPR.Exe]

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Sta rtup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-03-22 805392]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.i420"= i420vfw.dll
"vidc.yv12"= yv12vfw.dll
"msacm.divxa32"= divxa32.acm

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
"ehTray.exe"=C:\Windows\ehome\ehTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run-]
"ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
"BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1085269513-3430285145-2224119417-1000]
"EnableNotificationsRef"=dword:00000005

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"TCP Query User{0F2A9ACE-CBDA-4480-9912-3E65DEFB7EA2}C:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= UDP:C:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited
"UDP Query User{DC933FA2-D67F-4182-8C71-FC5182CB2E1E}C:\\program files\\atari\\test drive unlimited\\testdriveunlimited.exe"= TCP:C:\program files\atari\test drive unlimited\testdriveunlimited.exe:Test Drive Unlimited
"TCP Query User{5A682BBC-E5BA-4C31-9C04-8ABC169D0E43}C:\\program files\\ares\\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows
"UDP Query User{18FC0503-1E69-4711-AE8A-4FFCC990CCD7}C:\\program files\\ares\\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows
"TCP Query User{DCAD18F3-0895-4FA5-AA7A-FC6C17A13697}C:\\program files\\atari\\test drive unlimited\\testdriveunlimited (2).exe"= UDP:C:\program files\atari\test drive unlimited\testdriveunlimited (2).exe:Test Drive Unlimited
"UDP Query User{D8D08698-796B-41BB-A0E6-563B3B49FDA5}C:\\program files\\atari\\test drive unlimited\\testdriveunlimited (2).exe"= TCP:C:\program files\atari\test drive unlimited\testdriveunlimited (2).exe:Test Drive Unlimited
"TCP Query User{2F240E9A-F609-49A8-A4ED-2DA9AB20CB2F}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"UDP Query User{5147ADBA-CB7A-4DFB-85F8-1DB47FF42DBA}C:\\program files\\common files\\ahead\\nero web\\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter
"{5C19B67C-8750-48D0-BB77-E19371DC939F}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{4AB78C71-B592-4F76-80F2-C6514222C835}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{DC19AA8E-E7B8-4EA2-8B82-A31B85A807C0}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{038CDA50-6288-46E2-83DA-6E6004DD7B61}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{0856004D-725D-4C41-A5CE-F75E1211F064}"= UDP:C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin:Project Torque
"{BD271DEF-EDCD-4A9E-8690-5E5547422686}"= TCP:C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin:Project Torque
"{36A1995D-51C2-4ABE-9616-065996A217A0}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleil CS
"{FBC44D0A-CED0-44BB-BB77-DF64C69CDF69}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe:BlueSoleil CS
"{4F05A0E5-873D-480D-8E6C-685DD075E0E4}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{B35ED5E2-0D94-4294-94DA-A080C31F679C}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{5B7FA310-9808-4AD0-B98F-5DE6D1396368}"= UDP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{84381693-F681-4EF2-A7C5-245BE514D430}"= TCP:C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:BlueSoleil
"{6A2DD14E-81BD-4404-B67A-3BE138958929}"= UDP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{06640C41-34DE-4E2E-92D2-CDBE76255EDB}"= TCP:C:\Program Files\Autodesk\Backburner\monitor.exe:backburner 2.3 monitor
"{1418ED5A-E7E5-4771-ABD7-5FA443B1106D}"= UDP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{9BDFEB73-8E9D-4E8D-A17F-3A0D5FECBD06}"= TCP:C:\Program Files\Autodesk\Backburner\manager.exe:backburner 2.3 manager
"{0D34E1A3-65F8-4A9A-8200-DDB6F97BA3EE}"= UDP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{65718678-2555-43CF-BB83-E4BBD8E81D2A}"= TCP:C:\Program Files\Autodesk\Backburner\server.exe:backburner 2.3 server
"{35E7EB9D-D1E1-4F79-AF60-E39C9A6B8782}"= UDP:C:\Program Files\Autodesk\3ds Max 2008\3dsmax.exe:Autodesk 3ds Max 2008 32-bit
"{CD8C08E6-0D50-45DB-A274-F3FE7699F414}"= TCP:C:\Program Files\Autodesk\3ds Max 2008\3dsmax.exe:Autodesk 3ds Max 2008 32-bit
"{D7207AD2-8EC2-4C35-8BE1-C4E7A5D7C065}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe:Logitech Desktop Messenger
"{73015CAF-ADD0-449C-8A3C-4943279C1079}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe:Logitech Desktop Messenger
"{B3334973-744E-48C9-B514-F76DEA7E021B}"= UDP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe:Logitech Desktop Messenger
"{8A27C2D4-D96B-4ED2-966A-4A78FF325FA0}"= TCP:C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger .exe:Logitech Desktop Messenger
"{68FD2A0A-0A96-4906-AF83-C2463D42CC50}"= UDP:C:\Users\owner\AppData\Roaming\Microsoft\Inter net Explorer\Quick Launch\utorrent.exe:µTorrent
"{69FD36B2-446E-4F2E-86F8-43A0E1B39D82}"= TCP:C:\Users\owner\AppData\Roaming\Microsoft\Inter net Explorer\Quick Launch\utorrent.exe:µTorrent

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|S vc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 VBoxDrv;VirtualBox Service;C:\Windows\system32\DRIVERS\VBoxDrv.sys [2008-04-30 55424]
R1 VBoxUSBMon;VirtualBox USB Monitor Driver;C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2008-04-30 42048]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswF sBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\as wMonFlt.sys [2008-07-19 51280]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 UxTuneUp;TuneUp Ampliación del thema;C:\Windows\System32\svchost.exe [2006-11-02 22016]
R3 ZSMC302;PLEOMAX PWC-3800;C:\Windows\system32\Drivers\usbvm302.sys [2004-03-19 90968]
S2 gupdate1c900cbb757176d;Google Update Service (gupdate1c900cbb757176d);C:\Program Files\Google\Update\GoogleUpdate.exe [2008-08-29 133104]
S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-04-21 52080]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.ex e [2008-08-30 355584]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{90dcc773-53f6-11dc-93f0-0019661ed013}]
\shell\AutoRun\command - L:\nideiect.com
\shell\explore\Command - L:\nideiect.com
\shell\open\Command - L:\nideiect.com

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\mountpoints2\{e73000a9-bf20-11dc-a843-0019661ed013}]
\shell\AutoRun\command - K:\nideiect.com
\shell\explore\Command - K:\nideiect.com
\shell\open\Command - K:\nideiect.com
.
.
------- Análisis Suplementario -------
.
FireFox -: Profile - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Pro files\hqjza3ls.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE -
FF -: plugin - C:\Program Files\Google\Google Earth Plugin\npgeplugin.dll
FF -: plugin - C:\Program Files\Google\Update\1.2.131.11\npGoogleOneClick5.d ll
FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.d ll
FF -: plugin - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug. dll
FF -: plugin - C:\Users\owner\AppData\Local\Google\Update\1.2.131 .11\npGoogleOneClick5.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-02 18:08:36
Windows 6.0.6000 NTFS

escaneando procesos ocultos ...

escaneando entradas ocultas de autostart ...

escaneando archivos ocultos ...

el escaneo se completo con exito
archivos ocultos: 0

************************************************** ************************
.
------------------------ Otros procesos en ejecución ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\brss01a.exe
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32serve r.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\wbem\unsecapp.exe
.
************************************************** ************************
.
Tiempo completado: 2008-10-02 18:16:12 - Reiniciando la máquina
ComboFix-quarantined-files.txt 2008-10-02 16:15:55

Pre-Run: El sistema no puede encontrar el texto del mensaje para el mensaje n£mero 0x2379 en el archivo de mensajes para Application.
Post-Run: 138,305,044,480 bytes libres

297 --- E O F --- 2008-09-11 16:17:24



Te lo agradezco mucho!!! Muchas gracias, de verdad!!!

PD: La carpeta QooBox que ha creado en el disco duro se puede eliminar sin más problemas?

Hola,

Para terminar solo te quedaría desinstalar CF de la siguiente manera:

• Ir a Inicio > Ejecutar
• Escribir lo siguiente: ComboFix /u como muestra la imagen debajo:
  
  
  • 
• Esto activara el desinstalador de ComboFix abriendo su pantalla principal y luego de unos segundos veras ("ComboFix is uninstalled")

Salu2

Hola!

Hice lo que me contaste, pero me aparece el siguiente mensaje:



A pesar de que no borré ningún archivo ni nada aún.

(Me voy a subscribir ahora mismo )

Saludos!!

Hola, podes probar poniendo de la siguiente manera:

C:\Users\owner\Desktop\ComboFix /u

o borrando sus archivos y carpetas manualmente.

Salu2

Hola!!

Gracias ElPiedra, ya se desinstaló. Muchas gracias por todo el seguimiento

Ya podemos dar el tema como "totalmente" solucionado .


Gracias!!