Virus/Antivirus - carpetas dañadas (.exe)

   
Vista:

carpetas dañadas (.exe)

Publicado por chente (1 intervención) el 20/03/2010 01:20:48
entro un virus a mi maquina y me puso mis carpetas con .exe corri el kaspersky aparentemente vacuno la maquina pero me borro las carpetas hay alguna forma de recuperar la informacion de esas carpetas.
de antemano gracias
Valora esta pregunta
Me gusta: Está pregunta es útil y esta claraNo me gusta: Está pregunta no esta clara o no es útil
0
Responder

RE:carpetas dañadas (.exe)

Publicado por ivan (1 intervención) el 20/03/2010 09:37:48
Hola:

Prueba a pasar el recovery

http://www.taringa.net/posts/ebooks-tutoriales/3410095/Recuperar-archivos-borrados-de-un-pen-driver-o-Equot;pinc.html

Pero ten cuidado que si estan infectados te lo recuperara infectado.

Un saludo
Valora esta respuesta
Me gusta: Está respuesta es útil y esta claraNo me gusta: Está respuesta no esta clara o no es útil
0
Comentar

carpetas dañadas (.exe)

Publicado por RIF (19 intervenciones) el 31/03/2011 01:19:18
Hay dos cosas restaurar es facil modificas las ramas del registro, solo es restaurarla luego sacar el proceso de la memoria:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Directory]
"AlwaysShowExt"=""
@="File Folder"
"EditFlags"=hex:d2,01,00,00
"FriendlyTypeName"="@shell32.dll,-10152"
"FullDetails"="prop:System.PropGroup.Description;System.DateCreated;System.FileCount;System.TotalFileSize"
"InfoTip"="propocComments"
"NoRecentDocs"=""
"PreviewDetails"="prop:System.DateModified;*System.SharedWith;*System.OfflineAvailability;*System.OfflineStatus"
"PreviewTitle"="prop:System.ItemNameDisplay;System.ItemTypeText"

[HKEY_CLASSES_ROOT\Directory\Background]

[HKEY_CLASSES_ROOT\Directory\Background\shell]

[HKEY_CLASSES_ROOT\Directory\Background\shell\cmd]
@="@shell32.dll,-8506"
"Extended"=""
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\Directory\Background\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_CLASSES_ROOT\Directory\Background\shellex]

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers]

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\Gadgets]
@="{6B9228DA-9C15-419e-856C-19E768A13BDC}"

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\New]
@="{D969A300-E7FF-11d0-A93B-00A0C90F2719}"

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\NvCplDesktopContext]
@="{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}"

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\Sharing]
@="{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"

[HKEY_CLASSES_ROOT\Directory\Background\shellex\ContextMenuHandlers\{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}]
@="{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}"

[HKEY_CLASSES_ROOT\Directory\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,33,00,00,00

[HKEY_CLASSES_ROOT\Directory\shell]
@="Open"

[HKEY_CLASSES_ROOT\Directory\shell\cmd]
@="@shell32.dll,-8506"
"Extended"=""
"NoWorkingDirectory"=""

[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]
@="cmd.exe /s /k pushd \"%V\""

[HKEY_CLASSES_ROOT\Directory\shell\Explore]

[HKEY_CLASSES_ROOT\Directory\shell\Explore\command]
@="%SystemRoot%\\Explorer.exe /e,/root,\"%1"

[HKEY_CLASSES_ROOT\Directory\shell\Explore\ddeexec]
@="[ExploreFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\Directory\shell\Explore\ddeexec\application]
@="Folders"

[HKEY_CLASSES_ROOT\Directory\shell\Explore\ddeexec\topic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Directory\shell\find]
"LegacyDisable"=""
"SuppressionPolicy"=dword:00000080

[HKEY_CLASSES_ROOT\Directory\shell\find\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
65,00,00,00
"DelegateExecute"="{a015411a-f97d-4ef3-8425-8a38d022aebc}"

[HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec]
@="[FindFolder(\"%l\", %I)]"
"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec\application]
@="Folders"

[HKEY_CLASSES_ROOT\Directory\shell\find\ddeexec\topic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Directory\shell\OneNote.Open]
@="Open as Notebook in OneNote"

[HKEY_CLASSES_ROOT\Directory\shell\OneNote.Open\Command]
@="C:\\PROGRA~2\\MIF5BA~1\\Office12\\ONENOTE.EXE \"%L\""

[HKEY_CLASSES_ROOT\Directory\shell\Open]
"BrowserFlags"=dword:00000010
"ExplorerFlags"=dword:00000012

[HKEY_CLASSES_ROOT\Directory\shell\Open\command]
@="%SystemRoot%\\Explorer.exe /idlist"

[HKEY_CLASSES_ROOT\Directory\shell\Open\ddeexec]
@="[ViewFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\Directory\shell\Open\ddeexec\application]
@="Folders"

[HKEY_CLASSES_ROOT\Directory\shell\Open\ddeexec\topic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Directory\shell\Openddeexec]

[HKEY_CLASSES_ROOT\Directory\shell\Openddeexec\ifexec]
@="[]"

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Bookmark]
@="Add to Winamp's &Bookmark list"

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Bookmark\ command]
@="\"C:\\Program Files\\Winamp\\Winamp.exe\" /BOOKMARK \"%1\""

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Enqueue]
@="&Enqueue in Winamp"

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Enqueue\c ommand]
@="\"C:\\Program Files\\Winamp\\Winamp.exe\" /ADD \"%1\""

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Play]
@="&Play in Winamp"

[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Play\comm and]
@="\"C:\\Program Files\\Winamp\\Winamp.exe\" \"%1\""

[HKEY_CLASSES_ROOT\Directory\shellex]

[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers]

[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\EncryptionMenu]
@="{A470F8CF-A1E8-4f65-8335-227475AA5C46}"

[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\MSSE]
@="{0365FE2C-F183-4091-AC82-BFC39FB75C49}"

[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\Sharing]
@="{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"

[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}]

[HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers]

[HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem]
@="{217FC9C0-3AEA-1069-A2DB-08002B30309D}"

[HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing]
@="{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"

[HKEY_CLASSES_ROOT\Directory\shellex\DragDropHandlers]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\Sharing]
@="{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\{1f2e5c40-9550-11ce-99d2-00aa006e086c}]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\{4a7ded0a-ad25-11d0-98a8-0800361b1103}]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\{596AB062-B4D2-4215-9F74-E9109B0A8153}]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}]

[HKEY_CLASSES_ROOT\Directory\shellex\PropertySheetHandlers\{ef43ecfe-2ab9-4632-bf21-58909dd177f0}]
@=""

Folder:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Folder]
@="Folder"
"EditFlags"=hex:d2,03,00,00
"TileInfo"="prop:Size"
"ContentViewModeLayoutPatternForBrowse"="delta"
"ContentViewModeForBrowse"="prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified"
"ContentViewModeLayoutPatternForSearch"="alpha"
"ContentViewModeForSearch"="prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay"
"FullDetails"="prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size"
"NoRecentDocs"=""
"ThumbnailCutoff"=dword:00000000

[HKEY_CLASSES_ROOT\Folder\DefaultIcon]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,00,68,00,\
65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,33,00,00,00

[HKEY_CLASSES_ROOT\Folder\shell]
@="open"

[HKEY_CLASSES_ROOT\Folder\shell\explore]
"BrowserFlags"=dword:00000022
"ExplorerFlags"=dword:00000021
"MultiSelectModel"="Document"
"ProgrammaticAccessOnly"=""
"LaunchExplorerFlags"=dword:00000018

[HKEY_CLASSES_ROOT\Folder\shell\explore\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
65,00,20,00,2f,00,65,00,2c,00,2f,00,69,00,64,00,6c,00,69,00,73,00,74,00,2c,\
00,25,00,49,00,2c,00,25,00,4c,00,00,00
"DelegateExecute"="{11dbb47c-a525-400b-9e80-a54615a090c0}"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec]
@="[ExploreFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\app lication]
@="Folders"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\application]
@="Folders"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\ife xec]
@="[]"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\ifexec]
@="[]"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\top ic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Folder\shell\explore\ddeexec\topic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Folder\shell\open]
"BrowserFlags"=dword:00000010
"ExplorerFlags"=dword:00000012

[HKEY_CLASSES_ROOT\Folder\shell\open\command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,45,00,78,00,70,00,6c,00,6f,00,72,00,65,00,72,00,2e,00,65,00,78,00,\
65,00,20,00,2f,00,69,00,64,00,6c,00,69,00,73,00,74,00,2c,00,25,00,49,00,2c,\
00,25,00,4c,00,00,00

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec]
@="[ViewFolder(\"%l\", %I, %S)]"
"NoActivateHandler"=""

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\applic ation]
@="Folders"

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\application]
@="Folders"

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\ifexec]
@="[]"

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\ifexec ]
@="[]"

[HKEY_CLASSES_ROOT\Folder\shell\open\ddeexec\topic]
@="AppProperties"

[HKEY_CLASSES_ROOT\Folder\shell\opennewprocess]
"MUIVerb"="@shell32.dll,-8518"
"MultiSelectModel"="Document"
"Extended"=""
"LaunchExplorerFlags"=dword:00000003
"ExplorerHost"="{ceff45ee-c862-41de-aee2-a022c81eda92}"

[HKEY_CLASSES_ROOT\Folder\shell\opennewprocess\command]
"DelegateExecute"="{11dbb47c-a525-400b-9e80-a54615a090c0}"

[HKEY_CLASSES_ROOT\Folder\shell\opennewwindow]
"MUIVerb"="@shell32.dll,-8517"
"MultiSelectModel"="Document"
"OnlyInBrowserWindow"=""
"LaunchExplorerFlags"=dword:00000001

[HKEY_CLASSES_ROOT\Folder\shell\opennewwindow\command]
"DelegateExecute"="{11dbb47c-a525-400b-9e80-a54615a090c0}"

[HKEY_CLASSES_ROOT\Folder\shellex]

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers]

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{0 D2E74C4-3C34-11d2-A27E-00C04FC30871}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{2 4F14F01-7B1C-11d1-838f-0000F80461CF}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{2 4F14F02-7B1C-11d1-838f-0000F80461CF}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{6 6742402-F9B9-11D1-A202-0000F81FEDEE}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\ColumnHandlers\{F 9DB5320-233E-11D1-9F84-707F02C10627}]
@="PDF Column Info"

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandle rs]

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandle rs\VirusScan]
@="{cda2863e-2497-4c49-9b89-06840e070a87}"

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers]

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\BriefcaseMenu]
@="{85BBD920-42A0-1069-A2E4-08002B30309D}"

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\Library Location]
@="{3dad6c5d-2167-4cae-9914-f99e41c12cfa}"

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\VirusScan]
@="{cda2863e-2497-4c49-9b89-06840e070a87}"

[HKEY_CLASSES_ROOT\Folder\shellex\ContextMenuHandlers\{C539A15A-3AF9-4c92-B771-50CB78F5C751}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\DragDropHandlers]

[HKEY_CLASSES_ROOT\Folder\shellex\DragDropHandlers\ {BD472F60-27FA-11cf-B8B4-444553540000}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\DragDropHandlers\{BD472F60-27FA-11cf-B8B4-444553540000}]
@=""

[HKEY_CLASSES_ROOT\Folder\shellex\PropertySheetHand lers]

[HKEY_CLASSES_ROOT\Folder\shellex\PropertySheetHandlers]

[HKEY_CLASSES_ROOT\Folder\shellex\PropertySheetHandlers\BriefcasePage]
@="{85BBD920-42A0-1069-A2E4-08002B30309D}"

[HKEY_CLASSES_ROOT\Folder\ShellNew]
"Directory"=""
"IconPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,68,00,65,00,6c,00,6c,00,33,00,32,00,2e,00,64,00,6c,00,6c,00,2c,00,33,00,\
00,00
"ItemName"="@shell32.dll,-30396"
"MenuText"="@shell32.dll,-30317"
"NonLFNFileSpec"="@shell32.dll,-30319"

[HKEY_CLASSES_ROOT\Folder\ShellNew\Config]
"AllDrives"=""
"IsFolder"=""
"NoExtension"=""
Valora esta respuesta
Me gusta: Está respuesta es útil y esta claraNo me gusta: Está respuesta no esta clara o no es útil
0
Comentar

RE:carpetas dañadas (.exe)

Publicado por juan carlos (40 intervenciones) el 18/04/2010 21:59:40
verifica que eran de verdad las carpetas o un archivo con icono de las carpetas, verifica que las carpetas no esten ocultas

o si deseas usa restaurar sistema pero recuerda desde donde comenzo la infeccion
Valora esta respuesta
Me gusta: Está respuesta es útil y esta claraNo me gusta: Está respuesta no esta clara o no es útil
0
Comentar