Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Buenos días, soy nuevo aquí y necesito de su ayuda lo más pronto posible por favor
Es que en el día de ayer prendí mi PC y comenzaron a salir un montón de advertencias del antivirus avast donde me decían que había encontrado rastros de rootkit, y salieron muchas advertencias así, hasta que me pidió que lo escaneara reiniciándolo, y lo escaneo y todo, pero cuando prendí el PC de nuevo me apareció un mensaje al abrir el disco c que dice “la aplicación c no se puede ejecutar en modo win 32”, y luego busqué una respuesta a esto y vi unos pasos de instalar SUPERAntiespyeware, Spywareblaster, malwarebites y ccleaner y usarlos en modo a prueba de fallos, lo hice y me detecto 15 virus o spyware, no sé como sea, no se mucho de esto, y volví a prender el PC en modo normal y lo escanee con avast y ewido y éste ultimo me detecto otro , y fui a mirar si se había quitado el mensaje ese, y sigue igual que no puede ejecutar en modo win 32, y hoy lo volví a prender y me apareció en el firefox otra página de inicio diferente a la predeterminada y no sé qué hacer, y el internet está más lento no se lo noto raro, por favor ayúdenme que no se qué hacer
Les agradezco sus respuestas. Y adjunto el reporte de avast de AYER Y HOY en mi PC

27/04/2009 09:40:40 p.m. Martinez 276 Function setifaceUpdatePackages() has failed. Return code is 0x000004C7, dwRes is 000004C7.
27/04/2009 10:11:25 p.m. SYSTEM 1196 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
27/04/2009 10:11:25 p.m. SYSTEM 1196 An error has occured while attempting to update. Please check the logs.
28/04/2009 11:00:31 p.m. Martinez 1924 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RESTORE\k-1-3542-4232123213-7676767-8888886\Ogard.exe" file.
28/04/2009 11:04:39 p.m. Martinez 1924 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\Shell32.dll.exe" file.
28/04/2009 11:04:45 p.m. Martinez 1924 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RECYCLER\k-1-3542-4232123213-7676767-8888886\root.exe" file.
28/04/2009 11:04:48 p.m. Martinez 1924 Sign of "Win32:Kavos [Trj]" has been found in "G:\cv22.cmd" file.
29/04/2009 02:30:53 p.m. SYSTEM 1368 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\WINDOWS\SoftwareDistribution\Download\4daf18999 07335b8e17abf6850244350\BIT1D.tmp (C:\WINDOWS\SoftwareDistribution\Download\4daf1899 907335b8e17abf6850244350\BIT1D.tmp) returning error, 00000026.
29/04/2009 06:33:11 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RESTORE.exe" file.
29/04/2009 06:36:17 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\SYSTEM.exe" file.
29/04/2009 06:36:18 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\Carrera.exe" file.
29/04/2009 06:36:18 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RECYCLER\H-6-1-53-0976546321-090909032-8763-1337\BLaCK.exe" file.
29/04/2009 06:36:18 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RECYCLER.exe" file.
29/04/2009 06:36:18 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\Shell32.dll.exe" file.
29/04/2009 06:36:19 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\driver.exe" file.
29/04/2009 06:36:19 p.m. Martinez 2156 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\Recycled.exe" file.
29/04/2009 06:36:19 p.m. Martinez 2156 Sign of "Win32:Kavos [Trj]" has been found in "G:\tvlx2fg.exe" file.
30/04/2009 05:49:31 p.m. SYSTEM 1364 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: E:\especies menores conejos de cortaza\FOTOS D\DSCN3623.JPG (E:\especies menores conejos de cortaza\FOTOS D\DSCN3623.JPG) returning error, 0000A420.
01/05/2009 03:08:17 p.m. SYSTEM 1392 Function setifaceUpdatePackages() has failed. Return code is 0xC0000142, dwRes is C0000142.
02/05/2009 04:26:41 p.m. Martinez 2960 Sign of "Win32:Kavos [Trj]" has been found in "G:\ttlk9gl3.cmd" file.
02/05/2009 04:26:47 p.m. Martinez 2960 Sign of "Win32:VB-IZF [Trj]" has been found in "G:\Videos.exe" file.
04/05/2009 01:20:24 p.m. Martinez 2112 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013\wmplayers.exe" file.
04/05/2009 01:23:30 p.m. Martinez 2112 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RECYCLER\k-1-3542-4232123213-7676767-8888886\root.exe" file.
09/05/2009 08:24:08 p.m. SYSTEM 1444 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://www.iconocast.com/images/cleardot.gif" file.
09/05/2009 08:24:08 p.m. SYSTEM 1444 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://www.iconocast.com/B000000000000087_ES/F7/images/envelope.gif" file.
09/05/2009 08:50:33 p.m. SYSTEM 1444 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://www.iconocast.com/images/cleardot.gif" file.
09/05/2009 08:50:33 p.m. SYSTEM 1444 Sign of "HTML:IFrame-EE [Trj]" has been found in "http://www.iconocast.com/B000000000000087_ES/F7/images/envelope.gif" file.
11/05/2009 05:34:02 p.m. Martinez 4000 Sign of "Win32:Trojan-gen {Other}" has been found in "G:\RECYCLER\k-1-3542-4232123213-7676767-8888886\root.exe" file.
12/05/2009 10:31:11 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:31:19 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:31:47 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:31:48 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:32:14 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:32:42 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:33:13 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:33:17 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:33:46 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:33:54 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:34:23 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:34:27 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:34:54 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:34:57 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:35:26 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:35:31 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:35:59 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:36:02 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:36:30 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:36:51 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:37:19 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:37:23 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:37:50 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:37:53 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:38:21 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:38:24 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:38:51 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:38:54 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:39:21 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:39:24 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:39:53 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:39:56 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:40:24 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:40:28 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:40:55 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:40:58 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:41:26 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:41:29 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:41:56 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:41:59 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:42:19 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:22 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:25 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:28 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:42:30 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:36 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:42:36 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:40 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:43 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:47 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:50 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:53 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:56 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:42:59 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:43:05 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\kek1i20.exe" file.
12/05/2009 10:43:07 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:43:11 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "D:\kek1i20.exe" file.
12/05/2009 10:43:28 a.m. SYSTEM 1392 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\uweyiwe0.dll" file.
12/05/2009 10:45:35 a.m. SYSTEM 1552 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "C:\WINDOWS\system32\kva8wr.exe" file.
12/05/2009 10:53:43 a.m. Martinez 3476 Sign of "Win32:Rootkit-gen [Rtk]" has been found in "d:\kek1i20.exe" file.

Hola Luisems

Por favor, sigue estos pasos:

(de ser posible, IMPRIME ESTA HOJA)

Descarga lo siguiente:

º Fs-FixBagle.zip. Esta al final de este post publicado por ANGEL DOZE. Eliminar virus Win32.Bagle


º MALWAREBYTE´S. Lo instalas y actualizas según su manual, PERO NO LO EJECUTES AUN


Deshabilita RESTAURAR SISTEMA (SYSTEM RESTORE) MIRA AQUI

Inicia EN MODO A PRUEBA DE ERRORES MIRA AQUI

Ejecuta MALWAREBYTE´S. Seleccionas hacer un "escaneo completo". Una vez finalizado, si te detecta algo eliges " quitar lo seleccionado ". Si te pide reiniciar, lo haces y después te vas a la pestaña de "registros" para copiar y pegar el reporte generado en este tema.


Ejecuta FS - FIXBAGLE

1. Desactiva temporalmente el Antivirus y/o Antispyware.
2. Descomprime FS-FixBagle.zip en el Escritorio.
3. Abre la Carpeta FS-Fix
4. Ejecute FS-FixBagle.exe
5. Eliga la opción "1", para iniciar la busqueda del Bagle
6. Al termino del Analisis, FS-FixBagle, preguntara si desea reiniciar el ordenador. Acepta,
7. Se genera un reporte, quel se encuentra generalmente en C:\BagleReport.txt.
8. *Nota* Si FS-FixBagle, encuentra el Driver/Rootkit, srosa.sys, sera necesario reiniciar el odenador, por lo que debe permitir que FS-FixBagle, reinicie el ordenador.

Reinicia en modo normal

Realiza un scan online con KASPERSKY ONLINE SCANER
Si utilizas FIREFOX, debes agregar la extensión IE Tab , que permite Integrar Internet Explorer en pestañas de Mozilla/Firefox.

En tu próxima respuesta, pones el reporte generado por FIX BAGLE, MALWAREBYTE`S y KASPERSKY ONLINE....


SALUDOS

Hey hice todo lo que me recomendo y creo que se soluciona ya todo, muchas gracias en realidad es un maestro, gracias.

Bueno...me hubiese gustado que pusieras los reportes de los programas que te indique. Pero vale igual...

Bueno, me alegro que soluciones tu problema . Por cualquier otro problema, no dudes en volver a postear.

Te dejo saludos y MUCHA SUERTE

TEMA SOLUCIONADO


PD: si deseas REABRIR ESTE TEMA, presiona y un MODERADOR atenderà la consulta...