Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

El antivirus Norton Internet Security y el programa Ccleaner no se cargan al iniciar y tampoco me deja ejecutarlos.

He usado varias herramientas para intentar solucionarlo como: Antimalware y Combofix, y tengo los logs que me han reportado.

Que hago?

Hola candialmo1979 por favor pega el reporte que te genero el Malwarebyte,s , el del comofox NO lo pongas aqui por favor , solamente el que te e mencionado , tambien realizate lo siguiente


pasa Kaspersky Online Scanner(

Pegas su reporte que genere aqui mismo )






Saludos

Malwarebytes' Anti-Malware 1.38
Versión de la Base de Datos: 2304
Windows 5.1.2600 Service Pack 3

18/06/2009 17:22:24
mbam-log-2009-06-18 (17-22-24).txt

Tipo de examen : Examen Completo (C:\|)
Objetos examinados: 179024
Tiempo transcurrido: 48 minute(s), 40 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 6
Valores del Registro Infectados: 3
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 3
Ficheros Infectados: 58

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\s k9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\s k9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\sk9ou0s (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\111111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\1 11111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\1 11111s1ro1s1a (Rootkit.Bagle) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\german.exe (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\drvsyskit (Rootkit.Bagle) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\mule_st_key (Rootkit.Bagle) -> Delete on reboot.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
C:\WINDOWS\system32\drivers\down (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\Datos de programa\m (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\CANDI\Datos de programa\drivers\downld (Worm.Bagle) -> Quarantined and deleted successfully.

Ficheros Infectados:
c:\documents and settings\CANDI\datos de programa\drivers\11s11ro1s1a2.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2e9b387f-3ca4-4f09-ac27-649fe180fb57}\RP263\A0034162.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2e9b387f-3ca4-4f09-ac27-649fe180fb57}\RP264\A0034197.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\system volume information\_restore{2e9b387f-3ca4-4f09-ac27-649fe180fb57}\RP264\A0035219.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\drivers\down\272511.exe (Trojan.Packed) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\drivers\down\257139.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\116317.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\136075.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\141884.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\143536.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\144688.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\147341.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\148403.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\190133.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\192456.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\246804.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\248156.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\248867.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\257159.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\258121.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\259022.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\259873.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\261135.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\261516.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\266383.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\267644.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\271260.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\294193.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\300391.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\301173.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\301333.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\317746.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\319679.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\390561.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\392554.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\393365.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\397151.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\398933.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\399013.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\405463.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\407746.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\408917.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\414115.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\425421.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\447944.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\453612.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\454513.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\454854.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\77932.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\datos de programa\drivers\downld\95887.exe (Worm.Bagle) -> Quarantined and deleted successfully.
c:\documents and settings\CANDI\Datos de programa\drivers\winupgro.exe (Trojan.Agent) -> Delete on reboot.
C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Delete on reboot.
c:\documents and settings\CANDI\Datos de programa\m\flec006.exe (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\CANDI\Datos de programa\drivers\111wfs1intwq.sys (Rootkit.Bagle) -> Quarantined and deleted successfully.

Hola , Gracias por el reporte del Malwarebyte,s , puedo obcervar que el causante de que no pueda ejecutar ningun programa es acausa del Bagle , este gusano es el causante de esa clase de problemas , por favor pega el reporte de kaspersky y asi poder basarnos desde alli , asi podremos saber si el Malwarebytes no a eliminado todos los archivos infectados , saludos

Hola candialmo1979,

Mi nombre es Daniel y trabajo en un equipo de soporte externo para Symantec.

Te sugiero que te pongas en contacto con el servicio de asistencia técnica de Norton en http://www.symantec.com/es/es/norton/support/productdetail/contact_ts.jsp?pvid=nis_2009

Saludos, Daniel
Norton Forum Assist Team