Virus que no me permite ejecutar nada

[milledj]

Hola a todos,



Tengo un problema y es que llevo varios días con un virus que me está tocando un poco las narices..



No me permite ejecutar nada, ni instalar nada, ni entrar en modo seguro. Me ha desactivado el antivirus (clamwin) y me tiene cansao jaja (normal). He intentado ejecutar antivirus portable y demás pero nada... a ratos me va un poco a tirones y la verdad que el formateo es mi última opción.



¿Me podríais echar una mano por favor?

[msc hotline sat]

Pues si sabe que es por un virus, pero no puede trabajar de ninguna manera con el ordenador, puede colocar el disco duro como esclavo de otro y desde el Master lanzar un testeo antivirus al esclavo, o si dispone de un LIVECD, arrancar con él y proceder de similar modo.



Cuando sepa el virus que tiene, si no puede eliminarlo de dicha manera, comentenoslo y trataremos de ayudarle



saludos



ms, 9-9-2009

[milledj]

Creo que es un virus, pero no estoy seguro.. por lo que he leido por ahí, tiene toda la pinta de serlo

[msc hotline sat]

Pues venga, proceda como le hemos dicho y nos informa cuando haya pasado algun antivirus del MASTER sobre el esclavo, y podremos ayudarle con mas conocimiento de causa



saludos



ms, 9-9-2009

[milledj]

Ya lo he hecho y os paso el reporte de clamwin. El problema sigue estando, no me deja ejecutar nada.







Scan Started Wed Sep 09 22:05:59 2009



-------------------------------------------------------------------------------







E:\Documents and Settings\All Users\Datos de programa\Microsoft\Dr Watson\user.dmp: Permission denied



E:\Documents and Settings\Isaac\Configuración local\Temp\Official-eMule_setup.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\Official-eMule_setup.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\11s11ro1s1a2.sys: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\11s11ro1s1a2.sys.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\120143500.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\120143500.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\149966406.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\149966406.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15524578.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\15524578.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15525734.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\15525734.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15527859.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\15527859.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528390.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\15528390.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528718.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\15528718.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179710187.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\179710187.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179711531.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\179711531.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\209403656.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\209403656.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224306640.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\224306640.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224307812.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\224307812.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30410234.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\30410234.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30429906.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\30429906.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42519421.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\42519421.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520656.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\42520656.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520906.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\42520906.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45088531.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\45088531.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45358734.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\45358734.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45359781.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\45359781.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45390734.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\45390734.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45391953.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\45391953.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\530031.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\530031.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531250.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\531250.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531593.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\531593.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\549593.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\549593.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\550921.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\550921.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\551140.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\551140.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\579421.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\579421.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\580906.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\580906.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\583171.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\583171.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60270843.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\60270843.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60271421.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\60271421.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\629750.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\629750.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\630968.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\630968.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\696218.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\696218.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\697390.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\697390.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74834593.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\74834593.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74835078.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\74835078.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\75187937.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\75187937.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90404812.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\90404812.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406046.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\90406046.exe.infected'



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406375.exe: moved to 'C:\Documents and Settings\All Users\.clamwin\quarantine\90406375.exe.infected'







E:\Documents and Settings\Isaac\Configuración local\Temp\Official-eMule_setup.exe: Trojan.Downloader-72726 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\11s11ro1s1a2.sys: Trojan.Agent-66914 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\120143500.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\149966406.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15524578.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15525734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15527859.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528390.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528718.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179710187.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179711531.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\209403656.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224306640.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224307812.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30410234.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30429906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42519421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520656.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45088531.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45358734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45359781.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45390734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45391953.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\530031.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531250.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\549593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\550921.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\551140.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\579421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\580906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\583171.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60270843.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60271421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\629750.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\630968.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\696218.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\697390.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74834593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74835078.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\75187937.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90404812.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406046.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406375.exe: HTML.Iframe-32 FOUND



----------- SCAN SUMMARY -----------



Known viruses: 621910



Engine version: 0.95.2



Scanned directories: 5456



Scanned files: 68883



Infected files: 45







Data scanned: 45576.88 MB



Data read: 136532.21 MB (ratio 0.33:1)



Time: 7139.390 sec (118 m 59 s)



--------------------------------------



Completed



--------------------------------------

[msc hotline sat]

Así que usa Emule... es probable que por ahí haya entrado cualquier cosa !



Pues parece que ha aparcado muchos ficheros infectados, moviendolos a cuarentena, pero otros los ha detectado y no indica haber hecho nada:


[quote]E:\Documents and Settings\Isaac\Configuración local\Temp\Official-eMule_setup.exe: Trojan.Downloader-72726 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\11s11ro1s1a2.sys: Trojan.Agent-66914 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\120143500.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\149966406.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15524578.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15525734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15527859.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528390.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\15528718.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179710187.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\179711531.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\209403656.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224306640.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\224307812.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30410234.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\30429906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42519421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520656.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\42520906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45088531.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45358734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45359781.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45390734.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\45391953.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\530031.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531250.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\531593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\549593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\550921.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\551140.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\579421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\580906.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\583171.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60270843.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\60271421.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\629750.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\630968.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\696218.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\697390.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74834593.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\74835078.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\75187937.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90404812.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406046.exe: HTML.Iframe-32 FOUND



E:\Documents and Settings\Isaac\Datos de programa\drivers\downld\90406375.exe: HTML.Iframe-32 FOUND[/quote]





Pues por los nombres, pruebe estas tres utilidades sleeccionando EXPLORAR la unidad E:

ELIBAGLA, ELISTARA, ELIFRAME





[b] ELISTARA: [/b]

http://www.zonavirus.com/descargas/elistara.asp





[b] ELIBAGLA: [/b]

http://www.zonavirus.com/descargas/elibagla.asp





[b] ELIFRAME: [/b]

http://www.zonavirus.com/datos/descargas/276/eliframeexe.asp





Tras probarlos, reiniciar y postearnos el contenido de C:\infosat.txt para ver el resultado del proceso



SALUDOS



MS, 10-9-2009