Foro de InfoSpyware - Foro de Hijackthis - Foro de Virus

Una cosa mas...... en el reporte notaras que dice >>>>no action taken<<<<< y es que copie y pegue el reporte antes de eliminar todo lo que aparecio.......(solo en caso de que notes ese detalle....) gracias .....

Hola

Realiza un con Panda Active Scan2 como lo indica su Manual


Me traes el reporte.

Hola a todos; aqui estan los reportes de Malwarebytes y Panda, los ultimos que he hecho.........

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

10/31/2009 9:18:20 AM
mbam-log-2009-10-31 (09-18-20).txt

Scan type: Full Scan (C:\|K:\|)
Objects scanned: 202789
Time elapsed: 1 hour(s), 1 minute(s), 25 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 7
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 8

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateN ew (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_USERS\S-1-5-19\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=222&q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\URL (Hijack.SearchPage) -> Bad: (http://search-gala.com/?&uid=222&q={searchTerms}) Good: (http://www.Google.com/) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

*************************************

Panda Antivirus Pro 2010 incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: All
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 10/31/2009 12:19... Scan: Scanning the whole system
Virus detected: Trj/Downloader.MDW On-demand antivirus scan 10/31/2009 12:14... Notified Path: K:\AZUREUS DNLWS\After Effects Plugins\StageTools Moving Picture v5.06.rar[StageTools Moving Picture v5.06\stagetools.v5.x.multikeygen.exe]
Suspicious file Protection against unknown... 10/31/2009 12:10... Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow862982[d.bin]

Hola

Sigue la ruta y elimina---> K:\AZUREUS DNLWS\After Effects Plugins\StageTools Moving Picture v5.06.rar

Coméntame como esta tu sistema

Hola,......he seguido los pasos que me has indicado, siendo el ultimo la remocion de "K:\AZUREUS DNLWS\After Effects Plugins\StageTools Moving Picture v5.06.rar
" ,...... sigo sin entrar a la pagina de Foro de Spyware.....y "task Manager" tampoco aparece....... Aqui estan los recientes reportes (Panda y Malwarebytes)...Espero instrucciones.....gracias .

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

11/2/2009 5:51:52 PM
mbam-log-2009-11-02 (17-51-52).txt

Scan type: Full Scan (C:\|K:\|)
Objects scanned: 203039
Time elapsed: 40 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateN ew (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

---------------------------------------PANDA REPORT----------------------------------------

Panda Antivirus Pro 2010 incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: After or on 10/30/2009
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Suspicious operation: Protection against unknown... 11/3/2009 2:12:32 PM Blocked Program: C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
Suspicious operation: Protection against unknown... 11/3/2009 2:12:25 PM Blocked Program: C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
Suspicious operation: Protection against unknown... 11/3/2009 2:12:16 PM Blocked Program: C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
Suspicious operation: Protection against unknown... 11/3/2009 2:11:48 PM Blocked Program: C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE
Scan complete On-demand antivirus scan 11/3/2009 1:22:11 PM Scan: Scanning the whole system
Virus detected: Trj/Downloader.MDW On-demand antivirus scan 11/3/2009 1:22:10 PM Notified Path: K:\RECYCLER\S-1-5-21-2496068489-3245724097-1975570007-1006\Dk1.rar[StageTools Moving Picture v5.06\stagetools.v5.x.multikeygen.exe]
Scan started On-demand antivirus scan 11/3/2009 10:44:... Scan: Scanning the whole system
Scan complete On-demand antivirus scan 11/2/2009 11:05:... Scan: Scanning the whole system
Scan started On-demand antivirus scan 11/2/2009 9:26:35 PM Scan: Scanning the whole system
Scan complete On-demand antivirus scan 11/2/2009 8:51:13 PM Scan: Scanning the whole system
Virus detected: Trj/Downloader.MDW On-demand antivirus scan 11/2/2009 8:51:13 PM Notified Path: K:\RECYCLER\S-1-5-21-2496068489-3245724097-1975570007-1006\Dk1.rar[StageTools Moving Picture v5.06\stagetools.v5.x.multikeygen.exe]
Scan started On-demand antivirus scan 11/2/2009 6:02:22 PM Scan: Scanning the whole system
Suspicious file Protection against unknown... 11/2/2009 5:53:35 PM Deleted File: http://173.45.106.170/p1024/2.0/d.bin?unknow94965[d.bin]
Scan complete On-demand antivirus scan 11/2/2009 221 PM Scan: Scanning the whole system
Virus detected: Trj/Downloader.MDW On-demand antivirus scan 11/2/2009 220 PM Notified Path: K:\RECYCLER\S-1-5-21-2496068489-3245724097-1975570007-1006\Dk1.rar[StageTools Moving Picture v5.06\stagetools.v5.x.multikeygen.exe]
Suspicious file On-demand antivirus scan 11/2/2009 2:02:39 PM Moved to quarantine File: C:\WINDOWS\system32\lsm32.sys
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/2/2009 11:18:... Deleted Path: C:\Documents and Settings\R2D2\Cookies\r2d2@atdmt[2].txt
Suspicious file Protection against unknown... 11/2/2009 11:12:... Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow612311[d.bin]
Scan started On-demand antivirus scan 11/2/2009 11:11:... Scan: Scanning the whole system
Suspicious file Protection against unknown... 10/31/2009 12:02... Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow486913[d.bin]
Scan complete On-demand antivirus scan 10/31/2009 12:19... Scan: Scanning the whole system
Virus detected: Trj/Downloader.MDW On-demand antivirus scan 10/31/2009 12:14... Notified Path: K:\AZUREUS DNLWS\After Effects Plugins\StageTools Moving Picture v5.06.rar[StageTools Moving Picture v5.06\stagetools.v5.x.multikeygen.exe]
Suspicious file Protection against unknown... 10/31/2009 12:10... Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow862982[d.bin]
Scan started On-demand antivirus scan 10/30/2009 9:28:... Scan: Scanning the whole system
Suspicious file Protection against unknown... 10/30/2009 9:25:... Deleted File: http://204.27.57.154/p1022/2.0/d.bin?unknow400816[d.bin]

Hola

No actualizaste Malware byte antes de ejecutarlo
Lo que muestra panda fue eliminado o enviado a cuarentena.


Veamos si con la siguiente herramienta solucionamos esto , la descargas , vas a las siguientes funciones y las aplicas, si te pide reiniciar lo haces:

RegUnlocker | InfoSpyware

Restricciones
o Elimina las restricciones del Sistema

* Internet
o Restaura el archivo hosts de Windows por defecto


Me comentas como va todo.

Hola..... saludos a todos. Bueno, esto es lo que ha sucedido hasta ahora.....
Por alguna razon no puedo actualizar el "Malwarebyte" cuando trato de conectarme con Malwarebytes.org aparece una ventana diciendome reportar ese error code 732(0.0) al grupo de apoyo......Igualmente tengo problemas para registrar con Panda......y tambien al correr Regunlocker me dice que cheque por malwares en mi sistema....... El "task manager" ya aparece....pero las paginas de internet relacionadas con Spyware no aparecen..... al igual que algunos programas que uso parecen estar bloqueados..... <<<<< estos son los ultimos reportes >>>>>>>>

Panda Antivirus Pro 2010 incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: After or on 11/5/2009
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 11/5/2009 9:24:52 PM Scan: Scanning the whole system
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/5/2009 7:03:00 PM Deleted Path: C:\Documents and Settings\R2D2\Cookies\r2d2@atdmt[2].txt
Scan started On-demand antivirus scan 11/5/2009 6:57:20 PM Scan: Scanning the whole system
Suspicious file Protection against unknown... 11/5/2009 5:00:29 PM Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow674886[d.bin]
Suspicious file Protection against unknown... 11/5/2009 4:25:01 PM Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknown187828[d.bin]
Suspicious file Protection against unknown... 11/5/2009 10:33:... Deleted File: http://204.27.57.154/p1022/2.0/d.bin?unknow858801[d.bin]
__________________________________________________ _______________


Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

11/5/2009 4:19:17 PM
mbam-log-2009-11-05 (16-19-08).txt

Scan type: Full Scan (C:\|)
Objects scanned: 194427
Time elapsed: 37 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateN ew (Malware.Trace) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> No action taken.

__________________________________________________ _____________

Como siempre , gracias por tu ayuda, y espero instrucciones.............

Hola

Acá las actualizaciones de Malware byte:
http://www.malwarebytes.org/mbam/dat...mbam-rules.exe


Y por favor realiza el scan on line con Panda el reporte que me traes no me sirve.


Saludos.

Saludos a todos ; He realizado un scan con mbam actualizado de acuerdo al link que me enviaste, tambien he hecho un scan con Panda AVpro pues por alguna razon no puedo hacerlo con panda scan on line. ambos reportes los incluyo esperando sean de utilidad......... por otro lado . ya puedo acceder a sitios relacionados con malware, spyware etc.y el task manager esta desbloqueado, pero aun algun tipo de infeccion aun esta en mi maquina pues algunos virus reaparecen nuevamente.... Espero instrucciones y gracias de antemano.......

************************************************** ****************

Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3

11/13/2009 640 PM
mbam-log-2009-11-13 (18-10-40).txt

Scan type: Full Scan (C:\|)
Objects scanned: 195338
Time elapsed: 37 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 7
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\BuildW (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\guid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\i (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\uid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Ulrn (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\Update (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WBEM\UpdateN ew (Malware.Trace) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\4.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\6.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\7.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\8.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\9.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\A.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\B.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

************************************************** ***************

Panda Antivirus Pro 2010 incident report
Filter selected:Virus detected, Suspicious file, Dangerous file, Script execution, Connection attempt, Port scan attack, Denial of service attack, Spoofing, Attacking IP address blocked, Enabled, Disabled, Update, Scan started, Scan complete, Date: After or on 11/5/2009
INCIDENT NOTIFIED BY DATE-TIME RESULT ADDITIONAL INFORMATION
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Scan complete On-demand antivirus scan 11/19/2009 11:25... Scan: Scanning the whole system
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 11:22... Deleted Path: C:\WINDOWS\Temp\txpxr_744156216788.b1k
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 11:14... Deleted Path: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\BPWVGXT9\svc[3].php
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 11:14... Deleted Path: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\BPWVGXT9\svc[2].php
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 11:13... Deleted Path: C:\WINDOWS\system32\Ipripex.dll
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 11:12... Deleted Path: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\U97FXO24\svc[2].php
Virus detected: Trj/Refpron.D On-demand antivirus scan 11/19/2009 11:12... Deleted Path: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\KPUFS1I3\svc[2].php
Virus detected: Trj/Refpron.D On-demand antivirus scan 11/19/2009 11:10... Deleted Path: C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\CXIZ4D2F\svc[2].php
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\My Documents\Azureus Downloads\PC Utilities The Ultimate Software Collection June 2009\Audio and Video\dxplayer.exe
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\My Documents\Azureus Downloads\Imagenomic\RealGrainPlugin_v1.0.0.8_Patc h_SSG.zip[Imagenomic.RealGrain.v1.0.0.8.for.Adobe.Photoshop. Cracked-SSG/patch.exe]
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\My Documents\Azureus Downloads\Imagenomic\PortraiturePlugin_v1.0.0.8_Pa tch_SSG.zip[Imagenomic.Portraiture.v1.0.0.8.for.Adobe.Photosho p.Cracked-SSG/patch.exe]
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\Local Settings\Temporary Internet Files\Content.IE5\UQ1Y0MQ2\svc[1].php
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\Local Settings\Temporary Internet Files\Content.IE5\ZBC4VAV3\svc[1].php
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\Local Settings\Temporary Internet Files\Content.IE5\ZBC4VAV3\pod[1].txt
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:55:... Deleted Path: C:\Documents and Settings\R2D2\My Documents\Azureus Downloads\Imagenomic\NoisewareProPlugin_v4.1.0.5_P atch_SSG.zip[Imagenomic.Noiseware.Professional.v4.1.0.5.for.Ado be.Photoshop.Cracked-SSG/patch.exe]
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/19/2009 8:48:... Deleted Path: C:\Documents and Settings\R2D2\Cookies\r2d2@atdmt[2].txt
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:43:... Deleted Path: c:\windows\system32\Ipripex.dll
Virus detected: Trj/CI.A On-demand antivirus scan 11/19/2009 8:43:... Deleted Path: C:\WINDOWS\system32\Ipripex.dll
Scan started On-demand antivirus scan 11/19/2009 8:42:... Scan: Scanning the whole system
Scan complete On-demand antivirus scan 11/19/2009 8:01:... Scan:
Update Updates system 11/19/2009 7:59:... Correct Type: Identity protection
Update Updates system 11/19/2009 7:59:... Correct File modification signatures
Scan started On-demand antivirus scan 11/19/2009 7:59:... Scan:
Update Updates system 11/19/2009 7:58:... Correct Type: autofix hft90906s16
Update Updates system 11/19/2009 7:58:... Correct File: Threat signatures
Suspicious program detected Protection against unknown... 11/18/2009 5:49:... Blocked File: C:\WINDOWS\SYSTEM32\FASTNETSRV.EXE
Virus detected: Trj/Refpron.W Antivirus protection 11/8/2009 2:05:24 PM Deleted Path: http://colopin.cn/lib/ssv.txt
Suspicious file Protection against unknown... 11/7/2009 12:17:... Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow276185[d.bin]
Suspicious file Protection against unknown... 11/6/2009 6:39:48 PM Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow814869[d.bin]
Scan complete On-demand antivirus scan 11/5/2009 9:24:52 PM Scan: Scanning the whole system
Spyware detected: Cookie/Atlas DMT On-demand antivirus scan 11/5/2009 7:03:00 PM Deleted Path: C:\Documents and Settings\R2D2\Cookies\r2d2@atdmt[2].txt
Scan started On-demand antivirus scan 11/5/2009 6:57:20 PM Scan: Scanning the whole system
Suspicious file Protection against unknown... 11/5/2009 5:00:29 PM Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknow674886[d.bin]
Suspicious file Protection against unknown... 11/5/2009 4:25:01 PM Deleted File: http://64.191.44.5/p0905/2.0/d.bin?unknown187828[d.bin]
Suspicious file Protection against unknown... 11/5/2009 10:33:... Deleted File: http://204.27.57.154/p1022/2.0/d.bin?unknow858801[d.bin]

Realiza estos pasos por favor:

Paso.- 1

Siguiendo sus Manuales instala y/o actualiza las siguientes herramientas:

Flash_Disinfector

Dr Web Cure-IT
*Manual* DR wEB.

Paso .-2

Inicias en Modo Seguro. y ejecutas:

Flash_Disinfector:
Con los dispositivos USB desconectados ejecuta Flash_Disinfector, luego
conecta tu dispositivo USB (Pen Drive, Móvil, MP3/4), y ejecuta Fash_Disinfector nuevamente.

Dr Web Al ejecutarla das clic derecho sobre su icono y ejecutar como administrador:

• Dr.Web: Al iniciar realizará un "scan express" , cuando termine selecciona hacer un "scan completo" y curas o eliminas lo que encuentre (antes de cerrar el programa debes ir a Archivo > Grabar lista de Informes para guardar el reporte, será en extensión .csv)

Paso 3.-
Inicias en Modo Normal y Realiza un scan online con ESET.

Saludos.