SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware

se me abren webs de publicidad

<< < (2/2)

Mr_X:
Los logs los veo limpios ¿cómo se comporta la máquina?

rosaescala:
Pues bien, lo único que me saltan estas webs cuando entro en internet..y a veces se me cambia la página de inicio..

Mr_X:
Haz una copia de seguridad del registro con el ERUNT (clic aquí); baja el ComboFix y pásalo iniciando en Modo seguro... Pega aquí el contenido del archivo C:\ComboFix.txt...

rosaescala:
Ahí va!

ComboFix 09-12-20.08 - Rosa 21/12/2009  18:02:00.1.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium   6.0.6001.1.1252.34.3082.18.1918.1399 [GMT 1:00]
Running from: c:\users\Rosa\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1229 [VPS 081215-1] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: avast! antivirus 4.8.1229 [VPS 081215-1] *enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((   Files Created from 2009-11-21 to 2009-12-21  )))))))))))))))))))))))))))))))
.

2009-12-21 17:07 . 2009-12-21 17:07   --------   d-----w-   c:\users\Rosa\AppData\Local\temp
2009-12-21 17:07 . 2009-12-21 17:07   --------   d-----w-   c:\users\Default\AppData\Local\temp
2009-12-21 16:36 . 2009-12-21 16:37   --------   d-----w-   c:\program files\ERUNT
2009-12-09 17:21 . 2009-12-09 17:21   --------   d-----w-   c:\program files\Trend Micro
2009-12-09 02:09 . 2009-11-09 13:22   24064   ----a-w-   c:\windows\system32\nshhttp.dll
2009-12-09 02:08 . 2009-11-09 11:04   411136   ----a-w-   c:\windows\system32\drivers\http.sys
2009-12-09 02:08 . 2009-11-09 13:20   31232   ----a-w-   c:\windows\system32\httpapi.dll
2009-12-09 00:17 . 2009-12-08 21:46   15880   ----a-w-   c:\windows\system32\lsdelete.exe
2009-12-08 21:47 . 2009-09-23 12:55   64288   ----a-w-   c:\windows\system32\drivers\Lbd.sys
2009-12-08 21:46 . 2009-12-08 21:46   862040   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\threatwork.exe
2009-12-08 21:46 . 2009-12-08 21:46   15880   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\lsdelete.exe
2009-12-08 21:46 . 2009-12-08 21:46   206944   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\lavamessage.dll
2009-12-08 21:46 . 2009-12-08 21:46   390288   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\lavalicense.dll
2009-12-08 21:46 . 2009-12-08 21:46   537576   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\aawapi.dll
2009-12-08 21:46 . 2009-12-08 21:46   370744   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\UpdateManager.dll
2009-12-08 21:46 . 2009-12-08 21:46   163728   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\ShellExt.dll
2009-12-08 21:46 . 2009-12-08 21:46   194104   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\Savapibridge.dll
2009-12-08 21:45 . 2009-12-08 21:45   5908024   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\Resources.dll
2009-12-08 21:45 . 2009-12-08 21:45   327000   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\RPAPI.dll
2009-12-08 21:45 . 2009-12-08 21:45   87496   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\PrivacyClean.dll
2009-12-08 21:45 . 2009-12-08 21:45   933120   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\CEAPI.dll
2009-12-08 21:45 . 2009-12-08 21:45   641632   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\AutoLaunch.exe
2009-12-08 21:45 . 2009-12-08 21:45   816272   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareCommand.exe
2009-12-08 21:45 . 2009-12-08 21:45   822904   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\Ad-AwareAdmin.exe
2009-12-08 21:45 . 2009-12-08 21:45   1638640   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\Ad-Aware.exe
2009-12-08 21:45 . 2009-12-08 21:45   788880   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\AAWTray.exe
2009-12-08 21:45 . 2009-12-08 21:45   1184912   ----a-w-   c:\programdata\Lavasoft\Ad-Aware\update\AAWService.exe
2009-12-08 21:42 . 2009-12-08 21:42   --------   dc-h--w-   c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
2009-12-08 21:42 . 2009-10-03 08:15   2924848   -c--a-w-   c:\programdata\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe
2009-12-08 19:59 . 2009-08-24 12:16   378368   ----a-w-   c:\windows\system32\winhttp.dll
2009-12-08 19:50 . 2009-10-07 12:41   244224   ----a-w-   c:\windows\system32\rastls.dll
2009-12-08 19:50 . 2009-10-07 12:41   281600   ----a-w-   c:\windows\system32\raschap.dll
2009-12-01 17:38 . 2009-12-01 20:18   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2009-12-01 17:38 . 2009-12-01 17:39   --------   d-----w-   c:\program files\Spybot - Search & Destroy
2009-11-29 23:12 . 2009-11-29 23:12   --------   d-----w-   c:\program files\Textual Content Provider
2009-11-29 23:12 . 2009-11-29 23:12   --------   d-----w-   c:\program files\Content Management Wizard
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\users\Rosa\AppData\Local\Internet Today
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\program files\Internet Today
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\program files\Customized Platform Advancer
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\program files\Automated Content Enhancer
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\users\Rosa\AppData\Local\Web Search Operator
2009-11-29 23:11 . 2009-11-29 23:11   --------   d-----w-   c:\program files\Web Search Operator
2009-11-29 23:10 . 2009-11-29 23:17   --------   d-----w-   c:\program files\Gameztar Toolbar
2009-11-25 23:11 . 2009-10-29 09:41   2048   ----a-w-   c:\windows\system32\tzres.dll
2009-11-25 16:41 . 2009-08-10 11:01   1399296   ----a-w-   c:\windows\system32\msxml6.dll
2009-11-25 16:41 . 2009-08-10 11:00   1257472   ----a-w-   c:\windows\system32\msxml3.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-17 12:05 . 2008-01-21 07:23   667382   ----a-w-   c:\windows\system32\perfh00A.dat
2009-12-17 12:05 . 2008-01-21 07:23   129912   ----a-w-   c:\windows\system32\perfc00A.dat
2009-12-09 02:31 . 2006-11-02 11:18   --------   d-----w-   c:\program files\Windows Mail
2009-12-09 02:14 . 2008-03-03 13:56   --------   d-----w-   c:\programdata\Microsoft Help
2009-11-24 23:54 . 2008-10-09 15:57   1280480   ----a-w-   c:\windows\system32\aswBoot.exe
2009-11-24 23:50 . 2008-10-09 15:57   114768   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2009-11-24 23:50 . 2008-10-09 15:57   20560   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 23:49 . 2008-10-09 15:57   53328   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2009-11-24 23:49 . 2008-10-09 15:58   48560   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2009-11-24 23:48 . 2008-10-09 15:58   23120   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2009-11-24 23:47 . 2008-10-09 15:57   97480   ----a-w-   c:\windows\system32\AvastSS.scr
2009-11-21 06:40 . 2009-12-08 20:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2009-11-21 06:34 . 2009-12-08 20:00   109056   ----a-w-   c:\windows\system32\iesysprep.dll
2009-11-21 06:34 . 2009-12-08 20:00   71680   ----a-w-   c:\windows\system32\iesetup.dll
2009-11-21 04:59 . 2009-12-08 20:00   133632   ----a-w-   c:\windows\system32\ieUnatt.exe
2009-11-11 22:52 . 2009-11-11 22:49   --------   d-----w-   c:\users\Rosa\AppData\Roaming\BonkEnc
2009-11-11 22:47 . 2009-11-11 22:46   --------   d-----w-   c:\program files\BonkEnc
2009-10-26 22:54 . 2008-09-01 17:42   119656   ----a-w-   c:\users\Rosa\AppData\Local\GDIPFONTCACHEV1.DAT
2009-09-30 16:15 . 2009-09-30 16:15   471664   ----a-w-   c:\programdata\Google\Google Toolbar\Update\gtbC42C.tmp.exe
2009-09-23 21:25 . 2009-07-06 15:55   1924440   ----a-w-   c:\users\Rosa\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
2009-11-02 20:44 . 2009-11-02 20:44   119808   ----a-w-   c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-12-30 39408]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"NDSTray.exe"="NDSTray.exe" [BU]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2007-08-03 582992]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2009-11-02 30192]
"Desktop SMS"="c:\program files\IDM\Desktop SMS\DesktopSMS.exe" [2007-07-23 1507328]
"topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-11-29 1029416]
"Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2007-10-25 413696]
"TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456]
"HSON"="c:\program files\TOSHIBA\TBS\HSON.exe" [2007-10-31 54608]
"SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-01-25 509816]
"00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-01-22 712704]
"Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2007-05-04 571024]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

c:\users\Rosa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-9-12 384000]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CardOS API.lnk - c:\program files\Siemens\CardOS API\bin\siecacst.exe [2009-4-16 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [08/12/2009 22:47 64288]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [24/09/2009 12:17 1184912]
R3 O2MDRDR;O2MDRDR;c:\windows\System32\drivers\o2media.sys [15/01/2008 10:34 48472]
R3 QIOMem;Generic IO & Memory Access;c:\windows\System32\drivers\QIOMem.sys [09/04/2007 16:13 8192]
S0 pavboot;pavboot;c:\windows\System32\drivers\pavboot.sys [14/10/2008 21:58 28544]
S1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [09/10/2008 16:57 114768]
S1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\System32\drivers\RtlProt.sys [01/09/2008 18:41 25896]
S2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [09/10/2008 16:57 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [09/10/2008 16:57 53328]
S2 ConfigFree Service;ConfigFree Service;c:\program files\Toshiba\ConfigFree\CFSvcs.exe [25/12/2007 13:07 40960]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [01/12/2009 18:38 1153368]
S2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\Toshiba\SMARTLogService\TosIPCSrv.exe [03/12/2007 16:03 126976]
S3 CnxtHdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service;c:\windows\System32\drivers\CHDART.sys [03/03/2008 11:48 187904]
S3 cxbu0wdm;CardMan 3x21;c:\windows\System32\drivers\cxbu0wdm.sys [15/01/2008 11:39 97792]
S3 fssfltr;FssFltr;c:\windows\System32\drivers\fssfltr.sys [30/09/2009 21:49 54632]
S3 fsssvc;Servicio de Windows Live Protección infantil;c:\program files\Windows Live\Family Safety\fsssvc.exe [05/08/2009 21:48 704864]
S3 GoogleDesktopManager-093009-130223;Administrador de Google Desktop 5.9.909.30391;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [03/03/2008 12:40 30192]
S3 RTL8187B;Adaptador de red USB 2.0 de 54 Mbps inalámbrico 802.11b/g Realtek RTL8187B;c:\windows\System32\drivers\rtl8187B.sys [01/09/2008 18:27 290304]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - ECACHE
*NewlyCreated* - PXHELP20
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.es
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: {{76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4
IE: {{8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
FF - ProfilePath - c:\users\Rosa\AppData\Roaming\Mozilla\Firefox\Profiles\ttcb5wg9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.es/firefox?client=firefox-a&rls=org.mozilla:es-ES:official
FF - component: c:\program files\Automated Content Enhancer\4.1.0.5190\FF\components\ACEFFAddOn.dll
FF - component: c:\program files\Customized Platform Advancer\3.1.0.1630\FF\components\CPAFFAddOn.dll
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\program files\Web Search Operator\3.1.0.1840\FF\components\WSOFFAddOn.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\Rosa\AppData\Roaming\Mozilla\Firefox\Profiles\ttcb5wg9.default\extensions\[email protected]\platform\WINNT_x86-msvc\plugins\npmnqmp071303000005.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-TOSCDSPD - TOSCDSPD.EXE
HKLM-Run-ITSecMng - c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
HKLM-RunOnce-<NO NAME> - (no file)



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-21 18:07
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-3054458559-2666710965-1660682944-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*¶*û*c%\OpenWithList]
@Class="Shell"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-12-21  18:10:05
ComboFix-quarantined-files.txt  2009-12-21 17:10

Pre-Run: 60.518.289.408 bytes libres
Post-Run: 61.004.636.160 bytes libres

- - End Of File - - C611BB2D059A1FA3FEE8E98623582906

rosaescala:
Estoy un poco desesperada!

He vuelto a pasar el avast en modo seguro y me ha saltado un virus, era un gusano, como no me dejaba enviarlo al baúl, he enviado el archivo a la papelera de reciclaje..

En el análisis del hijackthis, con mis reducidos conocimientos, veo raro estos dos registros, porque al darle a reparar/eliminar vuelven a aparecer...

O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (User 'Default user')
O9 - Extra button: eBay - Compra, vende y diviértete - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/1185-44560-9400-3/4 (file missing)


Gracias y feliz año nuevo!!

Navegación

[0] Índice de Mensajes

[*] Página Anterior

Ir a la versión completa