SEGURIDAD INFORMATICA, Firewall, parches, vacunas, antivirus, anti troyanos, spyware etc > Seguridad Informatica - Firewall - Virus - Troyanos - Spyware - Ad Aware - Malware
pagina de inicio your-searcher.com/index
Pertusi77:
Hola a todos !!:
Bueno mi problema es simple debo tener 1 troyano que me da como pagina de inicio justamente your searcher.com/index y me tiene loco me agrega a favoritos unos links y probe con el cwshredder ad ware hi jack y nada.. no se si lo hago bien o es otro tipo de troyano por favor!! necesito alguien tenga la amabilidad de ayudarme con este problema...
Agradecere toda ayuda
gracias de vuelta.
destroyer:
hola:
Bienvenido al foro Pertusi77.
Instala el programa ad-aware 6.181, actualizalo y escanea el pc en la configuracion que aqui se indica...
http://www.daboweb.com/phpBB2/viewtopic.php?t=2443
Cuando finalice el escaneo, pulsa en mostrar log , y pega aqui el contenido íntegro, a ver si nuestro compañero Fats puede orientarte..
Un saludo
.
FatsGordon:
Aguante Ciro!! :D
Vamos a solucionar ese temita. Por lo pronto hacé lo que dijo destroyer, y veamos qué tenemos...
Bienvenido al foro!
Pertusi77:
hola que tal gracias por la buena onda y si aguante ciro y attaque 77!!
bueno perdon por tardar por favor saquenme esta porqueria de encima por que me esta volviendo loco
aca esta el log,,,
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :Miércoles, 23 de Junio de 2004 07:37:59 p.m.
Created with Ad-aware Personal, free for private use.
Using reference-file :01R324 22.06.2004
______________________________________________________
Reffile status:
=========================
Reference file loaded:
Reference Number : 01R324 22.06.2004
Internal build : 256
File location : C:\ARCHIVOS DE PROGRAMA\LAVASOFT\AD-AWARE 6\reflist.ref
Total size : 1265402 Bytes
Signature data size : 1244925 Bytes
Reference data size : 20413 Bytes
Signatures total : 27677
Target categories : 10
Target families : 506
Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:82 %
Total physical memory:523696 kb
Available physical memory:378100 kb
Total page file size:1573452 kb
Available on page file:1509524 kb
Total virtual memory:2093056 kb
Available virtual memory:2051136 kb
OS:Windows (98)
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-aware Settings
=========================
Set : Unload recognized processes during scanning
Set : Reanalyze result after scanning, before displaying result list
Set : Run scan as background process (Low CPU usage)
Set : Include basic Ad-aware settings in logfile
Set : Include additional Ad-aware settings in logfile
Set : Let windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Always back up reference file, before updating
Set : Play sound if scan produced a result
23-06-04 07:37:59 p.m. - Scan started. (Custom mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [kernel32.dll]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4291766279
Threads : 4
Priority : High
FileSize : 468 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1991-1999
CompanyName : Microsoft Corporation
FileDescription : Componente del n
InternalName : KERNEL32
OriginalFilename : KERNEL32.DLL
ProductName : Sistema operativo Microsoft(R) Windows(R)
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:2 [msgsrv32.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294909087
Threads : 1
Priority : Normal
FileSize : 11 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1992-1998
CompanyName : Microsoft Corporation
FileDescription : Servidor de mensajes VxD de 32 bits de Windows
InternalName : MSGSRV32
OriginalFilename : MSGSRV32.EXE
ProductName : Sistema operativo Microsoft(R) Windows(R)
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:3 [mprexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294962031
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : WIN32 Network Interface Service Process
InternalName : MPREXE
OriginalFilename : MPREXE.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:4 [mstask.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294866987
Threads : 2
Priority : Normal
FileSize : 109 KB
FileVersion : 4.71.1972.1
ProductVersion : 4.71.1972.1
Copyright : Copyright (C) Microsoft Corp. 2000
CompanyName : Microsoft Corporation
FileDescription : Task Scheduler Engine
InternalName : TaskScheduler
OriginalFilename : mstask.exe
ProductName : Microsoft
Created on : 06/04/04 02:40:11 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/04/04 02:40:12 a.m.
#:5 [nprotect.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\NORTON UTILITIES\
ProcessID : 4294866943
Threads : 5
Priority : Normal
FileSize : 132 KB
FileVersion : 15.03.0.36
ProductVersion : 15.03.0.36
Copyright : Copyright (C) 2002 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton Protection Status
InternalName : NPROTECT
OriginalFilename : NPROTECT.EXE
ProductName : Norton Utilities
Created on : 06/03/02 08:56:36 p.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 05/02/02 09:03:00 a.m.
#:6 [navapw32.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\NORTON ANTIVIRUS\
ProcessID : 4294846167
Threads : 6
Priority : Normal
FileSize : 37 KB
FileVersion : 5.0.0.26
ProductVersion : 5.0.0.26
Copyright : Copyright (C) Symantec Corporation 1991-1997
CompanyName : Symantec Corporation
FileDescription : Norton AntiVirus Auto-Protect Agent
InternalName : NAVAPW32
OriginalFilename : NAVAPW32.DLL
ProductName : Norton AntiVirus
Created on : 03/01/04 12:08:50 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 30/06/98 07:19:08 p.m.
#:7 [mmtask.tsk]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294884691
Threads : 1
Priority : Normal
FileSize : 1 KB
FileVersion : 4.03.1998
ProductVersion : 4.03.1998
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Multimedia background task support module
InternalName : mmtask.tsk
OriginalFilename : mmtask.tsk
ProductName : Microsoft Windows
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:8 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294872611
Threads : 6
Priority : Normal
FileSize : 176 KB
FileVersion : 4.72.3110.1
ProductVersion : 4.72.3110.1
Copyright : (C) Microsoft Corporation 1981-1997
CompanyName : Microsoft Corporation
FileDescription : Explorador de Windows
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Sistema operativo Microsoft(R) Windows NT(R)
Created on : 06/05/99 01:22:00 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:9 [taskmon.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294833603
Threads : 1
Priority : Normal
FileSize : 28 KB
FileVersion : 4.10.1998
ProductVersion : 4.10.1998
Copyright : Copyright (C) Microsoft Corp. 1998
CompanyName : Microsoft Corporation
FileDescription : Task Monitor
InternalName : TaskMon
OriginalFilename : TASKMON.EXE
ProductName : Microsoft(R) Windows(R) Operating System
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:10 [systray.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294825183
Threads : 2
Priority : Normal
FileSize : 32 KB
FileVersion : 4.10.2222
ProductVersion : 4.10.2222
Copyright : Copyright (C) Microsoft Corp. 1993-1998
CompanyName : Microsoft Corporation
FileDescription : Subprograma Bandeja de sistema
InternalName : SYSTRAY
OriginalFilename : SYSTRAY.EXE
ProductName : Sistema operativo Microsoft(R) Windows(R)
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:11 [ddhelp.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294728027
Threads : 4
Priority : Realtime
FileSize : 32 KB
FileVersion : 4.09.00.0900
ProductVersion : 4.09.00.0900
Copyright : Copyright
CompanyName : Microsoft Corporation
FileDescription : Microsoft DirectX Helper
InternalName : DDHelp.exe
OriginalFilename : DDHelp.exe
ProductName : Microsoft
Created on : 14/05/04 02:54:52 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 12/12/02 03:14:32 a.m.
#:12 [loadqm.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294730979
Threads : 3
Priority : Normal
FileSize : 7 KB
FileVersion : 5.4.1103.3
ProductVersion : 5.4.1103.3
Copyright : Copyright (C) Microsoft Corp. 1981-1999
CompanyName : Microsoft Corporation
FileDescription : Microsoft QMgr
InternalName : LOADQM.EXE
OriginalFilename : LOADQM.EXE
ProductName : QMgr Loader
Created on : 03/01/04 12:20:21 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 03/05/00 08:23:10 p.m.
#:13 [remoterm.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\PINNACLE\STUDIO PCTV\REMOTE\
ProcessID : 4294713903
Threads : 1
Priority : Normal
FileSize : 36 KB
FileVersion : 1.0.1.2
ProductVersion : 4, 0, 1, 0
Copyright : Copyright
CompanyName : Pinnacle Systems GmbH
FileDescription : remoterm
InternalName : remoterm
OriginalFilename : remoterm.exe
ProductName : STUDIO PCTV
Created on : 20/03/04 04:51:43 p.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 02/05/00 07:15:08 p.m.
#:14 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 4294717087
Threads : 1
Priority : Normal
FileSize : 46 KB
FileVersion : 5.0.12
ProductVersion : 5.0.12
Copyright : Copyright (c) 2001-2002 Realtek Semiconductor Corp.
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
OriginalFilename : ALSMTray.exe
ProductName : Realtek Sound Manager
Created on : 06/05/04 11:02:26 p.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 10/01/02 06:26:02 a.m.
#:15 [evntsvc.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\ARCHIVOS COMUNES\REAL\UPDATE_OB\
ProcessID : 4294731799
Threads : 2
Priority : Normal
FileSize : 143 KB
FileVersion : 0.1.0.880
ProductVersion : 0.1.0.880
Copyright : Copyright
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
OriginalFilename : evntsvc.EXE
ProductName : RealOne Player (32-bit)
Created on : 03/04/04 12:03:51 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 03/04/04 12:03:52 a.m.
#:16 [msnmsgr.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\MSN MESSENGER\
ProcessID : 4294707151
Threads : 2
Priority : Normal
FileSize : 4572 KB
FileVersion : 6.1.0211
ProductVersion : Version 6.1
Copyright : Copyright (c) Microsoft Corporation 1997-2003
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr
OriginalFilename : msnmsgr.exe
ProductName : Messenger
Created on : 05/03/04 02:01:00 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 05/03/04 02:01:00 a.m.
#:17 [sysdoc32.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\NORTON UTILITIES\
ProcessID : 4294725127
Threads : 2
Priority : Idle
FileSize : 24 KB
FileVersion : 15.03.0.36
ProductVersion : 15.03.0.36
Copyright : Copyright (C) 2002 Symantec Corporation
CompanyName : Symantec Corporation
FileDescription : Norton System Doctor
InternalName : SYSDOC32
OriginalFilename : SYSDOC32.EXE
ProductName : Norton Utilities
Created on : 06/03/02 08:56:32 p.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 05/02/02 09:03:00 a.m.
#:18 [wmiexe.exe]
FilePath : C:\WINDOWS\SYSTEM\
ProcessID : 4294690127
Threads : 3
Priority : Normal
FileSize : 16 KB
FileVersion : 5.00.1755.1
ProductVersion : 5.00.1755.1
Copyright : Copyright (C) Microsoft Corp. 1981-1998
CompanyName : Microsoft Corporation
FileDescription : WMI service exe housing
InternalName : wmiexe
OriginalFilename : wmiexe.exe
ProductName : Microsoft(R) Windows NT(R) Operating System
Created on : 01/01/01
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 06/05/99 01:22:00 a.m.
#:19 [ad-aware.exe]
FilePath : C:\ARCHIVOS DE PROGRAMA\LAVASOFT\AD-AWARE 6\
ProcessID : 4294596723
Threads : 3
Priority : Idle
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 22/06/04 11:18:37 p.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 13/07/03 12:00:20 a.m.
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_CURRENT_USER
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
Possible browser hijack attempt : Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_LOCAL_MACHINE
Object : Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
Possible browser hijack attempt : .Default\Software\Microsoft\Internet Explorer\MainStart Pageabout:blank
Possible Browser Hijack attempt Object recognized!
Type : RegData
Data : "about:blank"
Category : Data Miner
Comment : Possible browser hijack attempt
Rootkey : HKEY_USERS
Object : .Default\Software\Microsoft\Internet Explorer\Main
Value : Start Page
Data : "about:blank"
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 3
Objects found so far: 3
Tracking Cookie Object recognized!
Type : File
Data : anyuser@atdmt[1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:20:26 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:20:28 a.m.
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:32:57 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:32:58 a.m.
Tracking Cookie Object recognized!
Type : File
Data : anyuser@sexlist[1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:40:25 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:40:26 a.m.
Tracking Cookie Object recognized!
Type : File
Data : anyuser@xxxcounter[2].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:33:10 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:33:12 a.m.
Tracking Cookie Object recognized!
Type : File
Data : anyuser@paycounter[2].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:45:09 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:45:10 a.m.
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:39:22 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:39:24 a.m.
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:43:47 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:43:48 a.m.
Tracking Cookie Object recognized!
Type : File
Data : [email protected][1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:48:37 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:48:38 a.m.
Tracking Cookie Object recognized!
Type : File
Data : anyuser@sextracker[1].txt
Category : Data Miner
Comment :
Object : C:\WINDOWS\Cookies\
Created on : 23/06/04 05:48:37 a.m.
Last accessed : 23/06/04 03:00:00 a.m.
Last modified : 23/06/04 05:48:38 a.m.
Disk scan result for C:\
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 12
Scanning Hosts file(C:\WINDOWS\hosts)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Hosts file scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
0 entries scanned.
New objects :0
Objects found so far: 12
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 12
Reanalyzing scan result
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
No objects have been removed from the result list.
10:01:19 p.m. Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :02:23:19:740
Objects scanned :72173
Objects identified :12
Objects ignored :0
New objects :12
ojala sepan decirme que hacer por favor espero ansiosamente la respuesta gracias muchachos!!!
FatsGordon:
Ok, por lo que vos comentás parece ser la variante de CWS llamada CWS.Systeminit, pero hay cosas que no veo...
De hecho lo que muestra el log del Ad-Aware es que tenés algunos Tracking Cookies, que se pueden eliminar sin pensarlo dos veces, y tres entradas de la registry que hacen referencia a que tu página de inicio es about:blank. Esto en sí no es ningún problema (yo tengo puesto como página de inicio about:blank y me salen los mismos resultados que a vos).
El tema es que anda dando vueltas otra variante de CWS (CoolWebSearch) que pone la página de inicio en about:blank. Por eso dice 'Possible Browser Hijack', porque puede ser que vos hayas puesto la página de inicio en about:blank.
Para las Tracking Cookies: volvé a escanear con el Ad-Aware y cuando llegues al final marcá las cookies y presioná Next. Con eso van a parar a cuarentena. Podés dejarlas ahí o eliminarlas de la cuarentena.
Para los otros tres por el momento no hagamos nada.
Lo que quiero que hagas ahora es bajarte el HijackThis de http://www.spywareinfo.com/~merijn/files/HijackThis.exe , ponelo en una carpeta nueva llamada, por ejemplo, C:\HijackThis, y abrilo. Presioná Scan, después Save log, dale enter para guardar el log y vas a ver que se abre el Bloc de notas. Ahí copiá TODO el log y pegalo acá.
Espero el log, así vemos qué pasa.
Navegación
[#] Página Siguiente
Ir a la versión completa