• Registrarse
  • Iniciar sesión


  • Página 2 de 2 PrimeroPrimero 12
    Resultados 11 al 16 de 16

    Que estan haciendo estos hackers?

    ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows:nlsPreferences [386] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the ...

    1. #11
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      ==================== Alternate Data Streams (Whitelisted) =========

      (If an entry is included in the fixlist, only the ADS will be removed.)

      AlternateDataStreams: C:\Windows:nlsPreferences [386]

      ==================== Safe Mode (Whitelisted) ===================

      (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12822008.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12822008.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

      ==================== Association (Whitelisted) ===============

      (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


      ==================== Internet Explorer trusted/restricted ===============

      (If an entry is included in the fixlist, it will be removed from the registry.)


      ==================== Hosts content: ===============================

      (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

      2017-03-18 16:03 - 2017-11-02 17:25 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts


      ==================== Other Areas ============================

      (Currently there is no automatic fix for this section.)

      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Alex\Pictures\Saved Pictures\Jesus 2.jpg
      DNS Servers: 172.16.1.254 - 142.165.21.5
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
      Windows Firewall is enabled.

      ==================== MSCONFIG/TASK MANAGER disabled items ==

      HKLM\...\StartupApproved\Run: => "ShadowPlay"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "Windscribe"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "CyberGhost"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "OneDrive"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "Steam"
      HKU\S-1-5-21-3661476216-3847632659-3844190572-1001\...\StartupApproved\Run: => "utweb"

      ==================== FirewallRules (Whitelisted) ===============

      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      FirewallRules: [{AD7BE347-14D6-490A-AF91-9C4993A89FB2}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
      FirewallRules: [{7BDA4426-E208-4158-ABF9-51ADAA68BF71}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
      FirewallRules: [{74CBBF32-944C-459F-B0FA-92DEB4D4FD00}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
      FirewallRules: [{27ED1EA3-1011-4305-BB9C-F34AE280E8C5}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{C178C9F4-6C53-4B48-800B-27A2BD17E86B}] => (Allow) C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
      FirewallRules: [{FF3AFB8E-0D65-4A90-9B60-48975C708C4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{2D23A73E-8FE7-48C9-AC17-7607E97DDD2B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
      FirewallRules: [{BD958587-C0EE-4828-905F-D7D8C05E13A4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{9475C033-54F2-433D-995B-6092DA111257}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      FirewallRules: [{CE86A86B-A4EF-4925-8D2E-9237FC8598CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
      FirewallRules: [{EC01667A-72F6-4A86-AB1C-9A2ABD07CF4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
      FirewallRules: [{8DF7A242-2299-4139-A9EA-A6436C91BA25}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{25E4E46D-DEAE-4E92-84A3-C0CB511C9CA5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{178407EA-3BB4-45F8-B7FA-4F8A7B68B8EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
      FirewallRules: [{5769BCAF-41A1-4573-B432-39A562C13DC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{68AD4D1E-9388-47A1-9998-81A828120906}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{C1E9CEBB-5CED-40FA-ABCB-A887A5DB2639}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      FirewallRules: [{9AB05C4C-075E-466C-93AE-F9E001A1930B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
      FirewallRules: [{59688A70-2C6A-4951-BFE9-7F0FFA34AD1B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3x.exe
      FirewallRules: [{566E885B-6F00-4C98-BEAB-5EEA55CD0F93}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
      FirewallRules: [{E0B67BD6-5A35-4AA7-B69B-FE0F0EA156F4}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
      FirewallRules: [{3ED9ABFC-27F8-485B-AEB3-142A1FA58E04}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe
      FirewallRules: [{27E1A077-C14E-4FFC-908C-2056F8F90E26}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe
      FirewallRules: [{EED81DE9-1C52-4BD1-B693-CD9A638650F1}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe
      FirewallRules: [{4B5CC753-6250-461D-B493-2EC3F7FEF9E0}] => (Allow) C:\Program Files (x86)\BlueStacks\HD-Player.exe
      FirewallRules: [{38CA3E5E-4222-4064-AF56-A044DCC29AA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{C27EAD4E-A16A-44BA-A87B-DEB207206CAE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{76C801A3-2BAC-46DC-A111-7FFFAE427878}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      FirewallRules: [{83956280-24F6-4356-AC50-A03B270EAA4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
      FirewallRules: [{AB04EA3F-DFAF-4742-8647-5321C7E3D989}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

      ==================== Restore Points =========================

      29-10-2017 01:42:21 Installed Dell Command | Power Manager.
      01-11-2017 14:47:16 Dell SupportAssist Remediation
      02-11-2017 17:24:34 Malwarebytes Anti-Rootkit Restore Point

      ==================== Faulty Device Manager Devices =============


      ==================== Event log errors: =========================

      Application errors:
      ==================
      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:21:59 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:19:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:19:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:19:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

      Error: (11/02/2017 12:19:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
      Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0


      System errors:
      =============
      Error: (11/02/2017 05:25:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: The Interactive Services Detection service terminated with the following error:
      Incorrect function.

      Error: (11/02/2017 01:32:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/02/2017 11:38:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/02/2017 11:34:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/02/2017 11:30:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/02/2017 07:56:31 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/02/2017 04:54:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/01/2017 09:30:34 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/01/2017 05:49:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
      Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
      {D63B10C5-BB46-4990-A94F-E40B9D520160}
      and APPID
      {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
      to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

      Error: (11/01/2017 05:05:44 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
      Description: The Interactive Services Detection service terminated with the following error:
      Incorrect function.


      CodeIntegrity:
      ===================================
      Date: 2017-11-01 21:45:10.770
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsld5b81b3f.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-11-01 17:01:04.742
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsld5b81b3f.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-11-01 17:01:03.582
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Definition Updates\{8AC927AA-EDFD-4800-892E-CB3C07E418EE}\MpKslb96f9d38.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-31 21:04:48.382
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsleac524c1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-31 17:45:46.343
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsleac524c1.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-31 17:45:45.225
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Definition Updates\{07590754-ABF8-42BA-845D-9CE3D6FBF3F3}\MpKsla20beeea.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-30 2343.936
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsl10288a29.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-30 2342.802
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Definition Updates\{956E4639-41F6-47FA-BA8B-EE802C675C1B}\MpKslfeb8e85b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-30 20:57:27.457
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsla416989b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

      Date: 2017-10-30 20:24:50.730
      Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\MpEngineStore\MpKsla416989b.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


      ==================== Memory info ===========================

      Processor: Intel(R) Core(TM) i7-7700HQ CPU @ 2.80GHz
      Percentage of memory in use: 90%
      Total physical RAM: 6018.27 MB
      Available physical RAM: 568.33 MB
      Total Virtual: 12162.27 MB
      Available Virtual: 4092.45 MB

      ==================== Drives ================================

      Drive c: (OS) (Fixed) (Total:916.34 GB) (Free:818.83 GB) NTFS

      ==================== MBR & Partition Table ==================

      ========================================================
      Disk: 0 (Size: 931.5 GB) (Disk ID: A65E3DB1)

      Partition: GPT.

      ==================== End of Addition.txt ============================

    2. #12
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Eso es todo. Hay algo raro?

    3. #13
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.171

      Re: Que estan haciendo estos hackers?

      Mientras reviso todo, esto.

      () C:\Users\Alex\Downloads\psiphon3.exe


      Lo has puesto tu ?
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    4. #14
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Cita Originalmente publicado por @Miguelgrado Ver Mensaje
      Mientras reviso todo, esto.

      () C:\Users\Alex\Downloads\psiphon3.exe


      Lo has puesto tu ?
      Si, lo he puesto yo. Es la vpn gratuita que uso para que no me rastreen, aunque parece que no me protege bien porque igual me espian. Es mala?

    5. #15
      Warrior Avatar de @Miguelgrado
      Registrado
      dic 2005
      Ubicación
      Asturias-España
      Mensajes
      18.171

      Re: Que estan haciendo estos hackers?

      No, pero tampoco veo nada como para que sea el caso de tus problemas


      Descarga Hitman Pro >> HitmanPro 3.7.9 | InfoSpyware
      Manual Hitman Pro >> Manual de HitmanPro.
      -Eliges según tu Windows sea de 32 bits o de 64 bits >> Como determinar si su sistema es de 32 o 64 bits

      • Ejecuta HitmanPRO, (en Windows 7 u 8 ejecutar como "Administrador")
      • Presiona el botón: "Siguiente".
      • Dejamos marcada la opción recomendada >> Instalar una copia en el equipo<< y desmarcamos las casillas adicionales
      • En "Configuración", desmarcamos análisis de Cookies y “aceptar” Pulsamos Siguiente
      • Una vez finalizado el escaneo HitmanPRO incluye 30 días gratuitos para la eliminación de los posibles malwares detectados.

      - Cuando la búsqueda haya finalizado, se mostrará la ventana Resultados del análisis.
      -Recuerde OMITIR los marcados como Sospechosos
      - Pulsamos en Siguiente, para que Hitman realice lo necesario con las amenazas encontradas

      El informe también lo puede encontrar en Configuración>> Historial >> Registros
      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    6. #16
      Usuario Avatar de pc7000
      Registrado
      oct 2017
      Ubicación
      colombia
      Mensajes
      11

      Re: Que estan haciendo estos hackers?

      Cita Originalmente publicado por @Miguelgrado Ver Mensaje
      No, pero tampoco veo nada como para que sea el caso de tus problemas
      Código:
      HitmanPro 3.7.20.286
      www.hitmanpro.com
      
         Computer name . . . . : DESKTOP-RC057PR
         Windows . . . . . . . : 10.0.0.15063.X64/8
         User name . . . . . . : DESKTOP-RC057PR\Alex
         UAC . . . . . . . . . : Enabled
         License . . . . . . . : Paid (255 days left)
      
         Scan date . . . . . . : 2017-11-07 21:10:36
         Scan mode . . . . . . : Normal
         Scan duration . . . . : 7m 32s
         Disk access mode  . . : Direct disk access (SRB)
         Cloud . . . . . . . . : Internet
         Reboot  . . . . . . . : No
      
         Threats . . . . . . . : 2
         Traces  . . . . . . . : 208
      
         Objects scanned . . . : 1,869,773
         Files scanned . . . . : 39,554
         Remnants scanned  . . : 367,140 files / 1,463,079 keys
      
      Malware _____________________________________________________________________
      
         C:\Program Files (x86)\LingTreeConstructor\bin\open_mailinglist_signup.exe -> Quarantined
            Size . . . . . . . : 3,324,928 bytes
            Age  . . . . . . . : 28.5 days (2017-10-10 08:57:14)
            Entropy  . . . . . : 6.4
            SHA-256  . . . . . : C7D1F7B4012653DE15A29A4232FDBA5662F12DC3C02B28EECB476406CF6611AE
          > Kaspersky  . . . . : HEUR:Trojan.Win32.Generic
            Fuzzy  . . . . . . : 106.0
            References
               C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\Sign up for mailinglists.lnk
            Forensic Cluster
               -0.3s C:\Program Files (x86)\LingTreeConstructor\
               -0.3s C:\Program Files (x86)\LingTreeConstructor\bin\
               -0.3s C:\Program Files (x86)\LingTreeConstructor\bin\LTCUnicode.exe
                0.0s C:\Program Files (x86)\LingTreeConstructor\bin\open_mailinglist_signup.exe
                0.1s C:\Program Files (x86)\LingTreeConstructor\lib\
                0.1s C:\Program Files (x86)\LingTreeConstructor\lib\labels.txt
                0.1s C:\Program Files (x86)\LingTreeConstructor\lib\phrase_types.txt
                0.1s C:\Program Files (x86)\LingTreeConstructor\lib\syntax_nodes.txt
                0.1s C:\Program Files (x86)\LingTreeConstructor\data\
                0.1s C:\Program Files (x86)\LingTreeConstructor\doc\
                0.1s C:\Program Files (x86)\LingTreeConstructor\doc\COPYING.txt
                0.1s C:\Program Files (x86)\LingTreeConstructor\doc\ChangeLog.txt
                0.1s C:\Program Files (x86)\LingTreeConstructor\doc\README.txt
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\UsersGuide.htb
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\UsersGuide.pdf
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\CCl.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\Cl.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\LSC.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\LSNP.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\LTCStart.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\NP.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\XP.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\chooseAPhraseType.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\chooseLSC.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\chooseLSNP.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\chooseXBarCategoryAndLevel.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\clear.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\collapse.png
                0.2s C:\Program Files (x86)\LingTreeConstructor\doc\delete.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\demote.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\expand.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\labelBar.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\layoutMainWindow.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\minus.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\moveup.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\new.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\open.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\phrasetypebar.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\plus.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\plusInverted.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\promote.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\save.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\selectionExample.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\statusbar.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\toolbar.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\widget_invertedplus.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\widget_minus.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\widget_plus.png
                0.3s C:\Program Files (x86)\LingTreeConstructor\doc\1001.htm
                0.3s C:\Program Files (x86)\LingTreeConstructor\sourcecode\
                0.3s C:\Program Files (x86)\LingTreeConstructor\sourcecode\ltc-3.2.0.tar.gz
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\EmdrosQueryTool.cfg
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\English1.ltc
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\English1.ltcx
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\English1.txt
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\Greek1.gen
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\Greek1.ltc
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\Greek1.ltcx
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\Makefile.am
                0.3s C:\Program Files (x86)\LingTreeConstructor\examples\Makefile.in
                0.4s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\
                0.4s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\Uninstall.lnk
                0.6s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\LingTreeConstructor (Unicode).lnk
                0.7s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\Sign up for mailinglists.lnk
                0.7s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\License terms.lnk
                0.7s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\User's Guide.lnk
                0.7s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LingTreeConstructor\User's Guide (PDF).pdf.lnk
                0.7s C:\Program Files (x86)\LingTreeConstructor\uninstall.exe
      
         C:\Users\Alex\Downloads\psiphon3.exe
            Size . . . . . . . : 6,659,184 bytes
            Age  . . . . . . . : 50.9 days (2017-09-18 00:16:05)
            Entropy  . . . . . : 7.9
            SHA-256  . . . . . : 0466B5BD1A48032BD8944D3BBAD7E7089F24A2ABC657AFF1C95735D1D8D2FBDA
            RSA Key Size . . . : 2048
            Desktop  . . . . . : Default
            Parent Name  . . . : C:\Windows\explorer.exe
            Authenticode . . . : Valid
            Running processes  : 4260
          > Bitdefender  . . . : Application.Psiphon.C
            Fuzzy  . . . . . . : 104.0
            References
               C:\Users\Alex\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\psiphon3.lnk
      
      
      Suspicious files ____________________________________________________________
      
         C:\Users\Alex\Desktop\FRST64.exe
            Size . . . . . . . : 2,403,328 bytes
            Age  . . . . . . . : 5.2 days (2017-11-02 16:29:38)
            Entropy  . . . . . : 7.6
            SHA-256  . . . . . : EBA1CE9AD4DBF4C3EC0084DC9A2903037BD618482044DD4CC3135A1F7B422E19
            Needs elevation  . : Yes
            Fuzzy  . . . . . . : 24.0
               Program has no publisher information but prompts the user for permission elevation.
               Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
               Authors name is missing in version info. This is not common to most programs.
               Version control is missing. This file is probably created by an individual. This is not typical for most programs.
               Time indicates that the file appeared recently on this computer.
            Forensic Cluster
               -2.3s C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000027
                0.0s C:\Users\Alex\Desktop\FRST64.exe
                4.0s C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000028
               13.4s C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000029
               16.5s C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00002a
      
      
      Repairs _____________________________________________________________________
      
         Proxy server on this computer (User)
         127.0.0.1:59467
      
         DellCommandPowerManagerAlertEventConsumer
         WMI:root\subscription\ActiveScriptEventConsumer\
      
         DellCommandPowerManagerPolicyChangeEventConsumer
         WMI:root\subscription\ActiveScriptEventConsumer\
      
      
      Cookies _____________________________________________________________________
      
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:204774041.log.optimizely.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:238413261.log.optimizely.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:254a.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:50136351.log.optimizely.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:a.scorecardresearch.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:a1.adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:a2.adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:abmr.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:acuityplatform.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.dyntracker.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.sara.media
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad2.adfarm1.adition.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad3.adfarm1.adition.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad9.adfarm1.adition.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adaptv.advertising.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrn.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adfarm1.adition.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adgrx.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adhigh.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adingo.jp
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adnxs.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.avocet.io
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.clipconverter.cc
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.deliverimp.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kiosked.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.linkedin.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.programattik.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.servebom.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.smartstream.tv
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yieldmo.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adscale.de
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver01.de
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.ancoraplatform.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsrvr.org
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adsymptotic.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.advertising.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechjp.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adx.adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:adzerk.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:agkn.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:amgdgt.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:angsrvr.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:api.taboola.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:assets.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:atemda.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:atwola.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:basebanner.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidr.io
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bidswitch.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bizrate.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bluekai.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.appier.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:connexity.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:contextweb.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:crwdcntrl.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ctnsnet.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:cw.addthis.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:cxense.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:d.adroll.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:de17a.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:delivery.g.switchadhub.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:delivery.swid.switchadhub.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dellinc.tt.omtrdc.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dh.serving-sys.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dlx.addthis.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtracker.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dmtry.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:domdex.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dotomi.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dpm.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:dsp.linksynergy.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:emjcd.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.adzerk.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:erne.co
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:everesttech.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyereturn.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:eyeviewads.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:flashtalking.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:go.sonobi.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleads.g.doubleclick.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:googleadservices.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:gssprt.jp
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:gwallet.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ib.mookie1.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ibeu2.mookie1.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ibillboard.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:igodigital.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ih.adscale.de
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:imrworldwide.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:intel.tt.omtrdc.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ipredictive.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ithakaharbors.tt.omtrdc.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:korrelate.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:krxd.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:legolas-media.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:lijit.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:linksynergy.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:m6r.eu
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:match.adsby.bidtheatre.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:match.rundsp.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mathtag.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:metrigo.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mgm.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ml314.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mookie1.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mtvn.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:mxptint.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:nexac.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:nvidia.tt.omtrdc.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:optimatic.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:oracle.112.2o7.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:outbrain.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:owneriq.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:pixel.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:po.st
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool.admedo.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:postrelease.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:pswec.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:pubmatic.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:rfihub.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:rlcdn.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:sa.scorecardresearch.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:samsung-benelux.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:samsung-germany.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:sandbox.bidswitch.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:scorecardresearch.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:secure-assets.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:server.adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:simpli.fi
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:sitescout.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:skimresources.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:skydeutschland.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:swid.switchads.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:switchadhub.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:sxp.smartclip.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:taboola.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap-secure.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tap2-cdn.rubiconproject.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tapad.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:thechronicleofhighereducation.122.2o7.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tidaltv.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.analyticsbridge.io
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.rtb-media.me
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.venatusmedia.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:trc.taboola.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tremorhub.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:tubemogul.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:turn.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:u3s.mathtag.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:undertone.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:univide.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:vfde.demdex.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:video.adaptv.advertising.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:vindicosuite.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:virool.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:visualdna.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:w55c.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:yieldlab.net
         C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com
         C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCookies\Low\LAF8GA6E.cookie
      Me siguen mandando mensajes a traves de paginas web en las que estoy registrado. Que puedo hacer?

    Página 2 de 2 PrimeroPrimero 12