Justo pongo el post y me va un enlace del CWShredder xDD
Este programa no desinfecta, no? Le doy a scan only y me sale lo siguiente:
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,SearchAssistant
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer,www
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,Search
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer,SearchURL
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL
Infected data: http://www.magicsearch.ws
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page,about:blank
Infected data: http://www.magicsearch.ws
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL
Infected data: http://www.magicsearch.ws
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page,about:blank
Infected data: http://www.magicsearch.ws
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch,http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
Infected data: http://www.magicsearch.ws/?q=
Infected Registry value:
HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes,www,http://
Infected data: http://www.magicsearch.ws/?q=
Hosts file not present
Found CWS.Control (if filesize is over 50k) file: C:\WINDOWS\control.exe (2159 bytes, A)
CWS.Vrape/CWS.Addclass Registry value: DefaultPrefix [] http://www.magicsearch.ws/?q=
CWS.Vrape/CWS.Addclass Registry value: WWW Prefix [www] http://www.magicsearch.ws/?q=
Registry value: Mosaic Prefix [mosaic] http://
Registry value: Home Prefix [home] http://
Found Win.ini file: C:\WINDOWS\win.ini (7861 bytes, A)
Found line in Win.ini: load=
Found line in Win.ini: run=
Found System.ini file: C:\WINDOWS\system.ini (2324 bytes, A)
Found line in System.ini: shell=Explorer.exe
- END OF REPORT -
Pero no veo ninguna opcion para desinfectar :'( que debo hacer ???










Autor



En línea


y de toda manera una vez que tengas las entradas de registro infectadas puedes borrarlas manualmente,


Bueno men, hasta luego.





