Hola Pablo Videla, podrías desde otra estación ver el tráfico de tu lan desde el arranque, luego abres el navegador y te enfocas en las peticiones extrañas... y te aseguras que solo sea inyección de publicidad y no un backdoor que esté subiendo info, saludos!
Starting Nmap 6.47 (
http://nmap.org ) at 2015-06-10 09:07 CLT
NSE: Loaded 118 scripts for scanning.
NSE: Script Pre-scanning.
Initiating Parallel DNS resolution of 1 host. at 09:07
Completed Parallel DNS resolution of 1 host. at 09:07, 0.17s elapsed
Initiating SYN Stealth Scan at 09:07
Scanning pc-35-0-45-190.cm.vtr.net (190.45.0.35) [1000 ports]
Discovered open port 80/tcp on 190.45.0.35
Discovered open port 443/tcp on 190.45.0.35
Completed SYN Stealth Scan at 09:07, 8.52s elapsed (1000 total ports)
Initiating Service scan at 09:07
Scanning 2 services on pc-35-0-45-190.cm.vtr.net (190.45.0.35)
Completed Service scan at 09:08, 12.36s elapsed (2 services on 1 host)
Initiating OS detection (try #1) against pc-35-0-45-190.cm.vtr.net (190.45.0.35)
Retrying OS detection (try #2) against pc-35-0-45-190.cm.vtr.net (190.45.0.35)
Initiating Traceroute at 09:08
Completed Traceroute at 09:08, 3.02s elapsed
Initiating Parallel DNS resolution of 6 hosts. at 09:08
Completed Parallel DNS resolution of 6 hosts. at 09:08, 0.07s elapsed
NSE: Script scanning 190.45.0.35.
Initiating NSE at 09:08
Completed NSE at 09:08, 1.81s elapsed
Nmap scan report for pc-35-0-45-190.cm.vtr.net (190.45.0.35)
Host is up (0.051s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE VERSION
80/tcp open http Google httpd 2.0 (GFE)
|_http-favicon: Unknown favicon MD5: A300693728F5CAA531A6886D9B8F38C2
|_http-generator: ERROR: Script execution failed (use -d to debug)
|_http-methods: No Allow or Public header in OPTIONS response (status code 405)
| http-robots.txt: 251 disallowed entries (15 shown)
| /search /sdch /groups /catalogs /catalogues /news /nwshp
| /setnewsprefs? /index.html? /? /?hl=*& /?hl=*&*&gws_rd=ssl
|_/addurl/image? /mail/ /pagead/
|_http-title: Did not follow redirect to http://www.google.com/
443/tcp open ssl/http Google httpd 2.0 (GFE)|_http-methods: No Allow or Public header in OPTIONS response (status code 404)
|_http-title: Error 404 (Not Found)!!1
| ssl-cert: Subject: commonName=google.com/organizationName=Google Inc/stateOrProvinceName=California/countryName=US
| Issuer: commonName=Google Internet Authority G2/organizationName=Google Inc/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Not valid before: 2015-06-03T09:40:42+00:00
| Not valid after: 2015-09-01T00:00:00+00:00
| MD5: 3572 944c d528 1ee7 8eeb 9d51 47c9 27aa
|_SHA-1: 290c d85e 69c2 fd6b ead7 e064 73b8 068f 54f8 a3a5
|_ssl-date: 2015-06-10T13:08:11+00:00; -5s from local time.
| tls-nextprotoneg:
| h2
| h2-15
| h2-14
| spdy/3.1
| spdy/3
|_ http/1.1
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose|WAP
Running (JUST GUESSING): FreeBSD 6.X (91%), Linux 2.6.X (88%), ZoneAlarm embedded (86%)
OS CPE: cpe:/o:freebsd:freebsd:6.2 cpe:/o:linux:linux_kernel:2.6 cpe:/h:zonealarm:z100g
Aggressive OS guesses: FreeBSD 6.2-RELEASE (91%), Linux 2.6.18 (88%), Linux 2.6.9 - 2.6.27 (86%), ZoneAlarm Z100G WAP (86%)
No exact OS matches for host (test conditions non-ideal).
Uptime guess: 2.710 days (since Sun Jun 7 16:05:17 2015)
Network Distance: 7 hops
TCP Sequence Prediction: Difficulty=260 (Good luck!)
IP ID Sequence Generation: Randomized
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
TRACEROUTE (using port 80/tcp)
HOP RTT ADDRESS
1 15.55 ms 192.168.1.1
2 ...
3 52.44 ms 192.168.248.170
4 50.26 ms 192.168.22.141
5 50.26 ms 192.168.15.126
6 50.26 ms 192.168.99.138
7 49.72 ms pc-35-0-45-190.cm.vtr.net (190.45.0.35)
NSE: Script Post-scanning.
Read data files from: /usr/bin/../share/nmap
OS and Service detection performed. Please report any incorrect results at
http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 32.53 seconds
Raw packets sent: 2092 (95.880KB) | Rcvd: 62 (3.808KB)