• Registrarse
  • Iniciar sesión


  • Resultados 1 al 7 de 7

    Spyware de Relevant Knowledge detectado por MalawareBytes

    Hola! Hace un tiempo (ya no me acuerdo cuando) me apareció en el inicio el programa RelevantKnowledge, como no lo habia instalado lo elimine, pase el cCleaner y antivirus que encontraron algun spyware que eliminaron. ...

    1. #1
      Usuario Avatar de vicnatii
      Registrado
      jul 2010
      Ubicación
      Argentina
      Mensajes
      16

      Atención Spyware de Relevant Knowledge detectado por MalawareBytes

      Hola!

      Hace un tiempo (ya no me acuerdo cuando) me apareció en el inicio el programa RelevantKnowledge, como no lo habia instalado lo elimine, pase el cCleaner y antivirus que encontraron algun spyware que eliminaron. Mi hna uso mi compu asi que no tengo idea como se instalo.

      El tema es que hoy volvi a correr el Malawarebytes (lo actualice antes) y me detectó esto:

      Carpetas Detectadas: 2
      C:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> En cuarentena y eliminado con éxito.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (PUP.Spyware.MarketScore) -> En cuarentena y eliminado con éxito.

      Archivos Detectados: 3
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\About RelevantKnowledge.lnk (PUP.Spyware.MarketScore) -> En cuarentena y eliminado con éxito.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (PUP.Spyware.MarketScore) -> En cuarentena y eliminado con éxito.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (PUP.Spyware.MarketScore) -> En cuarentena y eliminado con éxito.

      Asi que obviamente no lo elimine del todo antes.

      Como me aseguro de sacarlo del todo?

      Desde ya muchas gracias,
      Nati

    2. #2
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Hola Natalia

      Vamos a eliminar este spyware.
      Por favor, realiza lo siguiente:

      Descarga al escritorio (pero no ejecutes aún) las siguientes herramientas:

      Malwarebytes Antimalware | Manual. Actualiza la base de datos de este programa.

      Rkill.
      Procede en Modo Seguro

      Ejecuta Rkill como administrador. Es muy importante que, a partir de este punto, no reinicies el sistema hasta que se te solicite.

      Ejecuta Malwarebytes Antimalware.
      • Selecciona "Realizar un análisis completo" y luego presiona Analizar.
      • El Análisis puede tomar algún tiempo para terminar, así que por favor se paciente.
      • Cuando el Análisis se haya completado, haga clic en 'Aceptar', a continuación, mostrar los resultados. Elimina todo lo que encuentre (Haciendo clic en "Eliminar seleccionados") como muestra la imagen
      • Es posible que le solicite reiniciar su ordenador para completar con la desinfección y reparación de las áreas afectadas del sistema, por lo que permita el reinicio para terminar.
      • Descarga >> AT-Destroyer (Adwares/Toolbars-Destroyer) by @Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta AT-Destroyer. (Si usas Windows Vista o 7 Presiona clic derecho y selecciona "Ejecutar como Administrador.")
      • Aparecerá el Disclaimer, si estás de acuerdo, presiona SI para continuar.
      • Presiona sobre la opción 1 (Buscar y Destruir) para comenzar el escaneo.
      • AT-Destroyer desconectará el escritorio momentáneamente, esto es normal.
      • En caso de estar infectado, AT-Destroyer lo indicará con lineas rojas donde se haya encontrado la infección, sino, serán lineas verdes.
      • Una vez terminado el escaneo, podrás volver a ver el escritorio y se te abrirá un reporte, que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.(También lo puedes encontrar en C:\AT-Destroyer.log)
      • Inmediatamente debes Reiniciar el equipo.
      Descarga y ejecuta >> Ccleaner.
      • Usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que te muestre como obsoletos.
      • Después usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).


      Realiza un análisis completo con Eset Online Scanner de la siguiente forma:
      Lo ejecutas.

      Marcas las casillas de Eliminar las amenazas detectadas y Analizar archivos.

      Haces clic en Configuración adicional y ahi marcas las casillas:
      • Analizar en busca de aplicaciones potencialmente indeseables.
      • Analizar en busca de aplicaciones potencialmente peligrosas.
      • Activar la tecnolgía Anti-Stealth.


      Pulsas en Iniciar para que empiece a descargar la base firmas de virus y posteriormente empiece a analizar tu sistema.

      Presioná Lista de las amenazas encontradas.


      Exportá a un archivo de texto.

      Localizar el reporte en C:\Archivos de programa\ESET\ESET Online Scanner\log
      Nos traes los reportes de RKill, Malwarebytes Antimalware, AT-Destroyer y ESET Online Scanner.
      Y nos comentas cómo funciona tu equipo

      Saludos

    3. #3
      Usuario Avatar de vicnatii
      Registrado
      jul 2010
      Ubicación
      Argentina
      Mensajes
      16

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Hola!

      Disculpa la demora en contestar, debo haber borrado el mail donde me avisaban de la respuesta o se habra ido a la carpeta de spam.

      Acá te adjunto los reportes:


      Rkill

      This log file is located at C:\rkill.log.
      Please post this only if requested to by the person helping you.
      Otherwise you can close this log when you wish.

      Rkill was run on 11/12/2012 at 17:43:38.
      Operating System: Windows Vista (TM) Home Basic


      Processes terminated by Rkill or while it was running:

      Processes terminated by Rkill or while it was running:

      C:\Windows\system32\conime.exe
      C:\Windows\system32\conime.exe


      Rkill completed on 11/12/2012 at 17:43:39.


      Rkill completed on 11/12/2012 at 17:43:47.



      Malawarebytes

      Malwarebytes Anti-Malware 1.65.1.1000
      www.malwarebytes.org

      Versión de la Base de Datos: v2012.12.11.11

      Windows Vista Service Pack 2 x86 NTFS (modo seguro)
      Internet Explorer 8.0.6001.19328
      Nati :: NATI1 [administrador]

      11/12/2012 05:44:37 p.m.
      mbam-log-2012-12-11 (17-44-37).txt

      Tipos de Análisis: Análisis Completo (C:\|E:\|)
      Opciones de análisis activado: Memoria | Inicio | Registro | Sistema de archivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
      Opciones de análisis desactivados: P2P
      Objetos examinados: 473891
      Tiempo transcurrido: 1 hora(s), 38 minuto(s), 6 segundo(s)

      Procesos en Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Módulos de Memoria Detectados: 0
      (No se han detectado elementos maliciosos)

      Claves del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Valores del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Elementos de Datos del Registro Detectados: 0
      (No se han detectado elementos maliciosos)

      Carpetas Detectadas: 0
      (No se han detectado elementos maliciosos)

      Archivos Detectados: 4
      C:\Program Files\Adobe\Adobe Photoshop CS6\15_amtlib_ed506.dll (PUP.RiskwareTool.CK) -> En cuarentena y eliminado con éxito.
      C:\Program Files\Adobe\Adobe Photoshop CS6\amtlib.dll (PUP.RiskwareTool.CK) -> En cuarentena y eliminado con éxito.
      C:\Users\Nati\Cosas Marce\SONY.Sound.Forge.Pro.v10.0d.Build.506.Incl.Keygen.and.Patch-DI\SONY.Sound.Forge.Pro.v10.0d.Build.506.Incl.Keygen.and.Patch-DI\Keygen.exe (RiskWare.Tool.HCK) -> En cuarentena y eliminado con éxito.
      C:\Users\Nati\Downloads\B63.tmp (PUP.Adware.MediaGet) -> En cuarentena y eliminado con éxito.

      fin)



      AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 19:32:01 \\\ 11/12/2012
      AT-Destroyer 2.1 By Infospyware ---> www.infospyware.com
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:8.0.6001.19328
      Mozilla Firefox:13.0.1.4548
      Privilegios: Nati - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: NATI1
      Información del sistema operativo:X86-WIN_VISTA-Service Pack 2
      nombre del usuario:Nati
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\Nati\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Nati\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)


      >>>>>> Archivos <<<<<<

      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files\Mozilla Firefox\extensions\[email protected](No eliminado)
      C:\user.js


      >>>>>> Registro <<<<<<



      ESET Online Scanner

      C:\Users\Nati\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\1c5eaa0d-6cad61df una variante de Java/Exploit.CVE-2010-0094.O Troyano eliminado - puesto en Cuarentena
      C:\Users\Nati\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\6846e709-3935781b una variante de Java/Exploit.CVE-2010-0094.O Troyano eliminado - puesto en Cuarentena
      C:\Users\Nati\Cosas Marce\Sony.Products.Multikeygen.v2.1.Keygen.and.Patch.Only.READ.NFO-DI-.rar una variante de Win32/Keygen.AR aplicación eliminado - puesto en Cuarentena


      Por lo que vi igual parece que por mas que definitivamente estaba infectada, ya no es el relevant knowledge. Tengo que tener mas cuidado de prestar la compu.

      Desde ya muchas gracias!
      Nati
      Última edición por vicnatii fecha: 11/12/12 a las 23:46:17

    4. #4
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Hola,

      No te preocupes

      El reporte de AT-Destroyer está incompleto, falta una parte más larga con un listado Pega el reporte completo en tu próxima respuesta por favor.

      Solo quedaría ver este reporte y eliminar unas cosas que se muestran en el
      Recuerda comentarnos cómo funciona tu ordenador.
      Saludos

    5. #5
      Usuario Avatar de vicnatii
      Registrado
      jul 2010
      Ubicación
      Argentina
      Mensajes
      16

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Mi computadora estaba andando bastante lento, ahora esta mucho mejor! Aunque todavia cada tanto tarda mas de lo normal en abrir algunas cosas con las que antes no tenia problemas.

      Acá va el reporte completo:

      AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 19:32:01 \\\ 11/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:8.0.6001.19328
      Mozilla Firefox:13.0.1.4548
      Privilegios: Nati - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: NATI1
      Información del sistema operativo:X86-WIN_VISTA-Service Pack 2
      nombre del usuario:Nati
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\Nati\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Nati\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)


      >>>>>> Archivos <<<<<<

      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files\Mozilla Firefox\extensions\[email protected](No eliminado)
      C:\user.js


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {98889811-442D-49dd-99D7-DC866BE87DBC}


      >>>>>> Heurística <<<<<<

      C:\Users\Nati\AppData\Roaming\DataSafeDotNet.exe ((Heur malware.win32.generic))
      C:\Program Files\utorrent.exe (Heur malware.win32.generic)


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-2865493852-3273033469-3934534547-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "www.google.com");
      user_pref("browser.startup.homepage_override.buildID", "20120614114901");
      user_pref("browser.startup.homepage_override.mstone", "13.0.1");
      user_pref("sweetim.toolbar.urls.homepage", "http://isearch.babylon.com/?affID=116424&tt=270912_ctrl2_3912_7&babsrc=HP_ss&mntrId=0e5c32f000000000000000225fbfd0d5");


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\13
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhgjemnihddbfapdmoiejlebpoellf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbkdfimpfoeggmdoiiiakcfipifkiam
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcddcfoblbgmnaklcpkbfajnfikinhn
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgjfppmemjoiimknjbbmnajephibioe
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [10/12/2012 09:39 p.m.] [29/04/2012 01:23 a.m.] [N] C:\Users\Nati\AppData\Roaming\AIMP3
      [16/02/2012 10:59 a.m.] [23/08/2009 11:41 a.m.] [N] C:\Users\Nati\AppData\Roaming\Apple Computer
      [07/11/2010 12:43 p.m.] [07/11/2010 12:16 p.m.] [N] C:\Users\Nati\AppData\Roaming\ArcSoft
      [01/11/2011 11:51 a.m.] [01/11/2011 11:51 a.m.] [N] C:\Users\Nati\AppData\Roaming\AVG2012
      [22/10/2012 02:17 p.m.] [04/09/2010 01:18 p.m.] [N] C:\Users\Nati\AppData\Roaming\calibre
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\Users\Nati\AppData\Roaming\Creative
      [29/08/2009 08:04 p.m.] [29/08/2009 08:04 p.m.] [N] C:\Users\Nati\AppData\Roaming\CyberLink
      [02/04/2012 02:50 a.m.] [02/04/2012 02:50 a.m.] [N] C:\Users\Nati\AppData\Roaming\cYo
      [09/12/2012 10:37 a.m.] [29/08/2010 07:31 p.m.] [N] C:\Users\Nati\AppData\Roaming\DAEMON Tools Lite
      [25/05/2011 03:21 p.m.] [31/07/2009 10:11 p.m.] [N] C:\Users\Nati\AppData\Roaming\Dell
      C:\Users\Nati\AppData\Roaming\desktop.ini [HSAN] 6 bytes ( )
      [06/02/2011 05:18 p.m.] [27/01/2011 12:10 p.m.] [N] C:\Users\Nati\AppData\Roaming\DivX
      [11/12/2012 05:39 p.m.] [22/09/2012 03:39 p.m.] [N] C:\Users\Nati\AppData\Roaming\Dropbox
      [11/12/2012 01:20 a.m.] [06/05/2011 11:22 p.m.] [N] C:\Users\Nati\AppData\Roaming\dvdcss
      [15/08/2012 01:51 p.m.] [15/08/2012 01:29 p.m.] [N] C:\Users\Nati\AppData\Roaming\eCub
      [05/09/2010 10:14 p.m.] [31/01/2010 10:30 p.m.] [N] C:\Users\Nati\AppData\Roaming\ESTsoft
      [28/09/2012 11:02 p.m.] [28/09/2012 11:02 p.m.] [N] C:\Users\Nati\AppData\Roaming\ExpressFiles
      [27/06/2010 08:48 p.m.] [27/06/2010 08:48 p.m.] [N] C:\Users\Nati\AppData\Roaming\Facebook
      [13/06/2012 10:24 p.m.] [18/04/2012 09:40 p.m.] [0] C:\Users\Nati\AppData\Roaming\Foxit Software
      [29/07/2012 11:37 p.m.] [09/03/2012 06:37 p.m.] [N] C:\Users\Nati\AppData\Roaming\GlarySoft
      [02/08/2009 03:21 p.m.] [02/08/2009 03:17 p.m.] [N] C:\Users\Nati\AppData\Roaming\GonVisor
      [20/09/2009 12:47 a.m.] [20/09/2009 12:47 a.m.] [N] C:\Users\Nati\AppData\Roaming\Google
      [19/12/2010 07:04 p.m.] [19/12/2010 07:04 p.m.] [0] C:\Users\Nati\AppData\Roaming\Haihaisoft
      [19/12/2010 07:04 p.m.] [19/12/2010 07:04 p.m.] [N] C:\Users\Nati\AppData\Roaming\Haihaisoft Universal Player
      C:\Users\Nati\AppData\Roaming\Hybrid Synthesizers [AN] 0 bytes ( )
      [26/05/2010 11:36 p.m.] [31/07/2009 10:14 p.m.] [N] C:\Users\Nati\AppData\Roaming\Identities
      C:\Users\Nati\AppData\Roaming\Image Capture [AN] 0 bytes ( )
      [12/07/2012 10:47 p.m.] [12/07/2012 10:47 p.m.] [N] C:\Users\Nati\AppData\Roaming\KompoZer
      [16/10/2010 12:41 a.m.] [16/10/2010 12:41 a.m.] [N] C:\Users\Nati\AppData\Roaming\Logia
      [31/07/2009 10:26 p.m.] [31/07/2009 10:26 p.m.] [N] C:\Users\Nati\AppData\Roaming\Macromedia
      [04/07/2010 07:50 p.m.] [04/07/2010 07:50 p.m.] [N] C:\Users\Nati\AppData\Roaming\Malwarebytes
      [30/04/2011 09:24 a.m.] [06/09/2009 06:37 p.m.] [N] C:\Users\Nati\AppData\Roaming\Media Player Classic
      [10/11/2012 08:25 p.m.] [31/07/2009 10:11 p.m.] [SN] C:\Users\Nati\AppData\Roaming\Microsoft
      [11/11/2010 06:08 p.m.] [11/11/2010 06:08 p.m.] [N] C:\Users\Nati\AppData\Roaming\Mobipocket
      [29/10/2009 03:21 p.m.] [29/10/2009 03:21 p.m.] [N] C:\Users\Nati\AppData\Roaming\Mozilla
      [28/11/2009 08:51 p.m.] [28/11/2009 08:43 p.m.] [N] C:\Users\Nati\AppData\Roaming\MyHeritage
      [07/11/2010 03:22 p.m.] [07/11/2010 03:20 p.m.] [N] C:\Users\Nati\AppData\Roaming\Nikon
      [01/05/2011 11:07 a.m.] [01/05/2011 11:07 a.m.] [N] C:\Users\Nati\AppData\Roaming\OpenOffice.org
      [04/03/2011 11:46 a.m.] [04/03/2011 11:38 a.m.] [N] C:\Users\Nati\AppData\Roaming\PCDr
      [13/07/2012 03:18 a.m.] [13/07/2012 02:21 a.m.] [N] C:\Users\Nati\AppData\Roaming\pdftoepub
      C:\Users\Nati\AppData\Roaming\PnkBstrK.sys [AN] 21,8 KB ( )
      [05/12/2010 08:59 a.m.] [05/12/2010 08:59 a.m.] [N] C:\Users\Nati\AppData\Roaming\Primal Pictures
      [10/12/2012 08:25 p.m.] [10/12/2012 08:25 p.m.] [N] C:\Users\Nati\AppData\Roaming\Publish Providers
      [29/07/2012 11:37 p.m.] [06/09/2009 06:36 p.m.] [N] C:\Users\Nati\AppData\Roaming\Real
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\Users\Nati\AppData\Roaming\Reallusion
      [12/09/2009 09:46 p.m.] [12/09/2009 09:46 p.m.] [N] C:\Users\Nati\AppData\Roaming\Roxio
      [31/08/2012 08:11 p.m.] [02/05/2010 11:25 a.m.] [N] C:\Users\Nati\AppData\Roaming\Skype
      [07/02/2012 09:49 a.m.] [02/05/2010 11:27 a.m.] [N] C:\Users\Nati\AppData\Roaming\skypePM
      [10/12/2012 08:25 p.m.] [10/12/2012 08:00 p.m.] [N] C:\Users\Nati\AppData\Roaming\Sony
      [04/07/2010 04:03 p.m.] [04/07/2010 04:03 p.m.] [N] C:\Users\Nati\AppData\Roaming\SUPERAntiSpyware.com
      [01/08/2009 01:11 p.m.] [01/08/2009 01:11 p.m.] [N] C:\Users\Nati\AppData\Roaming\Template
      [28/11/2009 07:54 p.m.] [28/11/2009 07:54 p.m.] [N] C:\Users\Nati\AppData\Roaming\The Complete Genealogy Reporter - FTB
      [13/01/2010 03:28 p.m.] [13/01/2010 03:28 p.m.] [N] C:\Users\Nati\AppData\Roaming\Thinstall
      [15/02/2012 10:08 p.m.] [15/02/2012 10:08 p.m.] [N] C:\Users\Nati\AppData\Roaming\Titanium
      [11/12/2012 05:16 p.m.] [29/10/2009 01:07 a.m.] [N] C:\Users\Nati\AppData\Roaming\uTorrent
      [26/03/2011 01:24 a.m.] [26/03/2011 01:24 a.m.] [N] C:\Users\Nati\AppData\Roaming\Vast Studios
      [09/12/2012 12:05 a.m.] [13/03/2011 08:18 p.m.] [N] C:\Users\Nati\AppData\Roaming\vlc
      [04/09/2009 07:47 p.m.] [04/09/2009 07:47 p.m.] [N] C:\Users\Nati\AppData\Roaming\WinRAR
      C:\Users\Nati\AppData\Roaming\wklnhst.dat [AN] 506 bytes ( )
      [12/07/2012 10:27 p.m.] [12/07/2012 10:27 p.m.] [N] C:\Users\Nati\AppData\Roaming\Xilisoft
      [26/05/2010 11:36 p.m.] [26/05/2010 11:36 p.m.] [N] C:\Users\Nati\AppData\Roaming\Zylom
      [20/10/2012 05:04 p.m.] [24/01/2012 10:22 p.m.] [0] C:\Program Files\Adobe
      [16/02/2012 04:20 a.m.] [05/09/2010 11:53 p.m.] [0] C:\Program Files\AIMP2
      [29/04/2012 01:23 a.m.] [29/04/2012 01:23 a.m.] [0] C:\Program Files\AIMP3
      [25/07/2011 04:10 p.m.] [25/07/2011 04:10 p.m.] [0] C:\Program Files\Alcohol Soft
      [25/08/2012 11:17 p.m.] [25/08/2012 11:15 p.m.] [0] C:\Program Files\Allmyapps
      [24/02/2012 03:17 p.m.] [24/02/2012 03:17 p.m.] [0] C:\Program Files\Android
      [15/02/2012 10:56 a.m.] [15/02/2012 10:56 a.m.] [0] C:\Program Files\Apple Software Update
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\Program Files\Archivos comunes
      [29/10/2012 04:13 p.m.] [29/10/2012 04:13 p.m.] [0] C:\Program Files\AVAST Software
      [29/10/2012 04:02 p.m.] [25/10/2010 11:14 p.m.] [0] C:\Program Files\AVG
      [15/02/2012 11:04 a.m.] [15/02/2012 11:04 a.m.] [0] C:\Program Files\Bonjour
      [22/10/2012 02:15 p.m.] [04/09/2010 01:16 p.m.] [0] C:\Program Files\Calibre2
      [10/03/2012 12:13 a.m.] [05/08/2011 12:33 p.m.] [0] C:\Program Files\cartilla
      [25/10/2012 07:01 p.m.] [22/08/2009 11:54 a.m.] [0] C:\Program Files\CCleaner
      [13/07/2009 08:58 p.m.] [13/07/2009 08:58 p.m.] [0] C:\Program Files\Citrix
      [22/08/2009 11:55 p.m.] [22/08/2009 11:55 p.m.] [0] C:\Program Files\Combined Community Codec Pack
      [02/04/2012 02:45 a.m.] [02/04/2012 02:43 a.m.] [0] C:\Program Files\ComicRack
      [29/10/2012 03:19 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Common Files
      [09/01/2011 11:41 p.m.] [09/01/2011 11:41 p.m.] [0] C:\Program Files\COMODO
      [13/03/2011 08:06 p.m.] [13/03/2011 08:06 p.m.] [0] C:\Program Files\ConvertHelper
      [13/07/2009 09:08 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Creative
      [13/07/2009 09:07 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Creative Live! Cam
      [13/07/2009 09:07 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\CyberLink
      [29/08/2010 07:33 p.m.] [29/08/2010 07:31 p.m.] [0] C:\Program Files\DAEMON Tools Lite
      [03/04/2010 03:15 p.m.] [03/04/2010 03:15 p.m.] [0] C:\Program Files\DCoder Image Source
      [18/02/2012 08:26 a.m.] [18/02/2012 08:26 a.m.] [0] C:\Program Files\Defraggler
      [13/07/2009 09:11 p.m.] [13/07/2009 08:51 p.m.] [0] C:\Program Files\Dell
      [13/07/2009 09:01 p.m.] [13/07/2009 09:01 p.m.] [0] C:\Program Files\Dell DataSafe Online
      [13/07/2009 08:50 p.m.] [13/07/2009 08:50 p.m.] [0] C:\Program Files\Dell Inc
      [05/08/2011 12:00 a.m.] [04/03/2011 11:49 a.m.] [0] C:\Program Files\Dell Support Center
      [13/07/2009 08:55 p.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Dell Video Chat
      [13/07/2009 09:08 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Dell Webcam
      [13/07/2009 11:27 p.m.] [13/07/2009 11:27 p.m.] [0] C:\Program Files\DellTPad
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [26/12/2011 01:55 p.m.] [27/01/2011 12:06 p.m.] [0] C:\Program Files\DivX
      [22/09/2012 03:39 p.m.] [22/09/2012 03:39 p.m.] [0] C:\Program Files\Dropbox
      [03/04/2010 03:09 p.m.] [03/04/2010 03:09 p.m.] [0] C:\Program Files\DScaler5
      [05/09/2010 10:14 p.m.] [31/01/2010 10:29 p.m.] [0] C:\Program Files\ESTsoft
      [28/11/2009 07:54 p.m.] [28/11/2009 07:54 p.m.] [0] C:\Program Files\Family Toolbar
      [18/04/2012 06:02 p.m.] [18/04/2012 06:02 p.m.] [0] C:\Program Files\Foxit Software
      [03/04/2010 03:13 p.m.] [03/04/2010 03:13 p.m.] [0] C:\Program Files\Gabest MPEG Splitter
      [20/06/2010 08:39 p.m.] [20/06/2010 08:39 p.m.] [0] C:\Program Files\Google
      [14/03/2011 11:49 p.m.] [04/09/2009 10:41 p.m.] [0] C:\Program Files\GRETECH
      [29/10/2009 11:08 a.m.] [29/10/2009 12:56 a.m.] [0] C:\Program Files\Hotspot Shield
      [13/07/2009 03:32 p.m.] [13/07/2009 03:32 p.m.] [0] C:\Program Files\IDT
      [15/08/2012 12:43 p.m.] [15/08/2012 12:43 p.m.] [H] C:\Program Files\InstallJammer Registry
      [12/11/2010 01:32 a.m.] [13/07/2009 08:51 p.m.] [H] C:\Program Files\InstallShield Installation Information
      [13/07/2009 08:51 p.m.] [13/07/2009 08:41 p.m.] [0] C:\Program Files\Intel
      [19/11/2012 09:33 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Internet Explorer
      [16/02/2012 09:58 a.m.] [16/02/2012 09:58 a.m.] [0] C:\Program Files\iPod
      [16/02/2012 09:59 a.m.] [15/02/2012 11:14 a.m.] [0] C:\Program Files\iTunes
      [29/10/2012 03:03 p.m.] [13/07/2009 08:49 p.m.] [0] C:\Program Files\Java
      [27/11/2012 08:04 p.m.] [24/12/2009 07:06 p.m.] [0] C:\Program Files\JDownloader
      [29/10/2012 11:46 a.m.] [24/12/2010 02:57 p.m.] [0] C:\Program Files\Malwarebytes' Anti-Malware
      [25/10/2010 10:55 p.m.] [13/07/2009 09:23 p.m.] [N] C:\Program Files\McAfee
      [14/11/2009 11:12 a.m.] [14/11/2009 11:12 a.m.] [0] C:\Program Files\Microsoft ActiveSync
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Microsoft Games
      [30/07/2011 03:53 p.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Microsoft Office
      [03/10/2009 09:03 p.m.] [03/10/2009 09:03 p.m.] [0] C:\Program Files\Microsoft Reader
      [17/02/2012 04:06 p.m.] [27/11/2009 05:50 p.m.] [0] C:\Program Files\Microsoft Silverlight
      [23/02/2011 07:59 p.m.] [23/02/2011 07:59 p.m.] [0] C:\Program Files\Microsoft SQL Server Compact Edition
      [15/12/2010 03:06 a.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Microsoft Works
      [02/11/2010 08:58 p.m.] [14/11/2009 11:11 a.m.] [0] C:\Program Files\Microsoft.NET
      [03/04/2010 03:14 p.m.] [03/04/2010 03:14 p.m.] [0] C:\Program Files\MONOGRAM AMR SplitterDecoder
      [13/08/2010 08:58 p.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Movie Maker
      [29/07/2012 03:35 p.m.] [29/10/2009 03:20 p.m.] [0] C:\Program Files\Mozilla Firefox
      [29/07/2012 03:35 p.m.] [02/05/2012 06:22 p.m.] [0] C:\Program Files\Mozilla Maintenance Service
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\MSBuild
      [08/11/2010 01:38 p.m.] [08/11/2010 01:38 p.m.] [0] C:\Program Files\MSXML 4.0
      [07/11/2010 12:39 p.m.] [07/11/2010 12:39 p.m.] [0] C:\Program Files\Nikon
      [29/04/2011 01:12 p.m.] [29/04/2011 01:11 p.m.] [0] C:\Program Files\OpenOffice.org 3
      [03/04/2010 03:12 p.m.] [03/04/2010 03:12 p.m.] [0] C:\Program Files\OpenSource DTSAC3DD+ Source Filter
      [11/10/2011 09:18 p.m.] [24/12/2010 04:56 p.m.] [0] C:\Program Files\Panda Security
      [18/02/2012 08:22 a.m.] [18/02/2012 08:22 a.m.] [0] C:\Program Files\Panda USB Vaccine
      [13/07/2012 02:21 a.m.] [13/07/2012 02:21 a.m.] [0] C:\Program Files\PDFtoEPUB
      [16/02/2012 10:34 a.m.] [16/02/2012 10:34 a.m.] [0] C:\Program Files\QuickTime
      [29/07/2012 11:37 p.m.] [14/03/2011 11:54 p.m.] [0] C:\Program Files\Real
      [26/03/2011 01:25 a.m.] [26/03/2011 12:52 a.m.] [0] C:\Program Files\RealArcade
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Reference Assemblies
      [13/07/2009 08:57 p.m.] [13/07/2009 08:56 p.m.] [0] C:\Program Files\Roxio
      [16/02/2012 10:30 a.m.] [16/02/2012 10:30 a.m.] [0] C:\Program Files\Safari
      [11/11/2010 11:38 p.m.] [11/11/2010 11:38 p.m.] [0] C:\Program Files\Seagate
      [03/04/2010 03:15 p.m.] [03/04/2010 03:15 p.m.] [0] C:\Program Files\SHOUTcast Source
      [15/08/2012 12:43 p.m.] [15/08/2012 12:43 p.m.] [0] C:\Program Files\Sigil
      [06/05/2012 06:30 p.m.] [07/02/2012 09:53 a.m.] [R] C:\Program Files\Skype
      [10/12/2012 09:16 p.m.] [10/12/2012 08:00 p.m.] [0] C:\Program Files\Sony
      [10/07/2010 12:16 p.m.] [04/07/2010 07:54 p.m.] [0] C:\Program Files\Spybot - Search & Destroy
      [18/02/2012 07:45 a.m.] [04/07/2010 07:44 p.m.] [0] C:\Program Files\SpywareBlaster
      [24/12/2010 04:27 p.m.] [24/12/2010 04:27 p.m.] [0] C:\Program Files\SUPERAntiSpyware
      [10/12/2012 11:01 p.m.] [10/12/2012 11:01 p.m.] [0] C:\Program Files\Transcribe!
      [02/11/2006 09:58 a.m.] [02/11/2006 09:58 a.m.] [H] C:\Program Files\Uninstall Information
      [24/09/2012 10:11 a.m.] [29/10/2009 01:08 a.m.] [0] C:\Program Files\uTorrent
      [13/03/2011 08:16 p.m.] [13/03/2011 08:16 p.m.] [0] C:\Program Files\VideoLAN
      [29/10/2012 03:20 p.m.] [29/10/2012 03:20 p.m.] [0] C:\Program Files\VS Revo Group
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Calendar
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Collaboration
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Defender
      [23/02/2011 07:58 p.m.] [01/08/2009 12:05 a.m.] [0] C:\Program Files\Windows Live
      [12/01/2012 03:23 a.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Windows Mail
      [13/10/2010 10:28 p.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Media Player
      [31/07/2009 10:06 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Windows NT
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Photo Gallery
      [18/11/2009 08:24 a.m.] [18/11/2009 08:24 a.m.] [0] C:\Program Files\Windows Portable Devices
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Sidebar
      [04/09/2009 07:46 p.m.] [04/09/2009 07:46 p.m.] [0] C:\Program Files\WinRAR
      [01/11/2009 08:55 a.m.] [23/08/2009 11:37 a.m.] [N] C:\ProgramData\Apple
      [23/08/2009 11:40 a.m.] [23/08/2009 11:39 a.m.] [N] C:\ProgramData\Apple Computer
      [07/11/2010 12:43 p.m.] [07/11/2010 12:17 p.m.] [H] C:\ProgramData\ArcSoft
      [29/10/2012 04:13 p.m.] [29/10/2012 04:13 p.m.] [N] C:\ProgramData\AVAST Software
      [25/10/2010 11:17 p.m.] [25/10/2010 11:17 p.m.] [H] C:\ProgramData\Common Files
      [09/01/2011 11:37 p.m.] [24/12/2010 04:45 p.m.] [N] C:\ProgramData\Comodo
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\ProgramData\Creative
      [29/08/2009 08:05 p.m.] [29/08/2009 08:04 p.m.] [N] C:\ProgramData\CyberLink
      [29/08/2010 07:31 p.m.] [29/08/2010 07:31 p.m.] [N] C:\ProgramData\DAEMON Tools Lite
      [20/11/2012 10:57 a.m.] [20/11/2012 10:57 a.m.] [N] C:\ProgramData\DAEMON Tools Pro
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Datos de programa
      [04/03/2011 11:49 a.m.] [13/07/2009 09:07 p.m.] [N] C:\ProgramData\Dell
      [26/12/2011 01:55 p.m.] [27/01/2011 12:48 a.m.] [N] C:\ProgramData\DivX
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Documentos
      [07/11/2010 12:38 p.m.] [07/11/2010 12:19 p.m.] [N] C:\ProgramData\EnterNHelp
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Escritorio
      [31/01/2010 10:30 p.m.] [31/01/2010 10:30 p.m.] [N] C:\ProgramData\Estsoft
      C:\ProgramData\ezsidmv.dat [HAN] 48 bytes 0
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Favoritos
      [13/11/2009 12:13 a.m.] [19/09/2009 08:14 p.m.] [N] C:\ProgramData\Google
      C:\ProgramData\Hybrid Morph [AN] 0 bytes 0
      C:\ProgramData\Icons [AN] 0 bytes 0
      [13/07/2009 08:56 p.m.] [13/07/2009 08:56 p.m.] [N] C:\ProgramData\InstallShield
      [04/07/2010 07:50 p.m.] [04/07/2010 07:50 p.m.] [N] C:\ProgramData\Malwarebytes
      [25/10/2010 10:55 p.m.] [13/07/2009 09:24 p.m.] [N] C:\ProgramData\McAfee
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Menú Inicio
      [10/11/2012 08:27 p.m.] [02/11/2006 08:18 a.m.] [N] C:\ProgramData\Microsoft
      [14/11/2009 11:02 a.m.] [13/07/2009 09:04 p.m.] [N] C:\ProgramData\Microsoft Help
      [02/05/2012 06:22 p.m.] [02/05/2012 06:22 p.m.] [N] C:\ProgramData\Mozilla
      [28/11/2009 08:46 p.m.] [28/11/2009 08:43 p.m.] [N] C:\ProgramData\MyHeritage
      [12/01/2010 11:44 a.m.] [12/01/2010 11:44 a.m.] [N] C:\ProgramData\NCH Swift Sound
      [30/12/2011 09:37 a.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\Norton
      [26/12/2011 04:53 p.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\NortonInstaller
      [13/08/2009 11:01 a.m.] [13/08/2009 11:01 a.m.] [N] C:\ProgramData\Office Genuine Advantage
      [25/12/2010 03:02 a.m.] [25/12/2010 03:02 a.m.] [N] C:\ProgramData\Panda Security
      [13/07/2009 09:02 p.m.] [13/07/2009 09:02 p.m.] [N] C:\ProgramData\PC-Doctor
      [01/08/2011 03:20 p.m.] [13/07/2009 09:02 p.m.] [N] C:\ProgramData\PCDr
      C:\ProgramData\PKP_DLdu.DAT [H] 0 bytes 0
      C:\ProgramData\PKP_DLdw.DAT [H] 0 bytes 0
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Plantillas
      [07/07/2011 10:34 a.m.] [07/07/2011 10:34 a.m.] [N] C:\ProgramData\Playrix Entertainment
      [16/06/2011 08:10 p.m.] [06/09/2009 06:36 p.m.] [N] C:\ProgramData\Real
      [20/10/2012 05:07 p.m.] [20/10/2012 05:07 p.m.] [N] C:\ProgramData\regid.1986-12.com.adobe
      [07/11/2012 04:27 p.m.] [12/09/2009 09:46 p.m.] [N] C:\ProgramData\Roxio
      [11/11/2010 11:38 p.m.] [11/11/2010 11:38 p.m.] [N] C:\ProgramData\Seagate
      [06/05/2012 06:30 p.m.] [02/05/2010 11:23 a.m.] [N] C:\ProgramData\Skype
      [12/09/2009 09:44 p.m.] [13/07/2009 08:57 p.m.] [N] C:\ProgramData\Sonic
      [10/12/2012 08:16 p.m.] [10/12/2012 08:00 p.m.] [N] C:\ProgramData\Sony
      [06/11/2012 12:14 p.m.] [04/07/2010 07:54 p.m.] [N] C:\ProgramData\Spybot - Search & Destroy
      [01/08/2010 06:31 p.m.] [01/08/2010 06:31 p.m.] [N] C:\ProgramData\Sun
      [04/07/2010 04:03 p.m.] [04/07/2010 04:03 p.m.] [N] C:\ProgramData\SUPERAntiSpyware.com
      [30/12/2011 09:37 a.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\Symantec
      [18/02/2012 07:46 a.m.] [03/04/2010 02:59 p.m.] [AN] C:\ProgramData\TEMP
      [26/03/2011 01:23 a.m.] [26/03/2011 01:23 a.m.] [N] C:\ProgramData\Trymedia
      [07/11/2010 12:38 p.m.] [07/11/2010 12:19 p.m.] [N] C:\ProgramData\Ultima_T15
      [13/07/2009 08:58 p.m.] [13/07/2009 08:58 p.m.] [N] C:\ProgramData\Uninstall
      [26/06/2010 03:00 p.m.] [26/06/2010 03:00 p.m.] [N] C:\ProgramData\WindowsSearch
      [26/05/2010 11:36 p.m.] [26/05/2010 11:36 p.m.] [N] C:\ProgramData\Zylom
      [27/06/2010 09:25 p.m.] [27/06/2010 09:23 p.m.] [N] C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [01/11/2009 09:27 a.m.] [01/11/2009 09:26 a.m.] [N] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
      [23/08/2009 11:40 a.m.] [23/08/2009 11:40 a.m.] [N] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

      ==================== EOF ==================

      Saludos!

    6. #6
      Usuario Avatar de vicnatii
      Registrado
      jul 2010
      Ubicación
      Argentina
      Mensajes
      16

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Mi computadora estaba andando bastante lento, ahora esta mucho mejor! Aunque todavia cada tanto tarda mas de lo normal en abrir algunas cosas con las que antes no tenia problemas.

      Acá va el reporte completo:

      AT-Destroyer

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 19:32:01 \\\ 11/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:8.0.6001.19328
      Mozilla Firefox:13.0.1.4548
      Privilegios: Nati - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: NATI1
      Información del sistema operativo:X86-WIN_VISTA-Service Pack 2
      nombre del usuario:Nati
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<



      >>>>>> Carpetas <<<<<<

      C:\Users\Nati\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Nati\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)


      >>>>>> Archivos <<<<<<

      C:\Program Files\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files\Mozilla Firefox\extensions\[email protected](No eliminado)
      C:\user.js


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {98889811-442D-49dd-99D7-DC866BE87DBC}


      >>>>>> Heurística <<<<<<

      C:\Users\Nati\AppData\Roaming\DataSafeDotNet.exe ((Heur malware.win32.generic))
      C:\Program Files\utorrent.exe (Heur malware.win32.generic)


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\System32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==http://go.microsoft.com/fwlink/?LinkId=69157


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      HKEY_USERS\S-1-5-21-2865493852-3273033469-3934534547-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==
      Default_Page_URL==


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "www.google.com");
      user_pref("browser.startup.homepage_override.buildID", "20120614114901");
      user_pref("browser.startup.homepage_override.mstone", "13.0.1");
      user_pref("sweetim.toolbar.urls.homepage", "http://isearch.babylon.com/?affID=116424&tt=270912_ctrl2_3912_7&babsrc=HP_ss&mntrId=0e5c32f000000000000000225fbfd0d5");


      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2

      >>>>>> Google Chrome <<<<<<

      "homepage": "http://www.google.com/",
      "homepage_changed": true,
      "homepage_is_newtabpage": false,


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\13
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhgjemnihddbfapdmoiejlebpoellf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\inbkdfimpfoeggmdoiiiakcfipifkiam
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgdloilieclkegafohackmhffbmdpko
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfdckejfnkaemompfjhecfmhjgnchmjg
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcddcfoblbgmnaklcpkbfajnfikinhn
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgjfppmemjoiimknjbbmnajephibioe
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

      ======== Listado ===========

      [10/12/2012 09:39 p.m.] [29/04/2012 01:23 a.m.] [N] C:\Users\Nati\AppData\Roaming\AIMP3
      [16/02/2012 10:59 a.m.] [23/08/2009 11:41 a.m.] [N] C:\Users\Nati\AppData\Roaming\Apple Computer
      [07/11/2010 12:43 p.m.] [07/11/2010 12:16 p.m.] [N] C:\Users\Nati\AppData\Roaming\ArcSoft
      [01/11/2011 11:51 a.m.] [01/11/2011 11:51 a.m.] [N] C:\Users\Nati\AppData\Roaming\AVG2012
      [22/10/2012 02:17 p.m.] [04/09/2010 01:18 p.m.] [N] C:\Users\Nati\AppData\Roaming\calibre
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\Users\Nati\AppData\Roaming\Creative
      [29/08/2009 08:04 p.m.] [29/08/2009 08:04 p.m.] [N] C:\Users\Nati\AppData\Roaming\CyberLink
      [02/04/2012 02:50 a.m.] [02/04/2012 02:50 a.m.] [N] C:\Users\Nati\AppData\Roaming\cYo
      [09/12/2012 10:37 a.m.] [29/08/2010 07:31 p.m.] [N] C:\Users\Nati\AppData\Roaming\DAEMON Tools Lite
      [25/05/2011 03:21 p.m.] [31/07/2009 10:11 p.m.] [N] C:\Users\Nati\AppData\Roaming\Dell
      C:\Users\Nati\AppData\Roaming\desktop.ini [HSAN] 6 bytes ( )
      [06/02/2011 05:18 p.m.] [27/01/2011 12:10 p.m.] [N] C:\Users\Nati\AppData\Roaming\DivX
      [11/12/2012 05:39 p.m.] [22/09/2012 03:39 p.m.] [N] C:\Users\Nati\AppData\Roaming\Dropbox
      [11/12/2012 01:20 a.m.] [06/05/2011 11:22 p.m.] [N] C:\Users\Nati\AppData\Roaming\dvdcss
      [15/08/2012 01:51 p.m.] [15/08/2012 01:29 p.m.] [N] C:\Users\Nati\AppData\Roaming\eCub
      [05/09/2010 10:14 p.m.] [31/01/2010 10:30 p.m.] [N] C:\Users\Nati\AppData\Roaming\ESTsoft
      [28/09/2012 11:02 p.m.] [28/09/2012 11:02 p.m.] [N] C:\Users\Nati\AppData\Roaming\ExpressFiles
      [27/06/2010 08:48 p.m.] [27/06/2010 08:48 p.m.] [N] C:\Users\Nati\AppData\Roaming\Facebook
      [13/06/2012 10:24 p.m.] [18/04/2012 09:40 p.m.] [0] C:\Users\Nati\AppData\Roaming\Foxit Software
      [29/07/2012 11:37 p.m.] [09/03/2012 06:37 p.m.] [N] C:\Users\Nati\AppData\Roaming\GlarySoft
      [02/08/2009 03:21 p.m.] [02/08/2009 03:17 p.m.] [N] C:\Users\Nati\AppData\Roaming\GonVisor
      [20/09/2009 12:47 a.m.] [20/09/2009 12:47 a.m.] [N] C:\Users\Nati\AppData\Roaming\Google
      [19/12/2010 07:04 p.m.] [19/12/2010 07:04 p.m.] [0] C:\Users\Nati\AppData\Roaming\Haihaisoft
      [19/12/2010 07:04 p.m.] [19/12/2010 07:04 p.m.] [N] C:\Users\Nati\AppData\Roaming\Haihaisoft Universal Player
      C:\Users\Nati\AppData\Roaming\Hybrid Synthesizers [AN] 0 bytes ( )
      [26/05/2010 11:36 p.m.] [31/07/2009 10:14 p.m.] [N] C:\Users\Nati\AppData\Roaming\Identities
      C:\Users\Nati\AppData\Roaming\Image Capture [AN] 0 bytes ( )
      [12/07/2012 10:47 p.m.] [12/07/2012 10:47 p.m.] [N] C:\Users\Nati\AppData\Roaming\KompoZer
      [16/10/2010 12:41 a.m.] [16/10/2010 12:41 a.m.] [N] C:\Users\Nati\AppData\Roaming\Logia
      [31/07/2009 10:26 p.m.] [31/07/2009 10:26 p.m.] [N] C:\Users\Nati\AppData\Roaming\Macromedia
      [04/07/2010 07:50 p.m.] [04/07/2010 07:50 p.m.] [N] C:\Users\Nati\AppData\Roaming\Malwarebytes
      [30/04/2011 09:24 a.m.] [06/09/2009 06:37 p.m.] [N] C:\Users\Nati\AppData\Roaming\Media Player Classic
      [10/11/2012 08:25 p.m.] [31/07/2009 10:11 p.m.] [SN] C:\Users\Nati\AppData\Roaming\Microsoft
      [11/11/2010 06:08 p.m.] [11/11/2010 06:08 p.m.] [N] C:\Users\Nati\AppData\Roaming\Mobipocket
      [29/10/2009 03:21 p.m.] [29/10/2009 03:21 p.m.] [N] C:\Users\Nati\AppData\Roaming\Mozilla
      [28/11/2009 08:51 p.m.] [28/11/2009 08:43 p.m.] [N] C:\Users\Nati\AppData\Roaming\MyHeritage
      [07/11/2010 03:22 p.m.] [07/11/2010 03:20 p.m.] [N] C:\Users\Nati\AppData\Roaming\Nikon
      [01/05/2011 11:07 a.m.] [01/05/2011 11:07 a.m.] [N] C:\Users\Nati\AppData\Roaming\OpenOffice.org
      [04/03/2011 11:46 a.m.] [04/03/2011 11:38 a.m.] [N] C:\Users\Nati\AppData\Roaming\PCDr
      [13/07/2012 03:18 a.m.] [13/07/2012 02:21 a.m.] [N] C:\Users\Nati\AppData\Roaming\pdftoepub
      C:\Users\Nati\AppData\Roaming\PnkBstrK.sys [AN] 21,8 KB ( )
      [05/12/2010 08:59 a.m.] [05/12/2010 08:59 a.m.] [N] C:\Users\Nati\AppData\Roaming\Primal Pictures
      [10/12/2012 08:25 p.m.] [10/12/2012 08:25 p.m.] [N] C:\Users\Nati\AppData\Roaming\Publish Providers
      [29/07/2012 11:37 p.m.] [06/09/2009 06:36 p.m.] [N] C:\Users\Nati\AppData\Roaming\Real
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\Users\Nati\AppData\Roaming\Reallusion
      [12/09/2009 09:46 p.m.] [12/09/2009 09:46 p.m.] [N] C:\Users\Nati\AppData\Roaming\Roxio
      [31/08/2012 08:11 p.m.] [02/05/2010 11:25 a.m.] [N] C:\Users\Nati\AppData\Roaming\Skype
      [07/02/2012 09:49 a.m.] [02/05/2010 11:27 a.m.] [N] C:\Users\Nati\AppData\Roaming\skypePM
      [10/12/2012 08:25 p.m.] [10/12/2012 08:00 p.m.] [N] C:\Users\Nati\AppData\Roaming\Sony
      [04/07/2010 04:03 p.m.] [04/07/2010 04:03 p.m.] [N] C:\Users\Nati\AppData\Roaming\SUPERAntiSpyware.com
      [01/08/2009 01:11 p.m.] [01/08/2009 01:11 p.m.] [N] C:\Users\Nati\AppData\Roaming\Template
      [28/11/2009 07:54 p.m.] [28/11/2009 07:54 p.m.] [N] C:\Users\Nati\AppData\Roaming\The Complete Genealogy Reporter - FTB
      [13/01/2010 03:28 p.m.] [13/01/2010 03:28 p.m.] [N] C:\Users\Nati\AppData\Roaming\Thinstall
      [15/02/2012 10:08 p.m.] [15/02/2012 10:08 p.m.] [N] C:\Users\Nati\AppData\Roaming\Titanium
      [11/12/2012 05:16 p.m.] [29/10/2009 01:07 a.m.] [N] C:\Users\Nati\AppData\Roaming\uTorrent
      [26/03/2011 01:24 a.m.] [26/03/2011 01:24 a.m.] [N] C:\Users\Nati\AppData\Roaming\Vast Studios
      [09/12/2012 12:05 a.m.] [13/03/2011 08:18 p.m.] [N] C:\Users\Nati\AppData\Roaming\vlc
      [04/09/2009 07:47 p.m.] [04/09/2009 07:47 p.m.] [N] C:\Users\Nati\AppData\Roaming\WinRAR
      C:\Users\Nati\AppData\Roaming\wklnhst.dat [AN] 506 bytes ( )
      [12/07/2012 10:27 p.m.] [12/07/2012 10:27 p.m.] [N] C:\Users\Nati\AppData\Roaming\Xilisoft
      [26/05/2010 11:36 p.m.] [26/05/2010 11:36 p.m.] [N] C:\Users\Nati\AppData\Roaming\Zylom
      [20/10/2012 05:04 p.m.] [24/01/2012 10:22 p.m.] [0] C:\Program Files\Adobe
      [16/02/2012 04:20 a.m.] [05/09/2010 11:53 p.m.] [0] C:\Program Files\AIMP2
      [29/04/2012 01:23 a.m.] [29/04/2012 01:23 a.m.] [0] C:\Program Files\AIMP3
      [25/07/2011 04:10 p.m.] [25/07/2011 04:10 p.m.] [0] C:\Program Files\Alcohol Soft
      [25/08/2012 11:17 p.m.] [25/08/2012 11:15 p.m.] [0] C:\Program Files\Allmyapps
      [24/02/2012 03:17 p.m.] [24/02/2012 03:17 p.m.] [0] C:\Program Files\Android
      [15/02/2012 10:56 a.m.] [15/02/2012 10:56 a.m.] [0] C:\Program Files\Apple Software Update
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\Program Files\Archivos comunes
      [29/10/2012 04:13 p.m.] [29/10/2012 04:13 p.m.] [0] C:\Program Files\AVAST Software
      [29/10/2012 04:02 p.m.] [25/10/2010 11:14 p.m.] [0] C:\Program Files\AVG
      [15/02/2012 11:04 a.m.] [15/02/2012 11:04 a.m.] [0] C:\Program Files\Bonjour
      [22/10/2012 02:15 p.m.] [04/09/2010 01:16 p.m.] [0] C:\Program Files\Calibre2
      [10/03/2012 12:13 a.m.] [05/08/2011 12:33 p.m.] [0] C:\Program Files\cartilla
      [25/10/2012 07:01 p.m.] [22/08/2009 11:54 a.m.] [0] C:\Program Files\CCleaner
      [13/07/2009 08:58 p.m.] [13/07/2009 08:58 p.m.] [0] C:\Program Files\Citrix
      [22/08/2009 11:55 p.m.] [22/08/2009 11:55 p.m.] [0] C:\Program Files\Combined Community Codec Pack
      [02/04/2012 02:45 a.m.] [02/04/2012 02:43 a.m.] [0] C:\Program Files\ComicRack
      [29/10/2012 03:19 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Common Files
      [09/01/2011 11:41 p.m.] [09/01/2011 11:41 p.m.] [0] C:\Program Files\COMODO
      [13/03/2011 08:06 p.m.] [13/03/2011 08:06 p.m.] [0] C:\Program Files\ConvertHelper
      [13/07/2009 09:08 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Creative
      [13/07/2009 09:07 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Creative Live! Cam
      [13/07/2009 09:07 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\CyberLink
      [29/08/2010 07:33 p.m.] [29/08/2010 07:31 p.m.] [0] C:\Program Files\DAEMON Tools Lite
      [03/04/2010 03:15 p.m.] [03/04/2010 03:15 p.m.] [0] C:\Program Files\DCoder Image Source
      [18/02/2012 08:26 a.m.] [18/02/2012 08:26 a.m.] [0] C:\Program Files\Defraggler
      [13/07/2009 09:11 p.m.] [13/07/2009 08:51 p.m.] [0] C:\Program Files\Dell
      [13/07/2009 09:01 p.m.] [13/07/2009 09:01 p.m.] [0] C:\Program Files\Dell DataSafe Online
      [13/07/2009 08:50 p.m.] [13/07/2009 08:50 p.m.] [0] C:\Program Files\Dell Inc
      [05/08/2011 12:00 a.m.] [04/03/2011 11:49 a.m.] [0] C:\Program Files\Dell Support Center
      [13/07/2009 08:55 p.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Dell Video Chat
      [13/07/2009 09:08 p.m.] [13/07/2009 09:07 p.m.] [0] C:\Program Files\Dell Webcam
      [13/07/2009 11:27 p.m.] [13/07/2009 11:27 p.m.] [0] C:\Program Files\DellTPad
      C:\Program Files\desktop.ini [HSA] 174 bytes( 0)
      [26/12/2011 01:55 p.m.] [27/01/2011 12:06 p.m.] [0] C:\Program Files\DivX
      [22/09/2012 03:39 p.m.] [22/09/2012 03:39 p.m.] [0] C:\Program Files\Dropbox
      [03/04/2010 03:09 p.m.] [03/04/2010 03:09 p.m.] [0] C:\Program Files\DScaler5
      [05/09/2010 10:14 p.m.] [31/01/2010 10:29 p.m.] [0] C:\Program Files\ESTsoft
      [28/11/2009 07:54 p.m.] [28/11/2009 07:54 p.m.] [0] C:\Program Files\Family Toolbar
      [18/04/2012 06:02 p.m.] [18/04/2012 06:02 p.m.] [0] C:\Program Files\Foxit Software
      [03/04/2010 03:13 p.m.] [03/04/2010 03:13 p.m.] [0] C:\Program Files\Gabest MPEG Splitter
      [20/06/2010 08:39 p.m.] [20/06/2010 08:39 p.m.] [0] C:\Program Files\Google
      [14/03/2011 11:49 p.m.] [04/09/2009 10:41 p.m.] [0] C:\Program Files\GRETECH
      [29/10/2009 11:08 a.m.] [29/10/2009 12:56 a.m.] [0] C:\Program Files\Hotspot Shield
      [13/07/2009 03:32 p.m.] [13/07/2009 03:32 p.m.] [0] C:\Program Files\IDT
      [15/08/2012 12:43 p.m.] [15/08/2012 12:43 p.m.] [H] C:\Program Files\InstallJammer Registry
      [12/11/2010 01:32 a.m.] [13/07/2009 08:51 p.m.] [H] C:\Program Files\InstallShield Installation Information
      [13/07/2009 08:51 p.m.] [13/07/2009 08:41 p.m.] [0] C:\Program Files\Intel
      [19/11/2012 09:33 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Internet Explorer
      [16/02/2012 09:58 a.m.] [16/02/2012 09:58 a.m.] [0] C:\Program Files\iPod
      [16/02/2012 09:59 a.m.] [15/02/2012 11:14 a.m.] [0] C:\Program Files\iTunes
      [29/10/2012 03:03 p.m.] [13/07/2009 08:49 p.m.] [0] C:\Program Files\Java
      [27/11/2012 08:04 p.m.] [24/12/2009 07:06 p.m.] [0] C:\Program Files\JDownloader
      [29/10/2012 11:46 a.m.] [24/12/2010 02:57 p.m.] [0] C:\Program Files\Malwarebytes' Anti-Malware
      [25/10/2010 10:55 p.m.] [13/07/2009 09:23 p.m.] [N] C:\Program Files\McAfee
      [14/11/2009 11:12 a.m.] [14/11/2009 11:12 a.m.] [0] C:\Program Files\Microsoft ActiveSync
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Microsoft Games
      [30/07/2011 03:53 p.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Microsoft Office
      [03/10/2009 09:03 p.m.] [03/10/2009 09:03 p.m.] [0] C:\Program Files\Microsoft Reader
      [17/02/2012 04:06 p.m.] [27/11/2009 05:50 p.m.] [0] C:\Program Files\Microsoft Silverlight
      [23/02/2011 07:59 p.m.] [23/02/2011 07:59 p.m.] [0] C:\Program Files\Microsoft SQL Server Compact Edition
      [15/12/2010 03:06 a.m.] [13/07/2009 08:55 p.m.] [0] C:\Program Files\Microsoft Works
      [02/11/2010 08:58 p.m.] [14/11/2009 11:11 a.m.] [0] C:\Program Files\Microsoft.NET
      [03/04/2010 03:14 p.m.] [03/04/2010 03:14 p.m.] [0] C:\Program Files\MONOGRAM AMR SplitterDecoder
      [13/08/2010 08:58 p.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Movie Maker
      [29/07/2012 03:35 p.m.] [29/10/2009 03:20 p.m.] [0] C:\Program Files\Mozilla Firefox
      [29/07/2012 03:35 p.m.] [02/05/2012 06:22 p.m.] [0] C:\Program Files\Mozilla Maintenance Service
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\MSBuild
      [08/11/2010 01:38 p.m.] [08/11/2010 01:38 p.m.] [0] C:\Program Files\MSXML 4.0
      [07/11/2010 12:39 p.m.] [07/11/2010 12:39 p.m.] [0] C:\Program Files\Nikon
      [29/04/2011 01:12 p.m.] [29/04/2011 01:11 p.m.] [0] C:\Program Files\OpenOffice.org 3
      [03/04/2010 03:12 p.m.] [03/04/2010 03:12 p.m.] [0] C:\Program Files\OpenSource DTSAC3DD+ Source Filter
      [11/10/2011 09:18 p.m.] [24/12/2010 04:56 p.m.] [0] C:\Program Files\Panda Security
      [18/02/2012 08:22 a.m.] [18/02/2012 08:22 a.m.] [0] C:\Program Files\Panda USB Vaccine
      [13/07/2012 02:21 a.m.] [13/07/2012 02:21 a.m.] [0] C:\Program Files\PDFtoEPUB
      [16/02/2012 10:34 a.m.] [16/02/2012 10:34 a.m.] [0] C:\Program Files\QuickTime
      [29/07/2012 11:37 p.m.] [14/03/2011 11:54 p.m.] [0] C:\Program Files\Real
      [26/03/2011 01:25 a.m.] [26/03/2011 12:52 a.m.] [0] C:\Program Files\RealArcade
      [02/11/2006 09:35 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Reference Assemblies
      [13/07/2009 08:57 p.m.] [13/07/2009 08:56 p.m.] [0] C:\Program Files\Roxio
      [16/02/2012 10:30 a.m.] [16/02/2012 10:30 a.m.] [0] C:\Program Files\Safari
      [11/11/2010 11:38 p.m.] [11/11/2010 11:38 p.m.] [0] C:\Program Files\Seagate
      [03/04/2010 03:15 p.m.] [03/04/2010 03:15 p.m.] [0] C:\Program Files\SHOUTcast Source
      [15/08/2012 12:43 p.m.] [15/08/2012 12:43 p.m.] [0] C:\Program Files\Sigil
      [06/05/2012 06:30 p.m.] [07/02/2012 09:53 a.m.] [R] C:\Program Files\Skype
      [10/12/2012 09:16 p.m.] [10/12/2012 08:00 p.m.] [0] C:\Program Files\Sony
      [10/07/2010 12:16 p.m.] [04/07/2010 07:54 p.m.] [0] C:\Program Files\Spybot - Search & Destroy
      [18/02/2012 07:45 a.m.] [04/07/2010 07:44 p.m.] [0] C:\Program Files\SpywareBlaster
      [24/12/2010 04:27 p.m.] [24/12/2010 04:27 p.m.] [0] C:\Program Files\SUPERAntiSpyware
      [10/12/2012 11:01 p.m.] [10/12/2012 11:01 p.m.] [0] C:\Program Files\Transcribe!
      [02/11/2006 09:58 a.m.] [02/11/2006 09:58 a.m.] [H] C:\Program Files\Uninstall Information
      [24/09/2012 10:11 a.m.] [29/10/2009 01:08 a.m.] [0] C:\Program Files\uTorrent
      [13/03/2011 08:16 p.m.] [13/03/2011 08:16 p.m.] [0] C:\Program Files\VideoLAN
      [29/10/2012 03:20 p.m.] [29/10/2012 03:20 p.m.] [0] C:\Program Files\VS Revo Group
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Calendar
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Collaboration
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Defender
      [23/02/2011 07:58 p.m.] [01/08/2009 12:05 a.m.] [0] C:\Program Files\Windows Live
      [12/01/2012 03:23 a.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Windows Mail
      [13/10/2010 10:28 p.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Media Player
      [31/07/2009 10:06 p.m.] [02/11/2006 08:18 a.m.] [0] C:\Program Files\Windows NT
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Photo Gallery
      [18/11/2009 08:24 a.m.] [18/11/2009 08:24 a.m.] [0] C:\Program Files\Windows Portable Devices
      [16/08/2009 10:01 a.m.] [02/11/2006 09:35 a.m.] [0] C:\Program Files\Windows Sidebar
      [04/09/2009 07:46 p.m.] [04/09/2009 07:46 p.m.] [0] C:\Program Files\WinRAR
      [01/11/2009 08:55 a.m.] [23/08/2009 11:37 a.m.] [N] C:\ProgramData\Apple
      [23/08/2009 11:40 a.m.] [23/08/2009 11:39 a.m.] [N] C:\ProgramData\Apple Computer
      [07/11/2010 12:43 p.m.] [07/11/2010 12:17 p.m.] [H] C:\ProgramData\ArcSoft
      [29/10/2012 04:13 p.m.] [29/10/2012 04:13 p.m.] [N] C:\ProgramData\AVAST Software
      [25/10/2010 11:17 p.m.] [25/10/2010 11:17 p.m.] [H] C:\ProgramData\Common Files
      [09/01/2011 11:37 p.m.] [24/12/2010 04:45 p.m.] [N] C:\ProgramData\Comodo
      [31/07/2009 11:33 p.m.] [31/07/2009 11:33 p.m.] [N] C:\ProgramData\Creative
      [29/08/2009 08:05 p.m.] [29/08/2009 08:04 p.m.] [N] C:\ProgramData\CyberLink
      [29/08/2010 07:31 p.m.] [29/08/2010 07:31 p.m.] [N] C:\ProgramData\DAEMON Tools Lite
      [20/11/2012 10:57 a.m.] [20/11/2012 10:57 a.m.] [N] C:\ProgramData\DAEMON Tools Pro
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Datos de programa
      [04/03/2011 11:49 a.m.] [13/07/2009 09:07 p.m.] [N] C:\ProgramData\Dell
      [26/12/2011 01:55 p.m.] [27/01/2011 12:48 a.m.] [N] C:\ProgramData\DivX
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Documentos
      [07/11/2010 12:38 p.m.] [07/11/2010 12:19 p.m.] [N] C:\ProgramData\EnterNHelp
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Escritorio
      [31/01/2010 10:30 p.m.] [31/01/2010 10:30 p.m.] [N] C:\ProgramData\Estsoft
      C:\ProgramData\ezsidmv.dat [HAN] 48 bytes 0
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Favoritos
      [13/11/2009 12:13 a.m.] [19/09/2009 08:14 p.m.] [N] C:\ProgramData\Google
      C:\ProgramData\Hybrid Morph [AN] 0 bytes 0
      C:\ProgramData\Icons [AN] 0 bytes 0
      [13/07/2009 08:56 p.m.] [13/07/2009 08:56 p.m.] [N] C:\ProgramData\InstallShield
      [04/07/2010 07:50 p.m.] [04/07/2010 07:50 p.m.] [N] C:\ProgramData\Malwarebytes
      [25/10/2010 10:55 p.m.] [13/07/2009 09:24 p.m.] [N] C:\ProgramData\McAfee
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Menú Inicio
      [10/11/2012 08:27 p.m.] [02/11/2006 08:18 a.m.] [N] C:\ProgramData\Microsoft
      [14/11/2009 11:02 a.m.] [13/07/2009 09:04 p.m.] [N] C:\ProgramData\Microsoft Help
      [02/05/2012 06:22 p.m.] [02/05/2012 06:22 p.m.] [N] C:\ProgramData\Mozilla
      [28/11/2009 08:46 p.m.] [28/11/2009 08:43 p.m.] [N] C:\ProgramData\MyHeritage
      [12/01/2010 11:44 a.m.] [12/01/2010 11:44 a.m.] [N] C:\ProgramData\NCH Swift Sound
      [30/12/2011 09:37 a.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\Norton
      [26/12/2011 04:53 p.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\NortonInstaller
      [13/08/2009 11:01 a.m.] [13/08/2009 11:01 a.m.] [N] C:\ProgramData\Office Genuine Advantage
      [25/12/2010 03:02 a.m.] [25/12/2010 03:02 a.m.] [N] C:\ProgramData\Panda Security
      [13/07/2009 09:02 p.m.] [13/07/2009 09:02 p.m.] [N] C:\ProgramData\PC-Doctor
      [01/08/2011 03:20 p.m.] [13/07/2009 09:02 p.m.] [N] C:\ProgramData\PCDr
      C:\ProgramData\PKP_DLdu.DAT [H] 0 bytes 0
      C:\ProgramData\PKP_DLdw.DAT [H] 0 bytes 0
      [31/07/2009 10:06 p.m.] [31/07/2009 10:06 p.m.] [HSN] C:\ProgramData\Plantillas
      [07/07/2011 10:34 a.m.] [07/07/2011 10:34 a.m.] [N] C:\ProgramData\Playrix Entertainment
      [16/06/2011 08:10 p.m.] [06/09/2009 06:36 p.m.] [N] C:\ProgramData\Real
      [20/10/2012 05:07 p.m.] [20/10/2012 05:07 p.m.] [N] C:\ProgramData\regid.1986-12.com.adobe
      [07/11/2012 04:27 p.m.] [12/09/2009 09:46 p.m.] [N] C:\ProgramData\Roxio
      [11/11/2010 11:38 p.m.] [11/11/2010 11:38 p.m.] [N] C:\ProgramData\Seagate
      [06/05/2012 06:30 p.m.] [02/05/2010 11:23 a.m.] [N] C:\ProgramData\Skype
      [12/09/2009 09:44 p.m.] [13/07/2009 08:57 p.m.] [N] C:\ProgramData\Sonic
      [10/12/2012 08:16 p.m.] [10/12/2012 08:00 p.m.] [N] C:\ProgramData\Sony
      [06/11/2012 12:14 p.m.] [04/07/2010 07:54 p.m.] [N] C:\ProgramData\Spybot - Search & Destroy
      [01/08/2010 06:31 p.m.] [01/08/2010 06:31 p.m.] [N] C:\ProgramData\Sun
      [04/07/2010 04:03 p.m.] [04/07/2010 04:03 p.m.] [N] C:\ProgramData\SUPERAntiSpyware.com
      [30/12/2011 09:37 a.m.] [26/12/2011 04:53 p.m.] [N] C:\ProgramData\Symantec
      [18/02/2012 07:46 a.m.] [03/04/2010 02:59 p.m.] [AN] C:\ProgramData\TEMP
      [26/03/2011 01:23 a.m.] [26/03/2011 01:23 a.m.] [N] C:\ProgramData\Trymedia
      [07/11/2010 12:38 p.m.] [07/11/2010 12:19 p.m.] [N] C:\ProgramData\Ultima_T15
      [13/07/2009 08:58 p.m.] [13/07/2009 08:58 p.m.] [N] C:\ProgramData\Uninstall
      [26/06/2010 03:00 p.m.] [26/06/2010 03:00 p.m.] [N] C:\ProgramData\WindowsSearch
      [26/05/2010 11:36 p.m.] [26/05/2010 11:36 p.m.] [N] C:\ProgramData\Zylom
      [27/06/2010 09:25 p.m.] [27/06/2010 09:23 p.m.] [N] C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
      [01/11/2009 09:27 a.m.] [01/11/2009 09:26 a.m.] [N] C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
      [23/08/2009 11:40 a.m.] [23/08/2009 11:40 a.m.] [N] C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

      ==================== EOF ==================

      Saludos!

    7. #7
      Usuario Avatar de Raudron
      Registrado
      sep 2012
      Ubicación
      El Mundo
      Mensajes
      1.467

      Re: Spyware de Relevant Knowledge detectado por MalawareBytes

      Hola,

      Por lo que puedo ver estás bastante bien protegida...

      Por favor, realiza lo siguiente:
      • Descarga OTM a tu escritorio. Te dejo su Manual.
      • Ejecuta OTM.exe
      • Nota: Si estás utilizando Windows Vista o Windows 7. Da click derecho sobre OTM.exe y selecciona Ejecutar Como Admistrador
      • Copia y pega el siguiente Script que se encuentra dentro del recuadro de abajo. (Se excluye la palabra Código)


      Código:
      :files
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgkhgjemnihddbfapdmoiejlebpoellf
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcddcfoblbgmnaklcpkbfajnfikinhn
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm
      C:\Users\Nati\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgjfppmemjoiimknjbbmnajephibioe
      C:\Users\Nati\AppData\Roaming\wklnhst.dat
      C:\Program Files\Family Toolbar /d
      
      :commands
      [emptytemp]
      [Reboot]
      • Presiona el botón rojo MoveIt!
      • Espera hasta cuando el resultado aparezca en el marco Results.
      • Permite que se reinicie el equipo, esto es importante.
      • Copia y Pega en tu próxima respuesta el reporte de OTM situado sobre C: \ _ OTM\MovedFiles\***_***.log


      Nota: Es posible que note archivos o carpetas visibles en el escritorio y/o en otro apartado del sistema, esto es normal, al finalizar los procedimientos, todo volverá a la normalidad.
      Descarga y ejecuta Ccleaner, de la siguiente forma:
      • Ve a su sección Herramientas > Inicio > Guardar a un archivo de texto. Guárdalo como startup.txt
      • Luego ve a Herramientas > Desinstalar programas > Guardar a un archivo de texto. Guárdalo como install.txt


      Después, subi a Virustotal los siguientes archivos:
      C:\ProgramData\ezsidmv.dat
      C:\ProgramData\PKP_DLdu.DAT
      C:\ProgramData\PKP_DLdw.DAT
      Nos traes el reporte de OTM, los enlaces de Virustotal y el contenido de los archvos de CCleaner.
      Y nos comentas cómo funciona tu equipo
      Saludos