• Registrarse
  • Iniciar sesión


  • Resultados 1 al 2 de 2

    ¿Que sera lo que tiene?

    Buenas a todos los del foro, veran desde hace unos días mi PC ha estado rara, es una laptop HP con windows 7 original, todos los archivos de memorias extraibles los lee como archivos de ...

    1. #1
      Usuario Avatar de Luther91
      Registrado
      dic 2012
      Ubicación
      Mexico
      Mensajes
      1

      ¿Que sera lo que tiene?

      Buenas a todos los del foro, veran desde hace unos días mi PC ha estado rara, es una laptop HP con windows 7 original, todos los archivos de memorias extraibles los lee como archivos de acceso directo tambien hace ruidos de un "clic" o "doble clic" a cada rato o reproduce grabaciones de quien sabe donde, ya me ha tocado escuchar el rugido del leon de metro goldwyn mayer, una grabacion de una pagina playboy y sonidos de estatica momentanea, tengo instalado Avira y tambien eche a andar Dr Web y ni uno ni otro me detecto virus o algo fuera de lo normal. ¿a que creen que se deba? y ¿que puedo hacer para solucionarlo?
      gracias de antemano espero puedan ayudarme.

    2. #2
      Ex-Colaborador Avatar de Superlucas
      Registrado
      sep 2011
      Ubicación
      Argentina
      Mensajes
      15.747

      Re: ¿Que sera lo que tiene?

      Hola luther bienvenido al foro :

      • Realiza lo siguiente:
      • Descarga AT-Destroyer (Adwares/Toolbars-Destroyer) By Infospyware.
      • Desactiva temporalmente el Antivirus y/o Antispyware.
      • Ejecuta la herramienta como administrador.
      • Aparecerá el Disclaimer de la herramienta.Presiona .
      • Presiona sobre la opción 1 (Buscar y Destruir)
      • La herramienta desconectará el escritorio moméntaneamente.
      • En caso de estar infectado,la herramienta lo indicará con lineas rojas donde se haya encontrado la infección,sino,serán lineas verdes.
      • Una vez terminado el escaneo,podrás volver a ver el escritorio y se te abrirá un reporte,que deberás copiar en tu próxima respuesta comentando cómo funciona el sistema.
      Vas a correr o vas a pelear?- Muahy Thai

      * Síguenos en nuestro Twitter y hazte nuestro amigo en Facebook.
      * Infórmate de las ultimas amenazas de la red desde: InfoSpyware Blog
      * No se resuelven dudas por Privados ni por E-mail, ya que para eso esta el foro.

    3. #3
      Usuario Avatar de Luther91
      Registrado
      dic 2012
      Ubicación
      Mexico
      Mensajes
      1

      Re: ¿Que sera lo que tiene?

      Muchas gracias por tu respuesta Superlucas, he realizado el procedimiento y en efecto me aparecio infectado, te adjunto a continuacion el reporte que me dio el AT-destroyer:

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 13:11:58 \\\ 02/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:16.0.2.4680
      Privilegios: Oliver - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: OLIVER-HP
      Información del sistema operativo:X64-WIN_7-
      nombre del usuario:Oliver
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<

      npggsvc [nProtect GameGuard Service]---> "C:\Windows\system32\GameMon.des -service"


      >>>>>> Carpetas <<<<<<

      C:\Users\Oliver\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Oliver\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll 97
      C:\ProgramData\Tarma Installer 97


      >>>>>> Archivos <<<<<<

      C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected](No eliminado)
      C:\user.js
      C:\Windows\system32\GameMon.des
      C:\Users\Oliver\AppData\Local\Temp\Yontoo*.*


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
      HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
      HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
      HKLM\SOFTWARE\Classes\YontooIEClient.Api
      HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
      HKLM\SOFTWARE\Classes\YontooIEClient.Layers
      HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
      HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
      HKCU\SOFTWARE\Incredimail
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {98889811-442D-49dd-99D7-DC866BE87DBC}


      >>>>>> Heurística <<<<<<

      C:\Users\Oliver\AppData\Roaming\1FFB.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2804.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2AD5.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2BD0.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2EBD.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3209.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3523.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\36B9.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\36C7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\37C3.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3F72.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\401C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\410A.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\423F.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\4BF4.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\4EA8.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\5015.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\545A.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\576A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\5DAD.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\6B2D.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\6CCB.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\75F7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\78F6.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\7A4D.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\812E.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\8640.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\90AB.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\9D1F.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\A7AA.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\A8A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\Aigsgs.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\B275.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\B441.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\BA14.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\C4A0.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\C65A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D58B.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D7E7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D817.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\E065.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\E4E2.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EA4E.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EB9C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EBF3.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EF7C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F18F.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F1DF.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F6A7.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F73A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\vkyxdaqi0g.exe (Heur malware.win32.generic) <-- Será eliminado en el reinicio


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==about:blank


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==
      Default_search_url==
      Default_Page_URL==about:blank


      HKEY_USERS\S-1-5-21-3403095851-2062674177-2764131915-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==
      Default_search_url==
      Default_Page_URL==about:blank


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://ittravel.info");
      user_pref("browser.startup.homepage_override.buildID", "20121024073032");
      user_pref("browser.startup.homepage_override.mstone", "16.0.2");
      user_pref("pref.browser.homepage.disable_button.current_page", false);


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\[email protected]
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308

      >>>>>> Google Chrome <<<<<<

      { "default_search_provider": { "id": "6", "name": "Web Search", "search_url": "http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436", "suggest_url": "{google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}" , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } }, "browser" : { "window_placement" : { "bottom" : 718, "left" : 10, "maximized" : false, "right" : 1060, "top" : 10, "work_area_bottom" : 728, "work_area_left" : 0, "work_area_right" : 1366, "work_area_top" : 0 } }, "countryid_at_install" : 19800, "default_apps_install_state" : 2, "distribution" : { "create_all_shortcuts" : true, "do_not_launch_chrome" : true, "import_history" : false, "import_search_engine" : false, "make_chrome_default" : true, "show_welcome_page" : true, "skip_first_run_ui" : true, "verbose_logging" : false }, "dns_prefetching" : { "host_referral_list" : [ 2 ], "startup_list" : [ 1, "http://api.yontoo.com/" ] }, "download" : { "directory_upgrade" : true }, "extensions" : { "alerts" : { "initialized" : true }, "autoupdate" : { "next_check" : "12988675608869786" }, "chrome_url_overrides" : { "bookmarks" : [ "chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html" ] }, "settings" : { "ahfgeienlihckogmohjhadlkjgocpleb" : { "active_permissions" : { "api" : [ "appNotifications", "management", "webstorePrivate" ] }, "app_launcher_ordinal" : "n", "page_ordinal" : "n" }, "jpihmmhdcobmllpcnpfbhnipmhamldje" : { "ack_external" : true, "active_permissions" : { "api" : [ "tabs" ], "explicit_host" : [ "http://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561400760", "location" : 3, "manifest" : { "background_page" : "background.html", "description" : "The plug-in from the General-Crawler.com website which lets the users take part in supplementing of the file database of the biggest file search project by informing our crawlers that the given webpage contains links to file sharing sites.", "homepage_url" : "http://www.general-crawler.com", "icons" : { "128" : "icon128.png", "16" : "icon16.png", "48" : "icon48.png" }, "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpyi58qkm/v8iQrm5IskXawTQ+kYGA8dy0x3cMcpuX9cpzaBVlfiRPBWaJfFg8POcGIKePH7PWNObUY1PybJaM3V+ux9BX22lLRYf46sj+zru6sKRS75qXYAgbUNz/dnPojhiSM9soLcVAeUp1wYIgIbc5JoAgQxBbTX82ZrKlIwIDAQAB", "name" : "General Crawler", "permissions" : [ "tabs", "http://*/*" ], "update_url" : "http://1.update.general-crawler.com/updates/update_chrome.xml", "version" : "2.0" }, "path" : "jpihmmhdcobmllpcnpfbhnipmhamldje\\2.0_0", "state" : 1 }, "kodbfgphiipmnongkhceiafoecgahahb" : { "ack_external" : true, "active_permissions" : { "api" : [ "contextMenus", "cookies", "management", "notifications", "tabs" ], "explicit_host" : [ "http://*/*", "https://*/*" ], "scriptable_host" : [ "http://*/*", "https://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561583760", "location" : 3, "manifest" : { "background_page" : "background.html", "content_scripts" : [ { "all_frames" : true, "js" : [ "jquery.js", "worker.js" ], "matches" : [ "http://*/*", "https://*/*" ], "run_at" : "document_end" } ], "description" : "", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq0KfUzKEk0eT9+TuQ7TECscwYvpMRCxKD0l+ppzV/DnajldHlK41/vfbHuHko6I2FmpFpuY62eO8O9GdNZfg2SkW6i+m+Kk2mWKAgNqGy/jhb+hIR25j214Osqk6WjLUXNKxvFcZd3jhJffHXnu8PdgteG80P2F8fcM5035fohwIDAQAB", "name" : "wxDfast", "permissions" : [ "http://*/*", "https://*/*", "tabs", "cookies", "management", "notifications", "contextMenus" ], "version" : "1.0" }, "path" : "kodbfgphiipmnongkhceiafoecgahahb\\1.0_0", "state" : 1 }, "lifbcibllhkdhoafpjfnlhfpfgnpldfl" : { "ack_external" : true, "active_permissions" : { "api" : [ "plugin", "tabs" ], "explicit_host" : [ "http://*/*", "https://*/*" ], "scriptable_host" : [ "file:///*", "http://*/*", "https://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561851823", "location" : 3, "manifest" : { "background_page" : "background.html", "browser_action" : { "default_icon" : "skype.png", "default_title" : "Options" }, "content_scripts" : [ { "all_frames" : true, "js" : [ "contentscript.js" ], "matches" : [ "http://*/*", "file://*/*", "https://*/*" ], "run_at" : "document_end" } ], "description" : "Skype Click to Call", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZJxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB", "name" : "Skype Click to Call", "permissions" : [ "tabs", "http://*/*", "https://*/*" ], "plugins" : [ { "path" : "npSkypeChromePlugin.dll", "public" : true } ], "version" : "6.1.0.10441" }, "path" : "lifbcibllhkdhoafpjfnlhfpfgnpldfl\\6.1.0.10441_0", "state" : 1 }, "niapdbllcanepiiimjjndipklodoedlc" : { "ack_external" : true, "active_permissions" : { "api" : [ "tabs" ], "explicit_host" : [ "<all_urls>" ], "scriptable_host" : [ "<all_urls>" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561275760", "location" : 3, "manifest" : { "background_page" : "background.html", "content_scripts" : [ { "js" : [ "yl.js" ], "matches" : [ "<all_urls>" ] } ], "description" : "Add Yontoo to your web experience.", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1QuP3Oh7W1BChzJrLJZHGegsCjf+XRykCTm+Dqae3hVTCoz9gkXVN91kDQLmjEjGUZaR74SQsbgV8wI/QhGdcb1m2tw5rAXIcgS8KbanF0a3mDJjlVooxBOkfI0Ae2kQDIwAaTwkKLZjZ+YL6MQUQlsN3KkAW4PRQkmE/+biX6wIDAQAB", "name" : "Yontoo", "permissions" : [ "tabs", "<all_urls>" ], "update_url" : "https://download.yontoo.com/chrome-update.xml", "version" : "1.0.2" }, "path" : "niapdbllcanepiiimjjndipklodoedlc\\1.0.2_0", "state" : 1 } }, "toolbar" : [ "lifbcibllhkdhoafpjfnlhfpfgnpldfl" ], "toolbarsize" : -1 }, "homepage" : "http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436", "homepage_is_new_tab" : null, "homepage_is_newtabpage" : false, "ntp" : { "app_page_names" : [ "Aplicaciones" ], "gplus_required" : false, "promo_closed" : false, "promo_end" : 1343026800.0, "promo_group" : 0, "promo_group_max" : 1, "promo_group_timeslice" : 0, "promo_increment" : 1, "promo_initial_segment" : 1, "promo_line" : "¿Tienes un smartphone o un tablet? <a href=\"https://www.google.com/chrome/mobile/?utm_source=chrome&utm_medium=ntp&utm_campaign=ntp-promo\"> Consigue Chrome para dispositivos móviles</a>", "promo_num_groups" : 1, "promo_resource_cache_update" : "1344181880.129976", "promo_start" : 1341860400.0, "promo_views" : 0, "promo_views_max" : 15 }, "plugins" : { "enabled_internal_pdf3" : true, "enabled_nacl" : true }, "profile" : { "avatar_index" : 0, "content_settings" : { "clear_on_exit_migrated" : true, "pref_version" : 1 }, "exited_cleanly" : true, "name" : "Default Profile" }, "session" : { "restore_on_startup" : 4, "restore_on_startup_migrated" : true, "urls_to_restore_on_startup" : [ "http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436" ] }, "sync_promo" : { "startup_count" : 2, "user_skipped" : true, "view_count" : 2 } }


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\4
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodbfgphiipmnongkhceiafoecgahahb
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

      ======== Listado ===========

      [26/08/2012 02:23 p.m.] [26/08/2012 02:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\.minecraft
      [22/11/2011 09:49 a.m.] [04/06/2011 04:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Adobe
      C:\Users\Oliver\AppData\Roaming\Adobe PNG Format CS5 Prefs [AI] 132 bytes ( )
      [13/12/2011 11:47 a.m.] [13/12/2011 11:47 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Apple Computer
      [10/10/2012 12:21 p.m.] [10/10/2012 09:02 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Autodesk
      [02/12/2012 01:38 a.m.] [02/12/2012 01:38 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\AVG2013
      [13/09/2011 03:10 a.m.] [13/09/2011 03:10 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\AVS4YOU
      [01/12/2012 03:24 p.m.] [19/01/2012 06:58 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Azureus
      [25/09/2012 10:53 a.m.] [08/05/2012 12:27 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Beat Hazard
      [11/06/2011 10:53 p.m.] [09/06/2011 10:45 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Blender Foundation
      [13/04/2012 01:20 a.m.] [13/04/2012 01:20 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\BsPicture
      [21/02/2012 08:29 a.m.] [21/02/2012 08:29 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [10/10/2011 10:44 p.m.] [10/10/2011 10:44 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\com.adobe.dmp.contentviewer
      [06/10/2011 08:48 p.m.] [06/10/2011 08:48 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [12/10/2011 03:40 p.m.] [12/10/2011 03:40 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Corel
      [06/06/2011 03:21 p.m.] [04/06/2011 10:47 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\CyberLink
      [13/02/2012 03:38 p.m.] [13/02/2012 03:36 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\DAEMON Tools Lite
      [06/05/2012 12:45 a.m.] [06/05/2012 12:45 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Day 1 Studios
      [31/12/2011 11:58 a.m.] [28/12/2011 06:00 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\DivX
      [13/02/2012 03:55 p.m.] [21/01/2012 12:17 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\e-on software
      [21/11/2012 12:24 p.m.] [21/11/2012 11:52 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Free Media Converter
      [28/11/2012 10:10 p.m.] [28/11/2012 10:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\GamesCafe
      [06/09/2012 11:08 a.m.] [25/08/2012 12:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\GarenaPlus
      [13/04/2012 01:13 a.m.] [13/04/2012 01:11 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\GetRightToGo
      C:\Users\Oliver\AppData\Roaming\GhostObjGAFix.xml [AI] 1.81 KB ( )
      [04/06/2011 11:10 p.m.] [04/06/2011 11:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Greyfirst
      [20/06/2011 07:21 p.m.] [04/06/2011 04:12 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Hewlett-Packard
      [04/06/2011 04:19 p.m.] [04/06/2011 04:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\hpqlog
      [04/06/2011 04:19 p.m.] [04/06/2011 04:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Identities
      [28/11/2012 12:04 a.m.] [28/11/2012 12:04 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\iWin
      [04/06/2011 04:24 p.m.] [04/06/2011 04:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Macromedia
      [04/06/2011 08:57 p.m.] [04/06/2011 08:57 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\MascotYui
      [10/03/2011 01:28 a.m.] [04/06/2011 04:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Media Center Programs
      [04/03/2012 10:02 a.m.] [04/03/2012 09:51 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Media Finder
      [21/11/2012 11:32 a.m.] [04/06/2011 04:10 p.m.] [SDI] C:\Users\Oliver\AppData\Roaming\Microsoft
      [04/05/2012 03:17 a.m.] [04/06/2011 09:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Mozilla
      [02/08/2011 09:09 p.m.] [02/08/2011 09:09 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\MPEG Streamclip
      [29/11/2011 02:01 a.m.] [29/11/2011 02:01 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Nero
      [09/08/2012 12:31 p.m.] [09/08/2012 12:29 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\ooVoo Details
      [10/10/2011 10:07 p.m.] [10/10/2011 10:07 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\PACE Anti-Piracy
      C:\Users\Oliver\AppData\Roaming\Prefs. de filtro IllExport de Adobe CS5 [AI] 132 bytes ( )
      [06/02/2012 10:45 a.m.] [06/02/2012 10:45 a.m.] [D] C:\Users\Oliver\AppData\Roaming\Registry Mechanic
      C:\Users\Oliver\AppData\Roaming\room_v3.dat [AI] 44.2 KB ( )
      [02/12/2012 12:37 p.m.] [29/04/2012 04:24 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Skype
      [13/09/2011 06:00 p.m.] [13/09/2011 06:00 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Softplicity
      [04/02/2012 08:01 p.m.] [04/02/2012 07:59 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Sony Corporation
      [10/09/2011 01:59 p.m.] [10/09/2011 01:59 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Sports Interactive
      [10/10/2011 10:10 p.m.] [10/10/2011 10:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [04/08/2011 12:26 a.m.] [04/08/2011 12:26 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Tific
      [02/12/2012 01:22 a.m.] [02/12/2012 01:22 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\TuneUp Software
      [08/06/2011 11:32 p.m.] [08/06/2011 11:32 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Unity
      C:\Users\Oliver\AppData\Roaming\UserTile.png [AI] 4.45 KB ( )
      [29/04/2012 11:16 p.m.] [29/04/2012 11:16 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\VirtuaWin
      [19/03/2012 06:31 p.m.] [06/02/2012 03:37 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\vlc
      [15/06/2011 12:42 a.m.] [15/06/2011 12:21 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Windows Live Writer
      [04/06/2011 11:12 p.m.] [04/06/2011 11:06 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\WinRAR
      [13/06/2012 06:31 p.m.] [13/06/2012 06:30 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\YourFileDownloader
      [14/11/2012 10:57 a.m.] [14/11/2012 10:57 a.m.] [D] C:\Program Files (x86)\Activision
      [10/10/2011 09:24 p.m.] [21/10/2010 02:01 p.m.] [D] C:\Program Files (x86)\Adobe
      [06/10/2011 08:48 p.m.] [06/10/2011 08:48 p.m.] [D] C:\Program Files (x86)\Adobe Download Assistant
      [10/10/2011 09:05 p.m.] [10/10/2011 09:05 p.m.] [D] C:\Program Files (x86)\Adobe Story
      [02/08/2011 09:06 p.m.] [02/08/2011 09:06 p.m.] [D] C:\Program Files (x86)\Apple Software Update
      [05/06/2011 12:52 a.m.] [05/06/2011 12:51 a.m.] [D] C:\Program Files (x86)\Ares
      [17/10/2012 10:35 p.m.] [17/10/2012 10:35 p.m.] [D] C:\Program Files (x86)\Babylon
      [13/04/2012 01:15 a.m.] [13/04/2012 01:15 a.m.] [D] C:\Program Files (x86)\BS Soft
      [04/06/2011 11:08 p.m.] [04/06/2011 11:08 p.m.] [D] C:\Program Files (x86)\Celtx
      [28/11/2012 10:10 p.m.] [28/11/2012 10:10 p.m.] [D] C:\Program Files (x86)\Cluedo
      [08/11/2012 01:54 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [09/03/2011 03:58 p.m.] [21/10/2010 02:03 p.m.] [D] C:\Program Files (x86)\CyberLink
      [13/02/2012 03:37 p.m.] [13/02/2012 03:37 p.m.] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [24/07/2011 02:36 p.m.] [24/07/2011 02:36 p.m.] [D] C:\Program Files (x86)\directx
      [09/02/2012 04:27 a.m.] [28/12/2011 05:45 p.m.] [D] C:\Program Files (x86)\DivX
      [26/11/2012 06:43 p.m.] [21/11/2012 11:24 a.m.] [D] C:\Program Files (x86)\DsNET Corp
      [26/01/2012 02:06 a.m.] [26/01/2012 02:05 a.m.] [D] C:\Program Files (x86)\ExpressFiles
      [26/11/2012 06:48 p.m.] [21/11/2012 12:11 p.m.] [D] C:\Program Files (x86)\Freemake
      [12/12/2011 03:27 p.m.] [13/09/2011 06:20 p.m.] [D] C:\Program Files (x86)\FreeTime
      [12/09/2012 07:21 a.m.] [25/08/2012 12:06 p.m.] [D] C:\Program Files (x86)\Garena Plus
      [07/08/2012 09:43 p.m.] [05/08/2012 08:42 a.m.] [D] C:\Program Files (x86)\Google
      [22/09/2012 12:06 p.m.] [22/09/2012 12:06 p.m.] [D] C:\Program Files (x86)\Gophoto.it
      [09/03/2011 04:01 p.m.] [21/10/2010 01:55 p.m.] [D] C:\Program Files (x86)\Hewlett-Packard
      [28/05/2012 04:21 a.m.] [09/03/2011 04:02 p.m.] [D] C:\Program Files (x86)\HP Games
      [04/05/2012 03:40 a.m.] [04/05/2012 03:40 a.m.] [D] C:\Program Files (x86)\IMinent Toolbar
      [26/11/2012 06:49 p.m.] [21/10/2010 01:58 p.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [09/03/2011 03:44 p.m.] [09/03/2011 03:42 p.m.] [D] C:\Program Files (x86)\Intel
      [13/06/2012 08:30 a.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [04/11/2011 09:13 p.m.] [04/11/2011 10:10 a.m.] [D] C:\Program Files (x86)\Internet Telcel Banda Ancha Movil
      [14/11/2012 12:29 p.m.] [14/11/2012 12:29 p.m.] [D] C:\Program Files (x86)\IObit
      [21/07/2012 03:53 p.m.] [21/10/2010 02:11 p.m.] [D] C:\Program Files (x86)\Java
      [12/11/2011 07:09 p.m.] [12/11/2011 07:09 p.m.] [D] C:\Program Files (x86)\LucasArts
      [02/10/2011 01:52 p.m.] [02/10/2011 01:52 p.m.] [D] C:\Program Files (x86)\Macromedia
      [28/11/2012 12:04 a.m.] [28/11/2012 12:03 a.m.] [D] C:\Program Files (x86)\Mah Jong Quest II
      [09/09/2012 11:40 p.m.] [09/09/2012 11:40 p.m.] [D] C:\Program Files (x86)\Maikolik Games
      [17/05/2012 06:47 p.m.] [09/03/2011 04:06 p.m.] [D] C:\Program Files (x86)\Microsoft
      [17/10/2012 10:54 p.m.] [17/10/2012 10:54 p.m.] [D] C:\Program Files (x86)\Microsoft Games
      [26/11/2012 07:40 p.m.] [28/05/2012 02:40 a.m.] [D] C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      [05/06/2011 12:33 a.m.] [21/10/2010 01:57 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [12/10/2011 03:13 p.m.] [12/10/2011 03:13 p.m.] [D] C:\Program Files (x86)\Microsoft SDKs
      [12/05/2012 12:53 a.m.] [21/10/2010 01:59 p.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [21/10/2010 02:00 p.m.] [21/10/2010 02:00 p.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [05/06/2011 12:33 a.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio
      [05/06/2011 12:31 a.m.] [05/06/2011 12:31 a.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio 8
      [12/10/2011 03:16 p.m.] [12/10/2011 03:13 p.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio 9.0
      [06/06/2011 02:29 a.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft Works
      [06/06/2011 02:21 p.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [29/10/2012 07:36 p.m.] [29/10/2012 07:36 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [31/10/2012 06:32 p.m.] [13/06/2012 02:40 p.m.] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [05/06/2011 12:33 a.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\MSBuild
      [09/03/2011 04:06 p.m.] [09/03/2011 04:06 p.m.] [D] C:\Program Files (x86)\MSN Toolbar
      [10/10/2011 09:03 p.m.] [10/10/2011 09:03 p.m.] [D] C:\Program Files (x86)\My Company Name
      [29/11/2011 01:58 a.m.] [29/11/2011 01:57 a.m.] [D] C:\Program Files (x86)\Nero
      [04/06/2011 04:12 p.m.] [21/10/2010 01:58 p.m.] [RD] C:\Program Files (x86)\Online Services
      [20/11/2011 02:56 p.m.] [20/11/2011 02:56 p.m.] [D] C:\Program Files (x86)\OpenAL
      [26/11/2012 06:51 p.m.] [29/06/2012 05:12 p.m.] [D] C:\Program Files (x86)\Optimizer Pro
      [21/07/2012 03:54 p.m.] [21/07/2012 03:54 p.m.] [D] C:\Program Files (x86)\Oracle
      [06/09/2011 02:37 a.m.] [06/09/2011 02:37 a.m.] [D] C:\Program Files (x86)\Pando Networks
      [09/09/2012 11:34 p.m.] [09/09/2012 11:34 p.m.] [D] C:\Program Files (x86)\PC
      [19/01/2012 06:02 p.m.] [19/01/2012 06:02 p.m.] [D] C:\Program Files (x86)\Pixologic
      [02/08/2011 09:08 p.m.] [02/08/2011 09:07 p.m.] [D] C:\Program Files (x86)\QuickTime
      [10/09/2012 07:11 p.m.] [09/03/2011 03:44 p.m.] [D] C:\Program Files (x86)\Realtek
      [13/07/2009 10:32 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [11/09/2012 03:08 p.m.] [01/08/2011 09:28 p.m.] [D] C:\Program Files (x86)\Registry Mechanic
      [10/09/2011 09:44 p.m.] [10/09/2011 09:44 p.m.] [D] C:\Program Files (x86)\Silver
      [17/05/2012 11:42 p.m.] [29/04/2012 05:40 a.m.] [RD] C:\Program Files (x86)\Skype
      [04/02/2012 07:58 p.m.] [04/02/2012 07:58 p.m.] [D] C:\Program Files (x86)\Sony
      [03/11/2012 08:53 p.m.] [03/11/2012 08:53 p.m.] [D] C:\Program Files (x86)\SopCast
      [29/06/2012 05:11 p.m.] [29/06/2012 05:11 p.m.] [D] C:\Program Files (x86)\SProtector
      [02/12/2012 12:19 p.m.] [06/05/2012 12:05 a.m.] [D] C:\Program Files (x86)\Steam
      [08/11/2012 01:54 p.m.] [08/11/2012 01:54 p.m.] [D] C:\Program Files (x86)\TechSmith
      [12/09/2012 12:40 a.m.] [09/03/2011 03:44 p.m.] [HD] C:\Program Files (x86)\Temp
      [06/09/2012 07:57 a.m.] [06/09/2012 07:57 a.m.] [D] C:\Program Files (x86)\The Pixel Farm
      [13/09/2011 06:03 p.m.] [13/09/2011 06:00 p.m.] [D] C:\Program Files (x86)\TotalAudioConverter
      [13/07/2009 09:57 p.m.] [13/07/2009 09:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [01/05/2012 03:08 p.m.] [29/04/2012 11:16 p.m.] [D] C:\Program Files (x86)\v9Soft
      [19/11/2011 09:21 p.m.] [19/11/2011 09:21 p.m.] [D] C:\Program Files (x86)\VALVE
      [26/11/2012 06:50 p.m.] [21/11/2012 11:12 a.m.] [D] C:\Program Files (x86)\Vid-Saver
      [06/02/2012 03:36 p.m.] [06/02/2012 03:36 p.m.] [D] C:\Program Files (x86)\VideoLAN
      [04/03/2012 10:06 a.m.] [19/01/2012 06:57 p.m.] [D] C:\Program Files (x86)\Vuze
      [21/10/2010 11:16 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Defender
      [19/06/2012 09:05 p.m.] [21/10/2010 02:00 p.m.] [D] C:\Program Files (x86)\Windows Live
      [06/06/2011 02:01 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [10/09/2011 09:45 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Media Player
      [13/07/2009 10:32 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [21/10/2010 11:16 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [13/07/2009 10:32 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [04/06/2011 04:12 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [20/11/2011 05:52 p.m.] [20/11/2011 05:52 p.m.] [D] C:\Program Files (x86)\WinDS PRO
      [04/06/2011 11:06 p.m.] [04/06/2011 11:06 p.m.] [D] C:\Program Files (x86)\WinRAR
      [04/05/2012 03:18 a.m.] [04/05/2012 03:18 a.m.] [D] C:\Program Files (x86)\Yontoo
      [12/08/2012 10:07 p.m.] [13/06/2012 06:30 p.m.] [D] C:\Program Files (x86)\YourFileDownloader
      [10/10/2011 09:23 p.m.] [10/10/2011 09:23 p.m.] [DI] C:\ProgramData\ALM
      [02/08/2011 09:06 p.m.] [02/08/2011 09:06 p.m.] [DI] C:\ProgramData\Apple
      [02/08/2011 09:07 p.m.] [02/08/2011 09:07 p.m.] [DI] C:\ProgramData\Apple Computer
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Application Data
      [10/10/2012 11:57 p.m.] [10/10/2012 09:02 a.m.] [DI] C:\ProgramData\Autodesk
      [02/12/2012 12:06 p.m.] [02/12/2012 01:19 a.m.] [DI] C:\ProgramData\AVG2013
      [13/09/2011 03:10 a.m.] [13/09/2011 03:10 a.m.] [DI] C:\ProgramData\AVS4YOU
      [19/01/2012 06:58 p.m.] [19/01/2012 06:58 p.m.] [DI] C:\ProgramData\Azureus
      [12/09/2012 03:42 p.m.] [12/09/2012 03:41 p.m.] [DI] C:\ProgramData\Battle.net
      [05/09/2011 06:54 p.m.] [04/09/2011 12:39 a.m.] [DI] C:\ProgramData\Blizzard Entertainment
      [11/06/2012 10:41 p.m.] [29/04/2012 05:41 a.m.] [DI] C:\ProgramData\boost_interprocess
      [02/12/2012 01:06 a.m.] [02/12/2012 01:06 a.m.] [HD] C:\ProgramData\Common Files
      [18/10/2011 08:18 a.m.] [12/10/2011 03:12 p.m.] [DI] C:\ProgramData\Corel
      [12/10/2011 03:40 p.m.] [12/10/2011 03:06 p.m.] [DI] C:\ProgramData\CorelDRAW Graphics Suite X5
      [14/06/2011 12:11 a.m.] [21/10/2010 02:03 p.m.] [DI] C:\ProgramData\CyberLink
      [13/02/2012 03:37 p.m.] [13/02/2012 03:36 p.m.] [DI] C:\ProgramData\DAEMON Tools Lite
      [04/11/2011 09:13 p.m.] [04/11/2011 10:09 a.m.] [DI] C:\ProgramData\DatacardService
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Desktop
      [09/02/2012 04:28 a.m.] [28/12/2011 05:38 p.m.] [DI] C:\ProgramData\DivX
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Documentos
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Documents
      [15/02/2012 11:33 a.m.] [21/01/2012 12:17 p.m.] [DI] C:\ProgramData\e-onsoftware
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Favorites
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Favoritos
      [10/10/2012 01:27 p.m.] [10/10/2012 12:21 p.m.] [DI] C:\ProgramData\FLEXnet
      [26/11/2012 06:48 p.m.] [21/11/2012 12:11 p.m.] [DI] C:\ProgramData\Freemake
      [06/09/2012 11:08 a.m.] [25/08/2012 12:06 p.m.] [DI] C:\ProgramData\GarenaMessenger
      [29/06/2012 05:11 p.m.] [29/06/2012 05:11 p.m.] [DI] C:\ProgramData\GboxUpdater
      [09/03/2011 04:16 p.m.] [21/10/2010 01:58 p.m.] [DI] C:\ProgramData\Hewlett-Packard
      [04/05/2012 03:39 a.m.] [04/05/2012 03:39 a.m.] [DI] C:\ProgramData\Iminent
      [29/06/2012 05:12 p.m.] [29/06/2012 05:10 p.m.] [DI] C:\ProgramData\InstallMate
      [14/11/2012 12:29 p.m.] [14/11/2012 12:29 p.m.] [DI] C:\ProgramData\IObit
      [29/11/2011 02:01 a.m.] [29/11/2011 02:01 a.m.] [DI] C:\ProgramData\LightScribe
      [03/07/2012 08:17 p.m.] [03/07/2012 08:17 p.m.] [DI] C:\ProgramData\McAfee
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [02/12/2012 12:07 p.m.] [02/12/2012 01:06 a.m.] [DI] C:\ProgramData\MFAData
      [11/09/2012 01:03 p.m.] [13/07/2009 08:20 p.m.] [SDI] C:\ProgramData\Microsoft
      [13/06/2012 03:14 a.m.] [05/06/2011 12:30 a.m.] [DI] C:\ProgramData\Microsoft Help
      [13/06/2012 02:40 p.m.] [13/06/2012 02:40 p.m.] [DI] C:\ProgramData\Mozilla
      [29/11/2011 01:58 a.m.] [29/11/2011 01:57 a.m.] [DI] C:\ProgramData\Nero
      [01/09/2011 01:05 p.m.] [01/09/2011 01:05 p.m.] [DI] C:\ProgramData\NextUp
      [28/12/2011 11:25 p.m.] [09/03/2011 04:00 p.m.] [DI] C:\ProgramData\Norton
      [18/08/2011 03:36 a.m.] [09/03/2011 04:00 p.m.] [DI] C:\ProgramData\NortonInstaller
      [10/10/2011 10:07 p.m.] [10/10/2011 10:07 p.m.] [DI] C:\ProgramData\PACE Anti-Piracy
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [16/05/2012 10:07 p.m.] [06/09/2011 02:38 a.m.] [DI] C:\ProgramData\PMB Files
      [29/06/2012 05:12 p.m.] [29/06/2012 05:12 p.m.] [DI] C:\ProgramData\Premium
      [12/10/2011 03:42 p.m.] [12/10/2011 03:40 p.m.] [DI] C:\ProgramData\Protexis
      [01/08/2011 09:36 a.m.] [22/10/2010 12:29 a.m.] [DI] C:\ProgramData\Recovery
      [13/03/2012 08:16 a.m.] [13/03/2012 08:16 a.m.] [DI] C:\ProgramData\RedGiant
      [11/06/2011 06:06 p.m.] [11/06/2011 06:06 p.m.] [DI] C:\ProgramData\Reflexive
      [11/10/2011 08:32 a.m.] [10/10/2011 10:07 p.m.] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [30/10/2012 07:17 p.m.] [29/04/2012 04:23 a.m.] [DI] C:\ProgramData\Skype
      [04/02/2012 07:58 p.m.] [04/02/2012 07:58 p.m.] [DI] C:\ProgramData\Sony Corporation
      [21/10/2010 01:58 p.m.] [21/10/2010 01:58 p.m.] [DI] C:\ProgramData\Stardock
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Start Menu
      [21/10/2010 02:11 p.m.] [21/10/2010 02:11 p.m.] [DI] C:\ProgramData\Sun
      [08/11/2012 01:54 p.m.] [08/11/2012 01:54 p.m.] [DI] C:\ProgramData\TechSmith
      [02/12/2012 12:30 a.m.] [21/10/2010 01:58 p.m.] [DAI] C:\ProgramData\Temp
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Templates
      [06/09/2012 07:06 p.m.] [06/09/2012 07:00 p.m.] [DI] C:\ProgramData\VMware
      [28/05/2012 04:20 a.m.] [09/03/2011 04:01 p.m.] [DI] C:\ProgramData\WildTangent
      [01/12/2012 05:55 p.m.] [29/06/2012 05:11 p.m.] [DI] C:\ProgramData\wxDfast
      [11/09/2012 03:08 p.m.] [12/11/2011 07:26 p.m.] [DI] C:\ProgramData\Xfire
      C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [AI] 32 bytes 0
      C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [AI] 109 bytes 0
      C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [AI] 32 bytes 0
      C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [AI] 105 bytes 0
      C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [AI] 32 bytes 0
      C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [AI] 32 bytes 0
      C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [AI] 107 bytes 0
      C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [AI] 110 bytes 0
      [21/10/2010 02:12 p.m.] [21/10/2010 02:12 p.m.] [DI] C:\ProgramData\{D13C0989-F3EC-4F44-A33D-B3F83DF90FAF}
      C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [AI] 105 bytes 0

      ==================== EOF ==================

    4. #4
      Usuario Avatar de Luther91
      Registrado
      dic 2012
      Ubicación
      Mexico
      Mensajes
      1

      Re: ¿Que sera lo que tiene?

      Muchas gracias por tu respuesta Superlucas, he realizado el procedimiento y en efecto me aparecio infectado, te adjunto a continuacion el reporte que me dio el AT-destroyer:

      ######################## AT-Destroyer [2.1] By Infospyware.
      Hora/Día/Mes/Año: 13:11:58 \\\ 02/12/2012
      AT-Destroyer 2.1 By Infospyware ---> InfoSpyware
      Última actualización: 30/11/2012
      Opción escogida: 2 :Buscar y Destruir
      Versión Internet Explorer:9.0.8112.16421
      Mozilla Firefox:16.0.2.4680
      Privilegios: Oliver - Administrador
      Modo Actual: Modo Normal.
      Nombre del pc: OLIVER-HP
      Información del sistema operativo:X64-WIN_7-
      nombre del usuario:Oliver
      Lenguaje del sistema: Español



      >>>>>>> Servicios <<<<<<<

      npggsvc [nProtect GameGuard Service]---> "C:\Windows\system32\GameMon.des -service"


      >>>>>> Carpetas <<<<<<

      C:\Users\Oliver\AppData\Roaming\Babylon\log_file.txt (W32/PND.Babylon Toolbar)
      C:\Users\Oliver\AppData\Roaming\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Babylon (W32/PND.Babylon Toolbar)
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504} 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Cache 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Cache 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll 97
      C:\ProgramData\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll 97
      C:\ProgramData\Tarma Installer 97


      >>>>>> Archivos <<<<<<

      C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
      C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected](No eliminado)
      C:\user.js
      C:\Windows\system32\GameMon.des
      C:\Users\Oliver\AppData\Local\Temp\Yontoo*.*


      >>>>>> Registro <<<<<<

      HKEY_CURRENT_USER\Software\DataMngr
      HKEY_LOCAL_MACHINE\SOFTWARE\DataMngr
      HKCR\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}
      HKCR\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}
      HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
      HKLM\SOFTWARE\Classes\YontooIEClient.Api
      HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
      HKLM\SOFTWARE\Classes\YontooIEClient.Layers
      HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
      HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
      HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
      HKCU\SOFTWARE\Incredimail
      HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
      HKLM\Software\Microsoft\Internet Explorer\Toolbar ----> {98889811-442D-49dd-99D7-DC866BE87DBC}


      >>>>>> Heurística <<<<<<

      C:\Users\Oliver\AppData\Roaming\1FFB.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2804.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2AD5.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2BD0.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\2EBD.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3209.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3523.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\36B9.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\36C7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\37C3.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\3F72.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\401C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\410A.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\423F.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\4BF4.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\4EA8.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\5015.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\545A.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\576A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\5DAD.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\6B2D.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\6CCB.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\75F7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\78F6.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\7A4D.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\812E.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\8640.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\90AB.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\9D1F.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\A7AA.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\A8A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\Aigsgs.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\B275.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\B441.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\BA14.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\C4A0.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\C65A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D58B.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D7E7.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\D817.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\E065.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\E4E2.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EA4E.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EB9C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EBF3.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\EF7C.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F18F.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F1DF.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F6A7.tmp ((Heur malware.win32.generic))
      C:\Users\Oliver\AppData\Roaming\F73A.exe ((Heur malware.win32.generic))
      C:\Users\Oliver\vkyxdaqi0g.exe (Heur malware.win32.generic) <-- Será eliminado en el reinicio


      >>>>>> Internet Explorer <<<<<<

      Start Page==www.google.com
      Local Page==C:\Windows\SysWOW64\blank.htm
      Search Page==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_search_url==http://go.microsoft.com/fwlink/?LinkId=54896
      Default_Page_URL==about:blank


      ''HKCU\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==
      Default_search_url==
      Default_Page_URL==about:blank


      HKEY_USERS\S-1-5-21-3403095851-2062674177-2764131915-1000\Software\Microsoft\Internet Explorer\Main''
      Start Page==www.google.com
      Local Page==C:\Windows\system32\blank.htm
      Search Page==
      Default_search_url==
      Default_Page_URL==about:blank


      >>>>>> Firefox <<<<<<

      user_pref("browser.startup.homepage", "http://ittravel.info");
      user_pref("browser.startup.homepage_override.buildID", "20121024073032");
      user_pref("browser.startup.homepage_override.mstone", "16.0.2");
      user_pref("pref.browser.homepage.disable_button.current_page", false);


      >>>>>> Extensiones Firefox <<<<<<


      C:\Program Files (x86)\[email protected]
      C:\Program Files (x86)\{972ce4c6-7e08-4474-a285-3208198ce6fd}

      >>>>>> Plugins Firefox <<<<<<

      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109
      HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308

      >>>>>> Google Chrome <<<<<<

      { "default_search_provider": { "id": "6", "name": "Web Search", "search_url": "http://start.funmoods.com/results.php?f=4&q={searchTerms}&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436", "suggest_url": "{google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}" , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } , "session": { "restore_on_startup": 4, "urls_to_restore_on_startup": [ "http://ittravel.info" ] } }, "browser" : { "window_placement" : { "bottom" : 718, "left" : 10, "maximized" : false, "right" : 1060, "top" : 10, "work_area_bottom" : 728, "work_area_left" : 0, "work_area_right" : 1366, "work_area_top" : 0 } }, "countryid_at_install" : 19800, "default_apps_install_state" : 2, "distribution" : { "create_all_shortcuts" : true, "do_not_launch_chrome" : true, "import_history" : false, "import_search_engine" : false, "make_chrome_default" : true, "show_welcome_page" : true, "skip_first_run_ui" : true, "verbose_logging" : false }, "dns_prefetching" : { "host_referral_list" : [ 2 ], "startup_list" : [ 1, "http://api.yontoo.com/" ] }, "download" : { "directory_upgrade" : true }, "extensions" : { "alerts" : { "initialized" : true }, "autoupdate" : { "next_check" : "12988675608869786" }, "chrome_url_overrides" : { "bookmarks" : [ "chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html" ] }, "settings" : { "ahfgeienlihckogmohjhadlkjgocpleb" : { "active_permissions" : { "api" : [ "appNotifications", "management", "webstorePrivate" ] }, "app_launcher_ordinal" : "n", "page_ordinal" : "n" }, "jpihmmhdcobmllpcnpfbhnipmhamldje" : { "ack_external" : true, "active_permissions" : { "api" : [ "tabs" ], "explicit_host" : [ "http://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561400760", "location" : 3, "manifest" : { "background_page" : "background.html", "description" : "The plug-in from the General-Crawler.com website which lets the users take part in supplementing of the file database of the biggest file search project by informing our crawlers that the given webpage contains links to file sharing sites.", "homepage_url" : "http://www.general-crawler.com", "icons" : { "128" : "icon128.png", "16" : "icon16.png", "48" : "icon48.png" }, "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpyi58qkm/v8iQrm5IskXawTQ+kYGA8dy0x3cMcpuX9cpzaBVlfiRPBWaJfFg8POcGIKePH7PWNObUY1PybJaM3V+ux9BX22lLRYf46sj+zru6sKRS75qXYAgbUNz/dnPojhiSM9soLcVAeUp1wYIgIbc5JoAgQxBbTX82ZrKlIwIDAQAB", "name" : "General Crawler", "permissions" : [ "tabs", "http://*/*" ], "update_url" : "http://1.update.general-crawler.com/updates/update_chrome.xml", "version" : "2.0" }, "path" : "jpihmmhdcobmllpcnpfbhnipmhamldje\\2.0_0", "state" : 1 }, "kodbfgphiipmnongkhceiafoecgahahb" : { "ack_external" : true, "active_permissions" : { "api" : [ "contextMenus", "cookies", "management", "notifications", "tabs" ], "explicit_host" : [ "http://*/*", "https://*/*" ], "scriptable_host" : [ "http://*/*", "https://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561583760", "location" : 3, "manifest" : { "background_page" : "background.html", "content_scripts" : [ { "all_frames" : true, "js" : [ "jquery.js", "worker.js" ], "matches" : [ "http://*/*", "https://*/*" ], "run_at" : "document_end" } ], "description" : "", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCq0KfUzKEk0eT9+TuQ7TECscwYvpMRCxKD0l+ppzV/DnajldHlK41/vfbHuHko6I2FmpFpuY62eO8O9GdNZfg2SkW6i+m+Kk2mWKAgNqGy/jhb+hIR25j214Osqk6WjLUXNKxvFcZd3jhJffHXnu8PdgteG80P2F8fcM5035fohwIDAQAB", "name" : "wxDfast", "permissions" : [ "http://*/*", "https://*/*", "tabs", "cookies", "management", "notifications", "contextMenus" ], "version" : "1.0" }, "path" : "kodbfgphiipmnongkhceiafoecgahahb\\1.0_0", "state" : 1 }, "lifbcibllhkdhoafpjfnlhfpfgnpldfl" : { "ack_external" : true, "active_permissions" : { "api" : [ "plugin", "tabs" ], "explicit_host" : [ "http://*/*", "https://*/*" ], "scriptable_host" : [ "file:///*", "http://*/*", "https://*/*" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561851823", "location" : 3, "manifest" : { "background_page" : "background.html", "browser_action" : { "default_icon" : "skype.png", "default_title" : "Options" }, "content_scripts" : [ { "all_frames" : true, "js" : [ "contentscript.js" ], "matches" : [ "http://*/*", "file://*/*", "https://*/*" ], "run_at" : "document_end" } ], "description" : "Skype Click to Call", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDMxFysW3wPKWRPPe3xuJQz3m1ZDLX1hN8EYdP37tRPf7lp8vIhG4xirlXHGK748qcLPc4Lm8WsHDhvS5okN54Kwcnw4T2tBXSCZJxMmlu14HZ5yc/t969QLTPLIbAsasq4NVo40YuP2B7umxV9BlcxZEB9TEKPEQq8DRoKhj9jBQIDAQAB", "name" : "Skype Click to Call", "permissions" : [ "tabs", "http://*/*", "https://*/*" ], "plugins" : [ { "path" : "npSkypeChromePlugin.dll", "public" : true } ], "version" : "6.1.0.10441" }, "path" : "lifbcibllhkdhoafpjfnlhfpfgnpldfl\\6.1.0.10441_0", "state" : 1 }, "niapdbllcanepiiimjjndipklodoedlc" : { "ack_external" : true, "active_permissions" : { "api" : [ "tabs" ], "explicit_host" : [ "<all_urls>" ], "scriptable_host" : [ "<all_urls>" ] }, "events" : [ "runtime.onInstalled" ], "from_bookmark" : false, "from_webstore" : false, "install_time" : "12988655561275760", "location" : 3, "manifest" : { "background_page" : "background.html", "content_scripts" : [ { "js" : [ "yl.js" ], "matches" : [ "<all_urls>" ] } ], "description" : "Add Yontoo to your web experience.", "key" : "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1QuP3Oh7W1BChzJrLJZHGegsCjf+XRykCTm+Dqae3hVTCoz9gkXVN91kDQLmjEjGUZaR74SQsbgV8wI/QhGdcb1m2tw5rAXIcgS8KbanF0a3mDJjlVooxBOkfI0Ae2kQDIwAaTwkKLZjZ+YL6MQUQlsN3KkAW4PRQkmE/+biX6wIDAQAB", "name" : "Yontoo", "permissions" : [ "tabs", "<all_urls>" ], "update_url" : "https://download.yontoo.com/chrome-update.xml", "version" : "1.0.2" }, "path" : "niapdbllcanepiiimjjndipklodoedlc\\1.0.2_0", "state" : 1 } }, "toolbar" : [ "lifbcibllhkdhoafpjfnlhfpfgnpldfl" ], "toolbarsize" : -1 }, "homepage" : "http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436", "homepage_is_new_tab" : null, "homepage_is_newtabpage" : false, "ntp" : { "app_page_names" : [ "Aplicaciones" ], "gplus_required" : false, "promo_closed" : false, "promo_end" : 1343026800.0, "promo_group" : 0, "promo_group_max" : 1, "promo_group_timeslice" : 0, "promo_increment" : 1, "promo_initial_segment" : 1, "promo_line" : "¿Tienes un smartphone o un tablet? <a href=\"https://www.google.com/chrome/mobile/?utm_source=chrome&utm_medium=ntp&utm_campaign=ntp-promo\"> Consigue Chrome para dispositivos móviles</a>", "promo_num_groups" : 1, "promo_resource_cache_update" : "1344181880.129976", "promo_start" : 1341860400.0, "promo_views" : 0, "promo_views_max" : 15 }, "plugins" : { "enabled_internal_pdf3" : true, "enabled_nacl" : true }, "profile" : { "avatar_index" : 0, "content_settings" : { "clear_on_exit_migrated" : true, "pref_version" : 1 }, "exited_cleanly" : true, "name" : "Default Profile" }, "session" : { "restore_on_startup" : 4, "restore_on_startup_migrated" : true, "urls_to_restore_on_startup" : [ "http://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1Qzu0C0CyDtB0A0FyCzy0C0EtD0FtBtDyB0CtN0D0Tzu0CtByCyCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=206931436" ] }, "sync_promo" : { "startup_count" : 2, "user_skipped" : true, "view_count" : 2 } }


      >>>>>> Extensiones Google Chrome <<<<<<

      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\4
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodbfgphiipmnongkhceiafoecgahahb
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
      C:\Users\Oliver\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc

      ======== Listado ===========

      [26/08/2012 02:23 p.m.] [26/08/2012 02:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\.minecraft
      [22/11/2011 09:49 a.m.] [04/06/2011 04:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Adobe
      C:\Users\Oliver\AppData\Roaming\Adobe PNG Format CS5 Prefs [AI] 132 bytes ( )
      [13/12/2011 11:47 a.m.] [13/12/2011 11:47 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Apple Computer
      [10/10/2012 12:21 p.m.] [10/10/2012 09:02 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Autodesk
      [02/12/2012 01:38 a.m.] [02/12/2012 01:38 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\AVG2013
      [13/09/2011 03:10 a.m.] [13/09/2011 03:10 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\AVS4YOU
      [01/12/2012 03:24 p.m.] [19/01/2012 06:58 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Azureus
      [25/09/2012 10:53 a.m.] [08/05/2012 12:27 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Beat Hazard
      [11/06/2011 10:53 p.m.] [09/06/2011 10:45 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Blender Foundation
      [13/04/2012 01:20 a.m.] [13/04/2012 01:20 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\BsPicture
      [21/02/2012 08:29 a.m.] [21/02/2012 08:29 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
      [10/10/2011 10:44 p.m.] [10/10/2011 10:44 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\com.adobe.dmp.contentviewer
      [06/10/2011 08:48 p.m.] [06/10/2011 08:48 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
      [12/10/2011 03:40 p.m.] [12/10/2011 03:40 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Corel
      [06/06/2011 03:21 p.m.] [04/06/2011 10:47 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\CyberLink
      [13/02/2012 03:38 p.m.] [13/02/2012 03:36 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\DAEMON Tools Lite
      [06/05/2012 12:45 a.m.] [06/05/2012 12:45 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Day 1 Studios
      [31/12/2011 11:58 a.m.] [28/12/2011 06:00 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\DivX
      [13/02/2012 03:55 p.m.] [21/01/2012 12:17 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\e-on software
      [21/11/2012 12:24 p.m.] [21/11/2012 11:52 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Free Media Converter
      [28/11/2012 10:10 p.m.] [28/11/2012 10:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\GamesCafe
      [06/09/2012 11:08 a.m.] [25/08/2012 12:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\GarenaPlus
      [13/04/2012 01:13 a.m.] [13/04/2012 01:11 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\GetRightToGo
      C:\Users\Oliver\AppData\Roaming\GhostObjGAFix.xml [AI] 1.81 KB ( )
      [04/06/2011 11:10 p.m.] [04/06/2011 11:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Greyfirst
      [20/06/2011 07:21 p.m.] [04/06/2011 04:12 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Hewlett-Packard
      [04/06/2011 04:19 p.m.] [04/06/2011 04:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\hpqlog
      [04/06/2011 04:19 p.m.] [04/06/2011 04:19 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Identities
      [28/11/2012 12:04 a.m.] [28/11/2012 12:04 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\iWin
      [04/06/2011 04:24 p.m.] [04/06/2011 04:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Macromedia
      [04/06/2011 08:57 p.m.] [04/06/2011 08:57 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\MascotYui
      [10/03/2011 01:28 a.m.] [04/06/2011 04:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Media Center Programs
      [04/03/2012 10:02 a.m.] [04/03/2012 09:51 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Media Finder
      [21/11/2012 11:32 a.m.] [04/06/2011 04:10 p.m.] [SDI] C:\Users\Oliver\AppData\Roaming\Microsoft
      [04/05/2012 03:17 a.m.] [04/06/2011 09:24 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Mozilla
      [02/08/2011 09:09 p.m.] [02/08/2011 09:09 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\MPEG Streamclip
      [29/11/2011 02:01 a.m.] [29/11/2011 02:01 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Nero
      [09/08/2012 12:31 p.m.] [09/08/2012 12:29 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\ooVoo Details
      [10/10/2011 10:07 p.m.] [10/10/2011 10:07 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\PACE Anti-Piracy
      C:\Users\Oliver\AppData\Roaming\Prefs. de filtro IllExport de Adobe CS5 [AI] 132 bytes ( )
      [06/02/2012 10:45 a.m.] [06/02/2012 10:45 a.m.] [D] C:\Users\Oliver\AppData\Roaming\Registry Mechanic
      C:\Users\Oliver\AppData\Roaming\room_v3.dat [AI] 44.2 KB ( )
      [02/12/2012 12:37 p.m.] [29/04/2012 04:24 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Skype
      [13/09/2011 06:00 p.m.] [13/09/2011 06:00 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Softplicity
      [04/02/2012 08:01 p.m.] [04/02/2012 07:59 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Sony Corporation
      [10/09/2011 01:59 p.m.] [10/09/2011 01:59 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Sports Interactive
      [10/10/2011 10:10 p.m.] [10/10/2011 10:10 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
      [04/08/2011 12:26 a.m.] [04/08/2011 12:26 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Tific
      [02/12/2012 01:22 a.m.] [02/12/2012 01:22 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\TuneUp Software
      [08/06/2011 11:32 p.m.] [08/06/2011 11:32 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\Unity
      C:\Users\Oliver\AppData\Roaming\UserTile.png [AI] 4.45 KB ( )
      [29/04/2012 11:16 p.m.] [29/04/2012 11:16 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\VirtuaWin
      [19/03/2012 06:31 p.m.] [06/02/2012 03:37 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\vlc
      [15/06/2011 12:42 a.m.] [15/06/2011 12:21 a.m.] [DI] C:\Users\Oliver\AppData\Roaming\Windows Live Writer
      [04/06/2011 11:12 p.m.] [04/06/2011 11:06 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\WinRAR
      [13/06/2012 06:31 p.m.] [13/06/2012 06:30 p.m.] [DI] C:\Users\Oliver\AppData\Roaming\YourFileDownloader
      [14/11/2012 10:57 a.m.] [14/11/2012 10:57 a.m.] [D] C:\Program Files (x86)\Activision
      [10/10/2011 09:24 p.m.] [21/10/2010 02:01 p.m.] [D] C:\Program Files (x86)\Adobe
      [06/10/2011 08:48 p.m.] [06/10/2011 08:48 p.m.] [D] C:\Program Files (x86)\Adobe Download Assistant
      [10/10/2011 09:05 p.m.] [10/10/2011 09:05 p.m.] [D] C:\Program Files (x86)\Adobe Story
      [02/08/2011 09:06 p.m.] [02/08/2011 09:06 p.m.] [D] C:\Program Files (x86)\Apple Software Update
      [05/06/2011 12:52 a.m.] [05/06/2011 12:51 a.m.] [D] C:\Program Files (x86)\Ares
      [17/10/2012 10:35 p.m.] [17/10/2012 10:35 p.m.] [D] C:\Program Files (x86)\Babylon
      [13/04/2012 01:15 a.m.] [13/04/2012 01:15 a.m.] [D] C:\Program Files (x86)\BS Soft
      [04/06/2011 11:08 p.m.] [04/06/2011 11:08 p.m.] [D] C:\Program Files (x86)\Celtx
      [28/11/2012 10:10 p.m.] [28/11/2012 10:10 p.m.] [D] C:\Program Files (x86)\Cluedo
      [08/11/2012 01:54 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Common Files
      [09/03/2011 03:58 p.m.] [21/10/2010 02:03 p.m.] [D] C:\Program Files (x86)\CyberLink
      [13/02/2012 03:37 p.m.] [13/02/2012 03:37 p.m.] [D] C:\Program Files (x86)\DAEMON Tools Lite
      C:\Program Files (x86)\desktop.ini [HSA] 174 bytes( 0)
      [24/07/2011 02:36 p.m.] [24/07/2011 02:36 p.m.] [D] C:\Program Files (x86)\directx
      [09/02/2012 04:27 a.m.] [28/12/2011 05:45 p.m.] [D] C:\Program Files (x86)\DivX
      [26/11/2012 06:43 p.m.] [21/11/2012 11:24 a.m.] [D] C:\Program Files (x86)\DsNET Corp
      [26/01/2012 02:06 a.m.] [26/01/2012 02:05 a.m.] [D] C:\Program Files (x86)\ExpressFiles
      [26/11/2012 06:48 p.m.] [21/11/2012 12:11 p.m.] [D] C:\Program Files (x86)\Freemake
      [12/12/2011 03:27 p.m.] [13/09/2011 06:20 p.m.] [D] C:\Program Files (x86)\FreeTime
      [12/09/2012 07:21 a.m.] [25/08/2012 12:06 p.m.] [D] C:\Program Files (x86)\Garena Plus
      [07/08/2012 09:43 p.m.] [05/08/2012 08:42 a.m.] [D] C:\Program Files (x86)\Google
      [22/09/2012 12:06 p.m.] [22/09/2012 12:06 p.m.] [D] C:\Program Files (x86)\Gophoto.it
      [09/03/2011 04:01 p.m.] [21/10/2010 01:55 p.m.] [D] C:\Program Files (x86)\Hewlett-Packard
      [28/05/2012 04:21 a.m.] [09/03/2011 04:02 p.m.] [D] C:\Program Files (x86)\HP Games
      [04/05/2012 03:40 a.m.] [04/05/2012 03:40 a.m.] [D] C:\Program Files (x86)\IMinent Toolbar
      [26/11/2012 06:49 p.m.] [21/10/2010 01:58 p.m.] [HD] C:\Program Files (x86)\InstallShield Installation Information
      [09/03/2011 03:44 p.m.] [09/03/2011 03:42 p.m.] [D] C:\Program Files (x86)\Intel
      [13/06/2012 08:30 a.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Internet Explorer
      [04/11/2011 09:13 p.m.] [04/11/2011 10:10 a.m.] [D] C:\Program Files (x86)\Internet Telcel Banda Ancha Movil
      [14/11/2012 12:29 p.m.] [14/11/2012 12:29 p.m.] [D] C:\Program Files (x86)\IObit
      [21/07/2012 03:53 p.m.] [21/10/2010 02:11 p.m.] [D] C:\Program Files (x86)\Java
      [12/11/2011 07:09 p.m.] [12/11/2011 07:09 p.m.] [D] C:\Program Files (x86)\LucasArts
      [02/10/2011 01:52 p.m.] [02/10/2011 01:52 p.m.] [D] C:\Program Files (x86)\Macromedia
      [28/11/2012 12:04 a.m.] [28/11/2012 12:03 a.m.] [D] C:\Program Files (x86)\Mah Jong Quest II
      [09/09/2012 11:40 p.m.] [09/09/2012 11:40 p.m.] [D] C:\Program Files (x86)\Maikolik Games
      [17/05/2012 06:47 p.m.] [09/03/2011 04:06 p.m.] [D] C:\Program Files (x86)\Microsoft
      [17/10/2012 10:54 p.m.] [17/10/2012 10:54 p.m.] [D] C:\Program Files (x86)\Microsoft Games
      [26/11/2012 07:40 p.m.] [28/05/2012 02:40 a.m.] [D] C:\Program Files (x86)\Microsoft Games for Windows - LIVE
      [05/06/2011 12:33 a.m.] [21/10/2010 01:57 p.m.] [D] C:\Program Files (x86)\Microsoft Office
      [12/10/2011 03:13 p.m.] [12/10/2011 03:13 p.m.] [D] C:\Program Files (x86)\Microsoft SDKs
      [12/05/2012 12:53 a.m.] [21/10/2010 01:59 p.m.] [D] C:\Program Files (x86)\Microsoft Silverlight
      [21/10/2010 02:00 p.m.] [21/10/2010 02:00 p.m.] [D] C:\Program Files (x86)\Microsoft SQL Server Compact Edition
      [05/06/2011 12:33 a.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio
      [05/06/2011 12:31 a.m.] [05/06/2011 12:31 a.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio 8
      [12/10/2011 03:16 p.m.] [12/10/2011 03:13 p.m.] [D] C:\Program Files (x86)\Microsoft Visual Studio 9.0
      [06/06/2011 02:29 a.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft Works
      [06/06/2011 02:21 p.m.] [05/06/2011 12:33 a.m.] [D] C:\Program Files (x86)\Microsoft.NET
      [29/10/2012 07:36 p.m.] [29/10/2012 07:36 p.m.] [D] C:\Program Files (x86)\Mozilla Firefox
      [31/10/2012 06:32 p.m.] [13/06/2012 02:40 p.m.] [D] C:\Program Files (x86)\Mozilla Maintenance Service
      [05/06/2011 12:33 a.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\MSBuild
      [09/03/2011 04:06 p.m.] [09/03/2011 04:06 p.m.] [D] C:\Program Files (x86)\MSN Toolbar
      [10/10/2011 09:03 p.m.] [10/10/2011 09:03 p.m.] [D] C:\Program Files (x86)\My Company Name
      [29/11/2011 01:58 a.m.] [29/11/2011 01:57 a.m.] [D] C:\Program Files (x86)\Nero
      [04/06/2011 04:12 p.m.] [21/10/2010 01:58 p.m.] [RD] C:\Program Files (x86)\Online Services
      [20/11/2011 02:56 p.m.] [20/11/2011 02:56 p.m.] [D] C:\Program Files (x86)\OpenAL
      [26/11/2012 06:51 p.m.] [29/06/2012 05:12 p.m.] [D] C:\Program Files (x86)\Optimizer Pro
      [21/07/2012 03:54 p.m.] [21/07/2012 03:54 p.m.] [D] C:\Program Files (x86)\Oracle
      [06/09/2011 02:37 a.m.] [06/09/2011 02:37 a.m.] [D] C:\Program Files (x86)\Pando Networks
      [09/09/2012 11:34 p.m.] [09/09/2012 11:34 p.m.] [D] C:\Program Files (x86)\PC
      [19/01/2012 06:02 p.m.] [19/01/2012 06:02 p.m.] [D] C:\Program Files (x86)\Pixologic
      [02/08/2011 09:08 p.m.] [02/08/2011 09:07 p.m.] [D] C:\Program Files (x86)\QuickTime
      [10/09/2012 07:11 p.m.] [09/03/2011 03:44 p.m.] [D] C:\Program Files (x86)\Realtek
      [13/07/2009 10:32 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Reference Assemblies
      [11/09/2012 03:08 p.m.] [01/08/2011 09:28 p.m.] [D] C:\Program Files (x86)\Registry Mechanic
      [10/09/2011 09:44 p.m.] [10/09/2011 09:44 p.m.] [D] C:\Program Files (x86)\Silver
      [17/05/2012 11:42 p.m.] [29/04/2012 05:40 a.m.] [RD] C:\Program Files (x86)\Skype
      [04/02/2012 07:58 p.m.] [04/02/2012 07:58 p.m.] [D] C:\Program Files (x86)\Sony
      [03/11/2012 08:53 p.m.] [03/11/2012 08:53 p.m.] [D] C:\Program Files (x86)\SopCast
      [29/06/2012 05:11 p.m.] [29/06/2012 05:11 p.m.] [D] C:\Program Files (x86)\SProtector
      [02/12/2012 12:19 p.m.] [06/05/2012 12:05 a.m.] [D] C:\Program Files (x86)\Steam
      [08/11/2012 01:54 p.m.] [08/11/2012 01:54 p.m.] [D] C:\Program Files (x86)\TechSmith
      [12/09/2012 12:40 a.m.] [09/03/2011 03:44 p.m.] [HD] C:\Program Files (x86)\Temp
      [06/09/2012 07:57 a.m.] [06/09/2012 07:57 a.m.] [D] C:\Program Files (x86)\The Pixel Farm
      [13/09/2011 06:03 p.m.] [13/09/2011 06:00 p.m.] [D] C:\Program Files (x86)\TotalAudioConverter
      [13/07/2009 09:57 p.m.] [13/07/2009 09:57 p.m.] [HD] C:\Program Files (x86)\Uninstall Information
      [01/05/2012 03:08 p.m.] [29/04/2012 11:16 p.m.] [D] C:\Program Files (x86)\v9Soft
      [19/11/2011 09:21 p.m.] [19/11/2011 09:21 p.m.] [D] C:\Program Files (x86)\VALVE
      [26/11/2012 06:50 p.m.] [21/11/2012 11:12 a.m.] [D] C:\Program Files (x86)\Vid-Saver
      [06/02/2012 03:36 p.m.] [06/02/2012 03:36 p.m.] [D] C:\Program Files (x86)\VideoLAN
      [04/03/2012 10:06 a.m.] [19/01/2012 06:57 p.m.] [D] C:\Program Files (x86)\Vuze
      [21/10/2010 11:16 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Defender
      [19/06/2012 09:05 p.m.] [21/10/2010 02:00 p.m.] [D] C:\Program Files (x86)\Windows Live
      [06/06/2011 02:01 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Windows Mail
      [10/09/2011 09:45 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Media Player
      [13/07/2009 10:32 p.m.] [13/07/2009 08:20 p.m.] [D] C:\Program Files (x86)\Windows NT
      [21/10/2010 11:16 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Photo Viewer
      [13/07/2009 10:32 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Portable Devices
      [04/06/2011 04:12 p.m.] [13/07/2009 10:32 p.m.] [D] C:\Program Files (x86)\Windows Sidebar
      [20/11/2011 05:52 p.m.] [20/11/2011 05:52 p.m.] [D] C:\Program Files (x86)\WinDS PRO
      [04/06/2011 11:06 p.m.] [04/06/2011 11:06 p.m.] [D] C:\Program Files (x86)\WinRAR
      [04/05/2012 03:18 a.m.] [04/05/2012 03:18 a.m.] [D] C:\Program Files (x86)\Yontoo
      [12/08/2012 10:07 p.m.] [13/06/2012 06:30 p.m.] [D] C:\Program Files (x86)\YourFileDownloader
      [10/10/2011 09:23 p.m.] [10/10/2011 09:23 p.m.] [DI] C:\ProgramData\ALM
      [02/08/2011 09:06 p.m.] [02/08/2011 09:06 p.m.] [DI] C:\ProgramData\Apple
      [02/08/2011 09:07 p.m.] [02/08/2011 09:07 p.m.] [DI] C:\ProgramData\Apple Computer
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Application Data
      [10/10/2012 11:57 p.m.] [10/10/2012 09:02 a.m.] [DI] C:\ProgramData\Autodesk
      [02/12/2012 12:06 p.m.] [02/12/2012 01:19 a.m.] [DI] C:\ProgramData\AVG2013
      [13/09/2011 03:10 a.m.] [13/09/2011 03:10 a.m.] [DI] C:\ProgramData\AVS4YOU
      [19/01/2012 06:58 p.m.] [19/01/2012 06:58 p.m.] [DI] C:\ProgramData\Azureus
      [12/09/2012 03:42 p.m.] [12/09/2012 03:41 p.m.] [DI] C:\ProgramData\Battle.net
      [05/09/2011 06:54 p.m.] [04/09/2011 12:39 a.m.] [DI] C:\ProgramData\Blizzard Entertainment
      [11/06/2012 10:41 p.m.] [29/04/2012 05:41 a.m.] [DI] C:\ProgramData\boost_interprocess
      [02/12/2012 01:06 a.m.] [02/12/2012 01:06 a.m.] [HD] C:\ProgramData\Common Files
      [18/10/2011 08:18 a.m.] [12/10/2011 03:12 p.m.] [DI] C:\ProgramData\Corel
      [12/10/2011 03:40 p.m.] [12/10/2011 03:06 p.m.] [DI] C:\ProgramData\CorelDRAW Graphics Suite X5
      [14/06/2011 12:11 a.m.] [21/10/2010 02:03 p.m.] [DI] C:\ProgramData\CyberLink
      [13/02/2012 03:37 p.m.] [13/02/2012 03:36 p.m.] [DI] C:\ProgramData\DAEMON Tools Lite
      [04/11/2011 09:13 p.m.] [04/11/2011 10:09 a.m.] [DI] C:\ProgramData\DatacardService
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Datos de programa
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Desktop
      [09/02/2012 04:28 a.m.] [28/12/2011 05:38 p.m.] [DI] C:\ProgramData\DivX
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Documentos
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Documents
      [15/02/2012 11:33 a.m.] [21/01/2012 12:17 p.m.] [DI] C:\ProgramData\e-onsoftware
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Escritorio
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Favorites
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Favoritos
      [10/10/2012 01:27 p.m.] [10/10/2012 12:21 p.m.] [DI] C:\ProgramData\FLEXnet
      [26/11/2012 06:48 p.m.] [21/11/2012 12:11 p.m.] [DI] C:\ProgramData\Freemake
      [06/09/2012 11:08 a.m.] [25/08/2012 12:06 p.m.] [DI] C:\ProgramData\GarenaMessenger
      [29/06/2012 05:11 p.m.] [29/06/2012 05:11 p.m.] [DI] C:\ProgramData\GboxUpdater
      [09/03/2011 04:16 p.m.] [21/10/2010 01:58 p.m.] [DI] C:\ProgramData\Hewlett-Packard
      [04/05/2012 03:39 a.m.] [04/05/2012 03:39 a.m.] [DI] C:\ProgramData\Iminent
      [29/06/2012 05:12 p.m.] [29/06/2012 05:10 p.m.] [DI] C:\ProgramData\InstallMate
      [14/11/2012 12:29 p.m.] [14/11/2012 12:29 p.m.] [DI] C:\ProgramData\IObit
      [29/11/2011 02:01 a.m.] [29/11/2011 02:01 a.m.] [DI] C:\ProgramData\LightScribe
      [03/07/2012 08:17 p.m.] [03/07/2012 08:17 p.m.] [DI] C:\ProgramData\McAfee
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Menú Inicio
      [02/12/2012 12:07 p.m.] [02/12/2012 01:06 a.m.] [DI] C:\ProgramData\MFAData
      [11/09/2012 01:03 p.m.] [13/07/2009 08:20 p.m.] [SDI] C:\ProgramData\Microsoft
      [13/06/2012 03:14 a.m.] [05/06/2011 12:30 a.m.] [DI] C:\ProgramData\Microsoft Help
      [13/06/2012 02:40 p.m.] [13/06/2012 02:40 p.m.] [DI] C:\ProgramData\Mozilla
      [29/11/2011 01:58 a.m.] [29/11/2011 01:57 a.m.] [DI] C:\ProgramData\Nero
      [01/09/2011 01:05 p.m.] [01/09/2011 01:05 p.m.] [DI] C:\ProgramData\NextUp
      [28/12/2011 11:25 p.m.] [09/03/2011 04:00 p.m.] [DI] C:\ProgramData\Norton
      [18/08/2011 03:36 a.m.] [09/03/2011 04:00 p.m.] [DI] C:\ProgramData\NortonInstaller
      [10/10/2011 10:07 p.m.] [10/10/2011 10:07 p.m.] [DI] C:\ProgramData\PACE Anti-Piracy
      [04/06/2011 04:09 p.m.] [04/06/2011 04:09 p.m.] [HSDLI] C:\ProgramData\Plantillas
      [16/05/2012 10:07 p.m.] [06/09/2011 02:38 a.m.] [DI] C:\ProgramData\PMB Files
      [29/06/2012 05:12 p.m.] [29/06/2012 05:12 p.m.] [DI] C:\ProgramData\Premium
      [12/10/2011 03:42 p.m.] [12/10/2011 03:40 p.m.] [DI] C:\ProgramData\Protexis
      [01/08/2011 09:36 a.m.] [22/10/2010 12:29 a.m.] [DI] C:\ProgramData\Recovery
      [13/03/2012 08:16 a.m.] [13/03/2012 08:16 a.m.] [DI] C:\ProgramData\RedGiant
      [11/06/2011 06:06 p.m.] [11/06/2011 06:06 p.m.] [DI] C:\ProgramData\Reflexive
      [11/10/2011 08:32 a.m.] [10/10/2011 10:07 p.m.] [DI] C:\ProgramData\regid.1986-12.com.adobe
      [30/10/2012 07:17 p.m.] [29/04/2012 04:23 a.m.] [DI] C:\ProgramData\Skype
      [04/02/2012 07:58 p.m.] [04/02/2012 07:58 p.m.] [DI] C:\ProgramData\Sony Corporation
      [21/10/2010 01:58 p.m.] [21/10/2010 01:58 p.m.] [DI] C:\ProgramData\Stardock
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Start Menu
      [21/10/2010 02:11 p.m.] [21/10/2010 02:11 p.m.] [DI] C:\ProgramData\Sun
      [08/11/2012 01:54 p.m.] [08/11/2012 01:54 p.m.] [DI] C:\ProgramData\TechSmith
      [02/12/2012 12:30 a.m.] [21/10/2010 01:58 p.m.] [DAI] C:\ProgramData\Temp
      [13/07/2009 10:08 p.m.] [13/07/2009 10:08 p.m.] [HSDLI] C:\ProgramData\Templates
      [06/09/2012 07:06 p.m.] [06/09/2012 07:00 p.m.] [DI] C:\ProgramData\VMware
      [28/05/2012 04:20 a.m.] [09/03/2011 04:01 p.m.] [DI] C:\ProgramData\WildTangent
      [01/12/2012 05:55 p.m.] [29/06/2012 05:11 p.m.] [DI] C:\ProgramData\wxDfast
      [11/09/2012 03:08 p.m.] [12/11/2011 07:26 p.m.] [DI] C:\ProgramData\Xfire
      C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log [AI] 32 bytes 0
      C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log [AI] 109 bytes 0
      C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log [AI] 32 bytes 0
      C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log [AI] 105 bytes 0
      C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log [AI] 32 bytes 0
      C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log [AI] 32 bytes 0
      C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log [AI] 107 bytes 0
      C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log [AI] 110 bytes 0
      [21/10/2010 02:12 p.m.] [21/10/2010 02:12 p.m.] [DI] C:\ProgramData\{D13C0989-F3EC-4F44-A33D-B3F83DF90FAF}
      C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log [AI] 105 bytes 0

      ==================== EOF ==================