Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
This topic is locked
Hello I am a new member and this is my very first post. I read how another member got helped with a very similar issue. Like this other member I downloaded Norton Power Eraser to remove posssible malware. After running it I was asked to restart my pc and I did, but after that I'm unable to boot and I cannot get it to start in any safe mode option or get to an earlier time through system restore. I then downloaded Farbar Recovery System Toolx64 followed same instructions given to previous member. I am attaching my farbar recovery scan. Thank you in advanced for helping.
Scan result of Farbar Recovery Scan Tool Version: 08-05-2012
Ran by SYSTEM at 09-05-2012 02:04:07
Running from G:\
Windows 7 Home Premium (X64) OS Language: English(US)
The current controlset is ControlSet001
========================== Registry (Whitelisted) =============
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11444840 2010-09-21] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-10] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [206208 2010-06-09] ()
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Gateway\Gateway Power Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\BackupManagerTray.exe" -h -k [258304 2010-06-28] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [975952 2010-08-10] (Dritek System Inc.)
HKLM-x32\...\Run: [Camera Assistant Software] "C:\Program Files (x86)\Video Web Camera\traybar.exe" [600688 2010-10-22] (Chicony)
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [421160 2011-04-27] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2011-06-09] (Sun Microsystems, Inc.)
HKU\nolberto\...\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background [4240760 2010-11-10] (Microsoft Corporation)
HKU\nolberto\...\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\nolberto\...\Run: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized [22631608 2011-05-18] (ooVoo LLC)
HKU\nolberto\...\Run: [Best Buy pc app] C:\Users\nolberto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms [x]
HKU\nolberto\...\Run: [lpc] rundll32.exe "er. como quiera ill stillbe able to see and meet with people in highschool. and pos since i have your number ill be able to reach you and let you knkow of upcoing stuff we might have to doso far i have maya, myself, you, jacky, and elizabeth ", RegisterDll [x]
HKU\nolberto\...\Run: [LHWmcRqHquM.exe] C:\ProgramData\LHWmcRqHquM.exe [x]
HKLM\...\RunOnce: [*Restore] C:\Windows\system32\rstrui.exe /RUNONCE [296960 2009-07-13] (Microsoft Corporation)
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, [26112 2009-07-13] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
SubSystems: [Windows] ATTENTION! ====> ZeroAccess
==================== Services (Whitelisted) ======
2 AppHostSvc; C:\Windows\SysWow64\inetsrv\apphostsvc.dll [61440 2009-07-13] (Microsoft Corporation)
2 BBSvc; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [193816 2012-02-10] (Microsoft Corporation.)
3 BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [240408 2012-02-10] (Microsoft Corporation.)
2 DsiWMIService; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [321104 2010-08-10] (Dritek System Inc.)
2 GREGService; C:\Program Files (x86)\Gateway\Registration\GREGsvc.exe [23584 2010-01-08] (Acer Incorporated)
2 NAV; "C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\ccSvcHst.exe" /s "NAV" /m "C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.0.13\diMaster.dll" /prefetch:1 [262584 2011-03-31] (Symantec Corporation)
3 Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208 2010-01-15] (Nero AG)
2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Gateway MyBackup\IScheduleSvc.exe [255744 2010-06-28] (NewTech Infosystems, Inc.)
2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [451072 2009-07-13] (Microsoft Corporation)
2 W3SVC; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [396288 2009-07-13] (Microsoft Corporation)
3 WAS; C:\Windows\SysWow64\inetsrv\iisw3adm.dll [396288 2009-07-13] (Microsoft Corporation)
========================== Drivers (Whitelisted) =============
3 amdkmdag; C:\Windows\System32\DRIVERS\atipmdag.sys [6405632 2010-03-28] (ATI Technologies Inc.)
3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [188928 2010-03-28] (Advanced Micro Devices, Inc.)
1 BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\BASHDefs\20111027.001\BHDrvx64.sys [1155704 2011-10-14] (Symantec Corporation)
1 eeCtrl; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [482936 2011-11-09] (Symantec Corporation)
3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138360 2011-11-09] (Symantec Corporation)
1 IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\IPSDefs\20111110.030\IDSvia64.sys [488568 2011-08-22] (Symantec Corporation)
3 NTIDrvr; C:\Windows\System32\Drivers\NTIDrvr.sys [18432 2009-05-05] (NewTech Infosystems, Inc.)
0 SMR250; C:\Windows\System32\Drivers\SMR250.sys [96376 2012-05-08] (Symantec Corporation)
3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1207000.00D\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
1 SRTSPX; C:\Windows\System32\drivers\NAVx64\1207000.00D\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
0 SymDS; C:\Windows\System32\drivers\NAVx64\1207000.00D\SYMDS64.SYS [450680 2011-01-26] (Symantec Corporation)
0 SymEFA; C:\Windows\System32\drivers\NAVx64\1207000.00D\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
3 SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-06-29] (Symantec Corporation)
1 SymIRON; C:\Windows\System32\drivers\NAVx64\1207000.00D\Ironx64.SYS [171128 2011-01-26] (Symantec Corporation)
1 SymNetS; C:\Windows\System32\Drivers\NAVx64\1207000.00D\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
3 UBHelper; C:\Windows\System32\Drivers\UBHelper.sys [16896 2009-05-05] (NewTech Infosystems Corporation)
3 WIMMount; C:\Windows\SysWow64\Drivers\WIMMount.sys [19008 2009-07-13] (Microsoft Corporation)
3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20111229.018\ENG64.SYS [x]
3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.5.0.125\Definitions\VirusDefs\20111229.018\EX64.SYS [x]
========================== NetSvcs (Whitelisted) ===========
============ One Month Created Files and Folders ==============
2012-05-08 21:28 - 2012-05-08 21:29 - 0016516 ____A C:\Windows\ntbtlog.txt
2012-05-08 21:27 - 2012-05-08 21:34 - 0000000 ____D C:\Users\nolberto\AppData\Local\NPE
2012-05-08 21:27 - 2012-05-08 21:27 - 2804712 ____A (Symantec Corporation) C:\Users\nolberto\Documents\NPE.exe
2012-05-08 21:27 - 2012-05-08 21:27 - 0096376 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SMR250.SYS
2012-05-08 21:17 - 2012-05-08 21:17 - 2804712 ____A (Symantec Corporation) C:\Users\nolberto\Downloads\NPE.exe
2012-05-08 21:06 - 2012-05-08 21:06 - 0000000 ____D C:\Users\nolberto\AppData\Local\{8E4268F5-4DD7-4F9A-AEFB-77D01F62AE7D}
2012-05-08 20:50 - 2012-05-08 20:50 - 0000467 ____A C:\Users\All Users\Gateway © - Shortcut.lnk
2012-05-08 20:50 - 2012-05-08 20:50 - 0000467 ____A C:\ProgramData\Gateway © - Shortcut.lnk
2012-05-08 20:41 - 2012-05-08 20:41 - 0271232 ____A C:\Windows\Minidump\050812-45848-01.dmp
2012-05-08 19:56 - 2012-05-08 19:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{1ED4C39F-E108-43CB-919E-B2877A958D46}
2012-05-08 19:55 - 2012-05-08 19:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{0FFFFE57-FCC1-48CB-9035-500A3F321D72}
2012-05-08 19:54 - 2012-05-08 19:54 - 0271232 ____A C:\Windows\Minidump\050812-48921-01.dmp
2012-05-08 19:52 - 2012-05-08 19:52 - 0000000 ____D C:\Users\nolberto\AppData\Local\{ED762E46-CD83-4720-81B4-F839070CFCA1}
2012-05-08 19:47 - 2012-05-08 19:47 - 0271232 ____A C:\Windows\Minidump\050812-43009-01.dmp
2012-05-08 19:39 - 2012-05-08 19:39 - 0065536 __ASH C:\Windows\System32\config\components{122ce975-9042-11e1-bc63-1c7508ab179d}.TxR.blf
2012-05-08 18:46 - 2012-05-08 18:46 - 3404618 ____A C:\Users\nolberto\Downloads\135_math8-12.pdf
2012-05-08 17:56 - 2012-05-08 17:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{B99DFBCC-A6B3-444A-9CA0-47DD3E0228FF}
2012-05-08 17:56 - 2012-05-08 17:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{84F9B6DD-EB04-46DF-A243-F1EDAA9D0389}
2012-05-06 16:56 - 2012-05-06 16:56 - 0271232 ____A C:\Windows\Minidump\050612-31168-01.dmp
2012-05-06 15:21 - 2012-05-06 15:21 - 0000000 ____D C:\Users\nolberto\AppData\Local\{AB96A19B-7AAF-4EC5-89C5-A9D90FB8129E}
2012-04-27 16:59 - 2012-04-27 17:00 - 0032714 ____A C:\Windows\iis7.log
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\Windows\SysWOW64\BestPractices
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\Windows\System32\BestPractices
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\inetpub
2012-04-27 16:24 - 2012-04-27 16:24 - 0000000 ____D C:\Users\nolberto\AppData\Local\{2CA7FE6B-62CB-4EF3-A522-A48D52AA077E}
2012-04-27 05:05 - 2012-04-27 05:05 - 0000000 ____D C:\Users\nolberto\AppData\Local\{BC345852-5868-4530-971C-C13204B06FE2}
2012-04-27 05:05 - 2012-04-27 05:05 - 0000000 ____D C:\Users\nolberto\AppData\Local\{3BC3CDEC-AA81-4050-995B-063FC62CE42F}
2012-04-27 05:01 - 2012-04-27 05:02 - 0271232 ____A C:\Windows\Minidump\042712-68359-01.dmp
2012-04-27 04:57 - 2012-04-27 04:57 - 0271176 ____A C:\Windows\Minidump\042712-62993-01.dmp
2012-04-27 04:29 - 2012-04-27 04:29 - 0016840 ____A C:\Windows\SysWOW64\CCCInstall_201204270529065587.log
2012-04-27 04:23 - 2012-04-27 04:23 - 0000000 ____D C:\Users\nolberto\AppData\Local\{66B7C655-3028-4A89-8918-5928DCE6DAE7}
2012-04-27 04:07 - 2012-04-27 04:07 - 0000000 ____D C:\Users\nolberto\AppData\Local\{5B808DE1-C003-4AAD-8614-91997E40626A}
2012-04-27 02:11 - 2012-05-08 20:24 - 0007606 ____A C:\Users\nolberto\AppData\Local\resmon.resmoncfg
2012-04-27 00:25 - 2012-04-27 00:25 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{399FA55E-64A0-42C3-BD17-6B4B001E99E5}
2012-04-27 00:22 - 2012-04-27 00:22 - 0275304 ____A C:\Windows\Minidump\042712-35911-01.dmp
2012-04-26 23:57 - 2012-04-26 23:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{EFE4F98D-59BA-4C45-B7C6-E7678F4A1513}
2012-04-26 23:57 - 2012-04-26 23:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{5BEC3CE0-3F03-4C29-9DA3-BC06CE095396}
2012-04-26 22:33 - 2012-04-26 22:54 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-04-26 22:21 - 2012-03-20 12:50 - 0251528 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-04-26 22:20 - 2012-04-26 22:53 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-04-26 22:20 - 2012-04-26 22:53 - 0000000 ___HD C:\ProgramData\PC Tools
2012-04-26 22:20 - 2012-04-26 22:20 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\TestApp
2012-04-26 22:11 - 2012-04-26 22:11 - 0108656 ___AH C:\Users\nolberto\AppData\Local\GDIPFONTCACHEV1.DAT
2012-04-26 22:09 - 2012-04-26 22:09 - 0000000 ___AH C:\Users\nolberto\Documents\Default.rdp
2012-04-26 21:25 - 2012-04-27 17:16 - 0000000 ___HD C:\Windows\pss
2012-04-26 19:19 - 2012-04-26 19:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F1193EFD-7CBB-4F4A-BB0F-0AC3D12D6782}
2012-04-26 19:19 - 2012-04-26 19:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D9B9524F-8F96-488B-91E4-321CC2417F95}
2012-04-26 15:15 - 2012-04-26 15:15 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{ED1005FD-74CE-4DF2-9D99-20F81443C42F}
2012-04-26 15:15 - 2012-04-26 15:15 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{0A279A1E-3B3D-4F7F-AC7B-22A2AA9C2151}
2012-04-26 07:28 - 2012-04-26 07:29 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D0DEEDE2-5C7F-43E2-BD6F-C45F643ADE67}
2012-04-26 07:28 - 2012-04-26 07:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{E6D08449-F82A-4AB3-8478-14869532ED10}
2012-04-26 07:16 - 2012-04-26 07:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3F200F32-FDB3-4028-96D8-D3A4F76726A4}
2012-04-26 07:16 - 2012-04-26 07:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{11C32C60-EB0E-4687-AAEF-DD3A67DBB116}
2012-04-25 17:19 - 2012-04-25 17:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{DD4AD613-265C-4C76-AEC9-04E5149FC5D0}
2012-04-25 17:19 - 2012-04-25 17:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3DFFD46B-E793-4A65-9E52-84FACF236F1E}
2012-04-25 10:11 - 2012-04-25 10:12 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{B41B796B-DE69-4276-B206-6B383CBC7FA4}
2012-04-25 07:12 - 2012-04-25 07:12 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7BEE4435-15FD-40B6-9C0A-8F746A411C34}
2012-04-24 17:45 - 2012-04-24 17:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{27B7E42B-0EA1-4AE9-8B78-6FAC2A70250D}
2012-04-23 15:38 - 2012-04-23 15:38 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{8B2F8D83-07A0-459D-971B-AD4F8B176FF5}
2012-04-23 07:29 - 2012-04-23 07:29 - 0065536 __ASH C:\Windows\System32\config\components{0605fc6e-8ccf-11e1-8dfa-1c7508ab179d}.TxR.blf
2012-04-23 07:27 - 2012-04-23 07:27 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{B1331189-7286-4CC4-8178-7259C50AA4AF}
2012-04-22 18:10 - 2012-04-22 18:10 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{8A966FB9-FF44-4637-B961-D0A17984985B}
2012-04-22 15:45 - 2012-04-22 15:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{419039F3-3FFE-4E7B-8C12-381F74FCB9B6}
2012-04-22 14:36 - 2012-04-22 14:36 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{54701A64-0AAA-419F-8402-E935D1FEE40B}
2012-04-22 14:27 - 2012-04-22 14:27 - 0065536 __ASH C:\Windows\System32\config\components{ef3d33fc-8729-11e1-a7d9-1c7508ab179d}.TxR.blf
2012-04-22 14:24 - 2012-04-22 14:24 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F30F08AD-4C68-429F-AD31-DE552B0A9700}
2012-04-18 16:39 - 2012-04-18 16:39 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7212D9ED-C08C-4982-8261-CEF361D39580}
2012-04-18 16:34 - 2012-04-18 16:34 - 0275304 ____A C:\Windows\Minidump\041812-33633-01.dmp
2012-04-16 06:16 - 2012-04-16 06:17 - 0275304 ____A C:\Windows\Minidump\041612-48687-01.dmp
2012-04-15 15:53 - 2012-04-15 15:53 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{397D6268-233E-41DE-8BEB-968406391309}
2012-04-15 10:46 - 2012-02-27 22:43 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-04-15 10:46 - 2012-02-27 22:43 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-04-15 10:46 - 2012-02-27 22:42 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-04-15 10:46 - 2012-02-27 17:04 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-04-15 10:46 - 2012-02-27 17:03 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-04-15 10:46 - 2012-02-27 17:03 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-04-15 10:45 - 2012-02-27 23:34 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-04-15 10:45 - 2012-02-27 23:02 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-04-15 10:45 - 2012-02-27 22:56 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-04-15 10:45 - 2012-02-27 22:50 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-04-15 10:45 - 2012-02-27 22:49 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-04-15 10:45 - 2012-02-27 22:48 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-04-15 10:45 - 2012-02-27 22:48 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-04-15 10:45 - 2012-02-27 22:47 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-04-15 10:45 - 2012-02-27 22:45 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-04-15 10:45 - 2012-02-27 22:39 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-04-15 10:45 - 2012-02-27 17:52 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-04-15 10:45 - 2012-02-27 17:27 - 9705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-04-15 10:45 - 2012-02-27 17:18 - 1799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-04-15 10:45 - 2012-02-27 17:12 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-04-15 10:45 - 2012-02-27 17:11 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-04-15 10:45 - 2012-02-27 17:11 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-04-15 10:45 - 2012-02-27 17:09 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-04-15 10:45 - 2012-02-27 17:08 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-04-15 10:45 - 2012-02-27 17:06 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-04-15 10:45 - 2012-02-27 16:59 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-04-15 10:44 - 2012-02-29 22:54 - 0022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-04-15 10:44 - 2012-02-29 22:45 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-04-15 10:44 - 2012-02-29 22:40 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-04-15 10:44 - 2012-02-29 22:35 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-04-15 10:44 - 2012-02-29 21:49 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-04-15 10:44 - 2012-02-29 21:45 - 0158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-04-15 10:44 - 2012-02-29 21:40 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-04-15 10:40 - 2012-04-15 10:40 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{CDAA9E39-B0BD-4BB1-A5BE-271FDA5DF6C9}
2012-04-13 08:51 - 2012-04-13 08:51 - 0065536 __ASH C:\Windows\System32\config\components{dfebfc4c-851d-11e1-bd69-1c7508ab179d}.TxR.blf
2012-04-12 20:50 - 2012-04-12 20:50 - 0000761 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2012-04-11 16:43 - 2012-04-11 16:43 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{31AF0737-C72A-4783-8AE7-E779FE2D1A3C}
============ 3 Months Modified Files and Folders =============
2012-05-09 02:04 - 2012-05-09 01:53 - 0000000 ____D C:\FRST
2012-05-09 01:18 - 2012-03-04 14:13 - 0000000 ____D C:\Windows\Minidump
2012-05-09 01:18 - 2011-06-01 07:03 - 0000000 ___HD C:\users\nolberto
2012-05-09 01:18 - 2010-11-15 21:00 - 0000000 ___HD C:\Users\All Users\Norton
2012-05-09 01:18 - 2010-11-15 21:00 - 0000000 ___HD C:\ProgramData\Norton
2012-05-09 01:18 - 2009-07-13 23:45 - 0000000 ____D C:\Windows\ShellNew
2012-05-09 01:18 - 2009-07-13 23:45 - 0000000 ____D C:\Program Files\Windows Journal
2012-05-09 01:17 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration
2012-05-08 21:34 - 2012-05-08 21:27 - 0000000 ____D C:\Users\nolberto\AppData\Local\NPE
2012-05-08 21:33 - 2009-07-13 21:13 - 0798758 ____A C:\Windows\System32\PerfStringBackup.INI
2012-05-08 21:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At46.job
2012-05-08 21:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At45.job
2012-05-08 21:32 - 2011-02-27 19:11 - 1871345 ___AH C:\Windows\WindowsUpdate.log
2012-05-08 21:29 - 2012-05-08 21:28 - 0016516 ____A C:\Windows\ntbtlog.txt
2012-05-08 21:29 - 2011-06-15 00:10 - 0000000 ___HD C:\Users\nolberto\Tracing
2012-05-08 21:29 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT
2012-05-08 21:29 - 2009-07-13 20:51 - 0050849 ____A C:\Windows\setupact.log
2012-05-08 21:28 - 2011-02-27 19:08 - 3015884800 __ASH C:\hiberfil.sys
2012-05-08 21:27 - 2012-05-08 21:27 - 2804712 ____A (Symantec Corporation) C:\Users\nolberto\Documents\NPE.exe
2012-05-08 21:27 - 2012-05-08 21:27 - 0096376 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SMR250.SYS
2012-05-08 21:17 - 2012-05-08 21:17 - 2804712 ____A (Symantec Corporation) C:\Users\nolberto\Downloads\NPE.exe
2012-05-08 21:12 - 2009-07-13 20:45 - 0009920 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-05-08 21:12 - 2009-07-13 20:45 - 0009920 ____A C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-05-08 21:06 - 2012-05-08 21:06 - 0000000 ____D C:\Users\nolberto\AppData\Local\{8E4268F5-4DD7-4F9A-AEFB-77D01F62AE7D}
2012-05-08 21:04 - 2011-06-04 05:02 - 0317662 ___AH C:\Windows\PFRO.log
2012-05-08 21:04 - 2009-07-13 21:08 - 0032618 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-08 20:50 - 2012-05-08 20:50 - 0000467 ____A C:\Users\All Users\Gateway © - Shortcut.lnk
2012-05-08 20:50 - 2012-05-08 20:50 - 0000467 ____A C:\ProgramData\Gateway © - Shortcut.lnk
2012-05-08 20:50 - 2012-03-31 02:26 - 1063066 ___AH C:\Windows\ntbtlog.txt.bak
2012-05-08 20:41 - 2012-05-08 20:41 - 0271232 ____A C:\Windows\Minidump\050812-45848-01.dmp
2012-05-08 20:41 - 2012-03-04 14:12 - 600675103 ____A C:\Windows\MEMORY.DMP
2012-05-08 20:38 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At44.job
2012-05-08 20:38 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At43.job
2012-05-08 20:24 - 2012-04-27 02:11 - 0007606 ____A C:\Users\nolberto\AppData\Local\resmon.resmoncfg
2012-05-08 20:10 - 2009-07-13 19:20 - 0000000 ____D C:\PerfLogs
2012-05-08 19:56 - 2012-05-08 19:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{1ED4C39F-E108-43CB-919E-B2877A958D46}
2012-05-08 19:56 - 2012-05-08 19:55 - 0000000 ____D C:\Users\nolberto\AppData\Local\{0FFFFE57-FCC1-48CB-9035-500A3F321D72}
2012-05-08 19:54 - 2012-05-08 19:54 - 0271232 ____A C:\Windows\Minidump\050812-48921-01.dmp
2012-05-08 19:52 - 2012-05-08 19:52 - 0000000 ____D C:\Users\nolberto\AppData\Local\{ED762E46-CD83-4720-81B4-F839070CFCA1}
2012-05-08 19:47 - 2012-05-08 19:47 - 0271232 ____A C:\Windows\Minidump\050812-43009-01.dmp
2012-05-08 19:39 - 2012-05-08 19:39 - 0065536 __ASH C:\Windows\System32\config\components{122ce975-9042-11e1-bc63-1c7508ab179d}.TxR.blf
2012-05-08 19:39 - 2012-01-01 23:35 - 0000000 ____D C:\Users\nolberto\AppData\Local\ElevatedDiagnostics
2012-05-08 19:39 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF
2012-05-08 19:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At42.job
2012-05-08 19:33 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At41.job
2012-05-08 18:46 - 2012-05-08 18:46 - 3404618 ____A C:\Users\nolberto\Downloads\135_math8-12.pdf
2012-05-08 18:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At40.job
2012-05-08 18:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At39.job
2012-05-08 17:56 - 2012-05-08 17:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{B99DFBCC-A6B3-444A-9CA0-47DD3E0228FF}
2012-05-08 17:56 - 2012-05-08 17:56 - 0000000 ____D C:\Users\nolberto\AppData\Local\{84F9B6DD-EB04-46DF-A243-F1EDAA9D0389}
2012-05-06 19:03 - 2011-06-05 21:18 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\SoftGrid Client
2012-05-06 18:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\rescache
2012-05-06 17:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At38.job
2012-05-06 17:34 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At37.job
2012-05-06 17:03 - 2011-09-22 20:35 - 0000000 ___HD C:\Users\nolberto\AppData\Local\CrashDumps
2012-05-06 16:56 - 2012-05-06 16:56 - 0271232 ____A C:\Windows\Minidump\050612-31168-01.dmp
2012-05-06 16:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At36.job
2012-05-06 16:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At35.job
2012-05-06 15:35 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At34.job
2012-05-06 15:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At33.job
2012-05-06 15:21 - 2012-05-06 15:21 - 0000000 ____D C:\Users\nolberto\AppData\Local\{AB96A19B-7AAF-4EC5-89C5-A9D90FB8129E}
2012-04-27 17:16 - 2012-04-26 21:25 - 0000000 ___HD C:\Windows\pss
2012-04-27 17:00 - 2012-04-27 16:59 - 0032714 ____A C:\Windows\iis7.log
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\Windows\SysWOW64\BestPractices
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\Windows\System32\BestPractices
2012-04-27 16:58 - 2012-04-27 16:58 - 0000000 ____D C:\inetpub
2012-04-27 16:58 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Microsoft Games
2012-04-27 16:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\inetsrv
2012-04-27 16:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\inetsrv
2012-04-27 16:24 - 2012-04-27 16:24 - 0000000 ____D C:\Users\nolberto\AppData\Local\{2CA7FE6B-62CB-4EF3-A522-A48D52AA077E}
2012-04-27 05:05 - 2012-04-27 05:05 - 0000000 ____D C:\Users\nolberto\AppData\Local\{BC345852-5868-4530-971C-C13204B06FE2}
2012-04-27 05:05 - 2012-04-27 05:05 - 0000000 ____D C:\Users\nolberto\AppData\Local\{3BC3CDEC-AA81-4050-995B-063FC62CE42F}
2012-04-27 05:02 - 2012-04-27 05:01 - 0271232 ____A C:\Windows\Minidump\042712-68359-01.dmp
2012-04-27 04:57 - 2012-04-27 04:57 - 0271176 ____A C:\Windows\Minidump\042712-62993-01.dmp
2012-04-27 04:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At12.job
2012-04-27 04:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At11.job
2012-04-27 04:29 - 2012-04-27 04:29 - 0016840 ____A C:\Windows\SysWOW64\CCCInstall_201204270529065587.log
2012-04-27 04:29 - 2011-02-27 19:11 - 0014946 ___AH C:\Windows\DPINST.LOG
2012-04-27 04:23 - 2012-04-27 04:23 - 0000000 ____D C:\Users\nolberto\AppData\Local\{66B7C655-3028-4A89-8918-5928DCE6DAE7}
2012-04-27 04:07 - 2012-04-27 04:07 - 0000000 ____D C:\Users\nolberto\AppData\Local\{5B808DE1-C003-4AAD-8614-91997E40626A}
2012-04-27 04:01 - 2012-04-01 14:59 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\Remote
2012-04-27 03:54 - 2011-12-05 18:00 - 0000000 ___HD C:\Users\nolberto\.realobjects
2012-04-27 03:01 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Downloaded Program Files
2012-04-27 02:39 - 2011-08-07 15:15 - 0000000 ____D C:\Program Files\Google
2012-04-27 02:39 - 2011-08-07 15:15 - 0000000 ____D C:\Program Files (x86)\Google
2012-04-27 02:32 - 2012-03-31 21:47 - 0000344 ____A C:\Windows\Tasks\At8.job
2012-04-27 02:32 - 2012-03-31 21:47 - 0000342 ____A C:\Windows\Tasks\At7.job
2012-04-27 01:32 - 2012-03-31 21:47 - 0000344 ____A C:\Windows\Tasks\At6.job
2012-04-27 01:32 - 2012-03-31 21:47 - 0000342 ____A C:\Windows\Tasks\At5.job
2012-04-27 00:53 - 2012-03-26 20:02 - 0000000 ___HD C:\Users\Public\CyberLink
2012-04-27 00:53 - 2012-03-26 20:00 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Cyberlink
2012-04-27 00:53 - 2012-03-04 15:40 - 0000000 ___HD C:\Users\nolberto\Desktop\PhotoshopCS5
2012-04-27 00:53 - 2012-02-05 09:15 - 0000000 ___HD C:\Users\All Users\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}
2012-04-27 00:53 - 2012-02-05 09:15 - 0000000 ___HD C:\ProgramData\{D8EAEB0B-7E66-400B-9DCD-5E815A852728}
2012-04-27 00:53 - 2011-07-02 18:31 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Downloaded Installations
2012-04-27 00:53 - 2011-06-06 18:32 - 0000000 ____D C:\Users\All Users\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-04-27 00:53 - 2011-06-06 18:32 - 0000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2012-04-27 00:53 - 2011-06-01 07:04 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Apps\2.0
2012-04-27 00:53 - 2009-07-13 19:20 - 0000000 __RHD C:\users\Public
2012-04-27 00:52 - 2011-07-05 02:01 - 0000000 ____D C:\f5fc6348baa89debd23555c1d30b
2012-04-27 00:52 - 2010-11-15 20:07 - 0000000 ___HD C:\OEM
2012-04-27 00:34 - 2012-03-31 21:47 - 0000344 ____A C:\Windows\Tasks\At4.job
2012-04-27 00:33 - 2012-03-31 21:47 - 0000342 ____A C:\Windows\Tasks\At3.job
2012-04-27 00:33 - 2011-06-05 23:29 - 0000000 ___HD C:\Users\All Users\VirtualizedApplications
2012-04-27 00:33 - 2011-06-05 23:29 - 0000000 ___HD C:\ProgramData\VirtualizedApplications
2012-04-27 00:31 - 2011-08-07 15:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Google
2012-04-27 00:25 - 2012-04-27 00:25 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{399FA55E-64A0-42C3-BD17-6B4B001E99E5}
2012-04-27 00:22 - 2012-04-27 00:22 - 0275304 ____A C:\Windows\Minidump\042712-35911-01.dmp
2012-04-27 00:22 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR
2012-04-26 23:57 - 2012-04-26 23:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{EFE4F98D-59BA-4C45-B7C6-E7678F4A1513}
2012-04-26 23:57 - 2012-04-26 23:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{5BEC3CE0-3F03-4C29-9DA3-BC06CE095396}
2012-04-26 22:54 - 2012-04-26 22:33 - 0000000 ____D C:\Program Files (x86)\PC Tools
2012-04-26 22:53 - 2012-04-26 22:20 - 0000000 ___HD C:\Users\All Users\PC Tools
2012-04-26 22:53 - 2012-04-26 22:20 - 0000000 ___HD C:\ProgramData\PC Tools
2012-04-26 22:20 - 2012-04-26 22:20 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\TestApp
2012-04-26 22:11 - 2012-04-26 22:11 - 0108656 ___AH C:\Users\nolberto\AppData\Local\GDIPFONTCACHEV1.DAT
2012-04-26 22:09 - 2012-04-26 22:09 - 0000000 ___AH C:\Users\nolberto\Documents\Default.rdp
2012-04-26 19:19 - 2012-04-26 19:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F1193EFD-7CBB-4F4A-BB0F-0AC3D12D6782}
2012-04-26 19:19 - 2012-04-26 19:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D9B9524F-8F96-488B-91E4-321CC2417F95}
2012-04-26 15:15 - 2012-04-26 15:15 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{ED1005FD-74CE-4DF2-9D99-20F81443C42F}
2012-04-26 15:15 - 2012-04-26 15:15 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{0A279A1E-3B3D-4F7F-AC7B-22A2AA9C2151}
2012-04-26 07:29 - 2012-04-26 07:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D0DEEDE2-5C7F-43E2-BD6F-C45F643ADE67}
2012-04-26 07:28 - 2012-04-26 07:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{E6D08449-F82A-4AB3-8478-14869532ED10}
2012-04-26 07:16 - 2012-04-26 07:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3F200F32-FDB3-4028-96D8-D3A4F76726A4}
2012-04-26 07:16 - 2012-04-26 07:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{11C32C60-EB0E-4687-AAEF-DD3A67DBB116}
2012-04-25 17:19 - 2012-04-25 17:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{DD4AD613-265C-4C76-AEC9-04E5149FC5D0}
2012-04-25 17:19 - 2012-04-25 17:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3DFFD46B-E793-4A65-9E52-84FACF236F1E}
2012-04-25 10:12 - 2012-04-25 10:11 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{B41B796B-DE69-4276-B206-6B383CBC7FA4}
2012-04-25 09:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At22.job
2012-04-25 09:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At21.job
2012-04-25 08:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At20.job
2012-04-25 08:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At19.job
2012-04-25 07:37 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At17.job
2012-04-25 07:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At18.job
2012-04-25 07:12 - 2012-04-25 07:12 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7BEE4435-15FD-40B6-9C0A-8F746A411C34}
2012-04-24 22:52 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At48.job
2012-04-24 22:52 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At47.job
2012-04-24 17:45 - 2012-04-24 17:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{27B7E42B-0EA1-4AE9-8B78-6FAC2A70250D}
2012-04-23 16:33 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\AppCompat
2012-04-23 16:32 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\sysprep
2012-04-23 15:38 - 2012-04-23 15:38 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{8B2F8D83-07A0-459D-971B-AD4F8B176FF5}
2012-04-23 07:29 - 2012-04-23 07:29 - 0065536 __ASH C:\Windows\System32\config\components{0605fc6e-8ccf-11e1-8dfa-1c7508ab179d}.TxR.blf
2012-04-23 07:27 - 2012-04-23 07:27 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{B1331189-7286-4CC4-8178-7259C50AA4AF}
2012-04-22 18:10 - 2012-04-22 18:10 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{8A966FB9-FF44-4637-B961-D0A17984985B}
2012-04-22 15:45 - 2012-04-22 15:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{419039F3-3FFE-4E7B-8C12-381F74FCB9B6}
2012-04-22 14:36 - 2012-04-22 14:36 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{54701A64-0AAA-419F-8402-E935D1FEE40B}
2012-04-22 14:27 - 2012-04-22 14:27 - 0065536 __ASH C:\Windows\System32\config\components{ef3d33fc-8729-11e1-a7d9-1c7508ab179d}.TxR.blf
2012-04-22 14:24 - 2012-04-22 14:24 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F30F08AD-4C68-429F-AD31-DE552B0A9700}
2012-04-18 16:39 - 2012-04-18 16:39 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7212D9ED-C08C-4982-8261-CEF361D39580}
2012-04-18 16:34 - 2012-04-18 16:34 - 0275304 ____A C:\Windows\Minidump\041812-33633-01.dmp
2012-04-16 06:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At16.job
2012-04-16 06:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At15.job
2012-04-16 06:17 - 2012-04-16 06:16 - 0275304 ____A C:\Windows\Minidump\041612-48687-01.dmp
2012-04-15 15:53 - 2012-04-15 15:53 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{397D6268-233E-41DE-8BEB-968406391309}
2012-04-15 14:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At32.job
2012-04-15 14:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At31.job
2012-04-15 14:10 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At30.job
2012-04-15 14:10 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At29.job
2012-04-15 12:36 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At27.job
2012-04-15 12:34 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At28.job
2012-04-15 11:32 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At26.job
2012-04-15 11:32 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At25.job
2012-04-15 10:40 - 2012-04-15 10:40 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{CDAA9E39-B0BD-4BB1-A5BE-271FDA5DF6C9}
2012-04-13 08:51 - 2012-04-13 08:51 - 0065536 __ASH C:\Windows\System32\config\components{dfebfc4c-851d-11e1-bd69-1c7508ab179d}.TxR.blf
2012-04-12 21:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\ias
2012-04-12 21:01 - 2010-11-15 20:47 - 0000000 ____D C:\Windows\SysWOW64\Drivers\nti
2012-04-12 21:01 - 2010-11-15 20:43 - 0000000 ____D C:\Windows\SysWOW64\RTCOM
2012-04-12 21:01 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\TAPI
2012-04-12 21:01 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Recovery
2012-04-12 20:58 - 2011-11-12 12:42 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\Spotify
2012-04-12 20:58 - 2011-08-13 22:09 - 0000000 ___HD C:\Users\nolberto\Desktop\water mill
2012-04-12 20:58 - 2011-06-21 21:42 - 0000000 ____D C:\Windows\System32\Drivers\NAVx64
2012-04-12 20:58 - 2011-06-15 21:00 - 0000000 ___HD C:\Users\nolberto\Desktop\Empire Earth
2012-04-12 20:58 - 2011-06-15 21:00 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\U3
2012-04-12 20:58 - 2011-06-14 23:51 - 0000000 ___HD C:\Windows\en
2012-04-12 20:58 - 2011-02-27 19:04 - 0000000 ___HD C:\Windows\NAPP_Dism_Log
2012-04-12 20:58 - 2010-11-15 20:52 - 0000000 ____D C:\Windows\OEMTemp
2012-04-12 20:58 - 2010-11-15 20:50 - 0000000 ____D C:\Windows\oem
2012-04-12 20:58 - 2009-10-05 12:30 - 0000000 __AHD C:\Windows\DeployWinRE2
2012-04-12 20:58 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\Setup
2012-04-12 20:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\spool
2012-04-12 20:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Msdtc
2012-04-12 20:58 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\security
2012-04-12 20:57 - 2012-02-05 09:15 - 0000000 ___HD C:\Users\All Users\Best Buy pc app
2012-04-12 20:57 - 2012-02-05 09:15 - 0000000 ___HD C:\ProgramData\Best Buy pc app
2012-04-12 20:57 - 2011-08-13 22:59 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\SNS
2012-04-12 20:57 - 2011-07-07 19:58 - 0000000 ___HD C:\Users\All Users\Microsoft Help
2012-04-12 20:57 - 2011-07-07 19:58 - 0000000 ___HD C:\ProgramData\Microsoft Help
2012-04-12 20:57 - 2011-07-03 18:11 - 0000000 ____D C:\Program Files (x86)\ooVoo
2012-04-12 20:57 - 2011-07-02 18:32 - 0000000 ____D C:\Program Files (x86)\Music Rescue
2012-04-12 20:57 - 2011-06-21 21:43 - 0000000 ____D C:\Program Files\Common Files\Symantec Shared
2012-04-12 20:57 - 2011-06-21 21:42 - 0000000 ____D C:\Program Files (x86)\Norton AntiVirus
2012-04-12 20:57 - 2011-06-09 16:28 - 0000000 ___HD C:\Users\All Users\Hewlett-Packard
2012-04-12 20:57 - 2011-06-09 16:28 - 0000000 ___HD C:\ProgramData\Hewlett-Packard
2012-04-12 20:57 - 2011-06-06 18:32 - 0000000 ____D C:\Program Files\iTunes
2012-04-12 20:57 - 2011-06-06 18:32 - 0000000 ____D C:\Program Files\iPod
2012-04-12 20:57 - 2011-06-06 18:32 - 0000000 ____D C:\Program Files (x86)\iTunes
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ___HD C:\Users\All Users\Apple Computer
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ___HD C:\Users\All Users\Apple
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ___HD C:\ProgramData\Apple Computer
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ___HD C:\ProgramData\Apple
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ____D C:\Program Files\Common Files\Apple
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ____D C:\Program Files\Bonjour
2012-04-12 20:57 - 2011-06-06 18:31 - 0000000 ____D C:\Program Files (x86)\QuickTime
2012-04-12 20:57 - 2011-06-05 21:18 - 0000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client
2012-04-12 20:57 - 2011-02-27 19:27 - 0000000 ____D C:\Program Files (x86)\Windows Live
2012-04-12 20:57 - 2011-02-27 19:26 - 0000000 ____D C:\Program Files\Windows Live
2012-04-12 20:57 - 2011-02-27 19:23 - 0000000 ___HD C:\Users\All Users\OEM
2012-04-12 20:57 - 2011-02-27 19:23 - 0000000 ___HD C:\ProgramData\OEM
2012-04-12 20:57 - 2011-02-27 19:16 - 0000000 ____D C:\Program Files (x86)\Video Web Camera
2012-04-12 20:57 - 2011-02-27 19:15 - 0000000 ____D C:\Program Files\Synaptics
2012-04-12 20:57 - 2011-02-27 19:15 - 0000000 ____D C:\Program Files (x86)\Launch Manager
2012-04-12 20:57 - 2010-11-15 20:54 - 0000000 ___HD C:\Users\All Users\Nero
2012-04-12 20:57 - 2010-11-15 20:54 - 0000000 ___HD C:\ProgramData\Nero
2012-04-12 20:57 - 2010-11-15 20:51 - 0000000 ____D C:\Program Files\Gateway
2012-04-12 20:57 - 2010-11-15 20:46 - 0000000 ____D C:\Program Files (x86)\Social Networks
2012-04-12 20:57 - 2010-11-15 20:46 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-04-12 20:57 - 2010-11-15 20:46 - 0000000 ____D C:\Program Files (x86)\Cyberlink
2012-04-12 20:57 - 2010-11-15 20:43 - 0000000 ____D C:\Program Files\Realtek
2012-04-12 20:57 - 2010-11-15 20:40 - 0000000 ____D C:\Program Files\Broadcom
2012-04-12 20:57 - 2010-11-15 20:39 - 0000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2012-04-12 20:57 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Sidebar
2012-04-12 20:57 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Sidebar
2012-04-12 20:57 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\Microsoft Shared
2012-04-12 20:56 - 2011-12-10 21:18 - 0000000 ____D C:\Program Files (x86)\Adobe Download Assistant
2012-04-12 20:56 - 2011-06-06 18:31 - 0000000 ____D C:\Program Files (x86)\Bonjour
2012-04-12 20:56 - 2011-06-06 18:31 - 0000000 ____D C:\Program Files (x86)\Apple Software Update
2012-04-12 20:50 - 2012-04-12 20:50 - 0000761 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2012-04-12 20:50 - 2009-07-13 18:34 - 0001389 _RASH C:\Windows\System32\Drivers\etc\hosts
2012-04-12 20:49 - 2010-11-15 20:59 - 0000000 ____D C:\Windows\SysWOW64\Macromed
2012-04-12 20:49 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\winrm
2012-04-12 20:49 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\WCN
2012-04-12 20:49 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\slmgr
2012-04-12 20:49 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2012-04-12 20:49 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\SysWOW64\WindowsPowerShell
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Web
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Vss
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\spp
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Speech
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\NetworkList
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\MUI
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Msdtc
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\migwiz
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\InstallShield
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\IME
2012-04-12 20:49 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\Dism
2012-04-12 20:38 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\winrm
2012-04-12 20:38 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\WCN
2012-04-12 20:38 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\slmgr
2012-04-12 20:38 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WindowsPowerShell
2012-04-12 20:38 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\System32\WinBioPlugIns
2012-04-12 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\SysWOW64\com
2012-04-12 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\spp
2012-04-12 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Speech
2012-04-12 20:38 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\SMI
2012-04-12 20:37 - 2012-02-16 13:13 - 0000000 ___HD C:\Windows\System32\Macromed
2012-04-12 20:37 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\System32\Printing_Admin_Scripts
2012-04-12 20:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\oobe
2012-04-12 20:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NetworkList
2012-04-12 20:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\MUI
2012-04-12 20:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\migwiz
2012-04-12 20:37 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\IME
2012-04-12 20:34 - 2009-07-13 21:32 - 0000000 ____D C:\Windows\Performance
2012-04-12 20:34 - 2009-07-13 20:45 - 0000000 ____D C:\Windows\ServiceProfiles
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\Dism
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\com
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Speech
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\schemas
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Resources
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PolicyDefinitions
2012-04-12 20:34 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\PLA
2012-04-12 20:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\IME
2012-04-12 20:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Help
2012-04-12 20:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Globalization
2012-04-12 20:30 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\Branding
2012-04-12 20:27 - 2011-06-09 22:29 - 0000000 ___HD C:\Users\nolberto\Documents\Fax
2012-04-12 20:26 - 2011-06-01 07:38 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\Adobe
2012-04-12 20:26 - 2011-06-01 07:03 - 0000000 ___HD C:\Users\nolberto\AppData\LocalLow
2012-04-12 20:24 - 2011-12-10 21:18 - 0000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2012-04-12 20:24 - 2011-12-10 21:18 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2012-04-12 20:24 - 2011-08-13 22:59 - 0000000 ___HD C:\Users\All Users\CyberLink
2012-04-12 20:24 - 2011-08-13 22:59 - 0000000 ___HD C:\ProgramData\CyberLink
2012-04-12 20:24 - 2011-08-07 15:15 - 0000000 ___HD C:\Users\All Users\Google
2012-04-12 20:24 - 2011-08-07 15:15 - 0000000 ___HD C:\ProgramData\Google
2012-04-12 20:24 - 2011-06-29 08:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Microsoft Games
2012-04-12 20:24 - 2011-06-05 21:18 - 0000000 ____D C:\Program Files\Microsoft Office
2012-04-12 20:24 - 2010-11-15 20:51 - 0000000 ___HD C:\Users\All Users\Gateway
2012-04-12 20:24 - 2010-11-15 20:51 - 0000000 ___HD C:\ProgramData\Gateway
2012-04-12 20:24 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Photo Viewer
2012-04-12 20:24 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Windows Defender
2012-04-12 20:24 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\Reference Assemblies
2012-04-12 20:24 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\MSBuild
2012-04-12 20:24 - 2009-07-13 19:20 - 0000000 ___RD C:\users\Default
2012-04-12 20:24 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Windows NT
2012-04-12 20:23 - 2011-02-27 19:10 - 0000000 ____D C:\Program Files\ATI
2012-04-12 20:23 - 2010-11-15 20:59 - 0000000 ____D C:\Program Files (x86)\NortonInstaller
2012-04-12 20:23 - 2010-11-15 20:54 - 0000000 ____D C:\Program Files (x86)\Nero
2012-04-12 20:23 - 2010-11-15 20:47 - 0000000 ____D C:\Program Files (x86)\NewTech Infosystems
2012-04-12 20:23 - 2010-11-15 20:39 - 0000000 ____D C:\Program Files (x86)\Realtek
2012-04-12 20:23 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files\DVD Maker
2012-04-12 20:23 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2012-04-12 20:23 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Windows Defender
2012-04-12 20:23 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\Reference Assemblies
2012-04-12 20:23 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System
2012-04-12 20:23 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\SpeechEngines
2012-04-12 20:23 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files (x86)\Windows NT
2012-04-12 20:22 - 2011-06-05 23:00 - 0000000 ____D C:\Program Files (x86)\Java
2012-04-12 20:22 - 2011-02-27 19:27 - 0000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2012-04-12 20:22 - 2011-02-27 19:25 - 0000000 ____D C:\Program Files (x86)\Microsoft Office
2012-04-12 20:22 - 2010-11-15 20:45 - 0000000 ____D C:\Program Files (x86)\Gateway
2012-04-12 20:22 - 2009-07-13 21:32 - 0000000 ____D C:\Program Files (x86)\MSBuild
2012-04-12 20:21 - 2012-03-26 20:17 - 0000000 ____D C:\Program Files (x86)\ComboViewer
2012-04-12 20:21 - 2011-06-09 16:22 - 0000000 ____D C:\Program Files (x86)\Avery Dennison
2012-04-12 20:20 - 2010-11-15 20:58 - 0000000 ____D C:\Program Files (x86)\Adobe
2012-04-12 20:19 - 2011-06-09 21:11 - 0000000 ___RD C:\MSOCache
2012-04-11 17:08 - 2010-11-15 20:59 - 0000000 ___HD C:\Users\All Users\NortonInstaller
2012-04-11 17:08 - 2010-11-15 20:59 - 0000000 ___HD C:\ProgramData\NortonInstaller
2012-04-11 16:44 - 2011-07-03 20:48 - 0055808 __ASH C:\Users\nolberto\Documents\Thumbs.db
2012-04-11 16:43 - 2012-04-11 16:43 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{31AF0737-C72A-4783-8AE7-E779FE2D1A3C}
2012-04-01 17:41 - 2012-01-02 02:31 - 0000000 ___HD C:\Users\nolberto\Documents\College
2012-04-01 15:03 - 2009-07-13 20:45 - 0400040 ____A C:\Windows\System32\FNTCACHE.DAT
2012-04-01 14:43 - 2012-04-01 14:42 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{C5AAB872-543F-46DD-BA12-CD8E3E046CEF}
2012-04-01 14:37 - 2012-04-01 14:36 - 0275304 ____A C:\Windows\Minidump\040112-55286-01.dmp
2012-04-01 14:33 - 2012-04-01 14:33 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{FAFCDD35-770A-4A64-BFF5-894B7FBF8804}
2012-04-01 14:29 - 2012-04-01 14:28 - 0275304 ____A C:\Windows\Minidump\040112-56441-01.dmp
2012-04-01 00:30 - 2012-04-01 00:30 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3CF55598-A275-4D32-AA2F-32AC636C3C54}
2012-03-31 22:46 - 2011-06-01 07:04 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Deployment
2012-03-31 22:22 - 2012-03-31 22:22 - 0389024 ___AH (Bleeping Computer, LLC) C:\Users\nolberto\Desktop\unhide.exe
2012-03-31 22:15 - 2012-01-02 01:13 - 0000000 ___HD C:\Users\nolberto\Documents\MyTIData
2012-03-31 22:15 - 2011-08-12 19:50 - 0000000 ___HD C:\Users\nolberto\Desktop\ortiga nilsa
2012-03-31 22:09 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At24.job
2012-03-31 22:09 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At14.job
2012-03-31 22:09 - 2012-03-31 21:48 - 0000344 ____A C:\Windows\Tasks\At10.job
2012-03-31 22:09 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At9.job
2012-03-31 22:09 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At23.job
2012-03-31 22:09 - 2012-03-31 21:48 - 0000342 ____A C:\Windows\Tasks\At13.job
2012-03-31 22:09 - 2012-03-31 21:47 - 0000344 ____A C:\Windows\Tasks\At2.job
2012-03-31 22:09 - 2012-03-31 21:47 - 0000342 ____A C:\Windows\Tasks\At1.job
2012-03-31 04:28 - 2012-03-31 01:09 - 0000264 ___AH C:\Users\All Users\~xOWgqJZq0FUmCB
2012-03-31 04:28 - 2012-03-31 01:09 - 0000264 ___AH C:\ProgramData\~xOWgqJZq0FUmCB
2012-03-31 04:22 - 2012-03-26 20:13 - 0000000 ___HD C:\VxCapture
2012-03-31 03:59 - 2011-06-12 22:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Windows Live
2012-03-31 03:34 - 2012-03-31 03:34 - 0389024 ___AH (Bleeping Computer, LLC) C:\Users\nolberto\Downloads\unhide.exe
2012-03-31 03:34 - 2012-03-31 03:34 - 0389024 ___AH (Bleeping Computer, LLC) C:\Users\nolberto\Downloads\unhide (1).exe
2012-03-31 02:22 - 2012-03-31 02:22 - 9502424 ___AH (Malwarebytes Corporation ) C:\Users\nolberto\Downloads\mbam--setup-1.60.1.1000 (2).exe
2012-03-31 02:21 - 2012-03-31 02:20 - 9502424 ___AH (Malwarebytes Corporation ) C:\Users\nolberto\Downloads\mbam--setup-1.60.1.1000 (1).exe
2012-03-31 02:05 - 2012-03-31 02:05 - 9502424 ___AH (Malwarebytes Corporation ) C:\Users\nolberto\Downloads\mbam--setup-1.60.1.1000.exe
2012-03-31 01:09 - 2012-03-31 01:09 - 0000168 ___AH C:\Users\All Users\~xOWgqJZq0FUmCBr
2012-03-31 01:09 - 2012-03-31 01:09 - 0000168 ___AH C:\ProgramData\~xOWgqJZq0FUmCBr
2012-03-31 01:01 - 2012-03-31 01:00 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{65E0ADFF-4BE3-413A-A925-D1FA3139C28D}
2012-03-28 18:53 - 2012-03-28 18:53 - 0042234 ___AH C:\Users\nolberto\Documents\Hamlet Act 4 Common Assessment _ 1 Writing Section for e chalk.docx
2012-03-28 18:53 - 2012-03-28 18:53 - 0000162 ___AH C:\Users\nolberto\Documents\~$mlet Act 4 Common Assessment _ 1 Writing Section for e chalk.docx
2012-03-28 18:04 - 2012-03-28 18:04 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F461C055-F123-44B4-B246-FF599CFA5A66}
2012-03-28 18:02 - 2012-03-28 18:02 - 0275304 ____A C:\Windows\Minidump\032812-37206-01.dmp
2012-03-28 17:47 - 2012-03-28 17:47 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3F4969C1-5D34-4BAF-A872-08EDE2A34432}
2012-03-28 17:40 - 2012-03-28 17:40 - 0000000 ___HD C:\Users\All Users\boost_interprocess
2012-03-28 17:40 - 2012-03-28 17:40 - 0000000 ___HD C:\ProgramData\boost_interprocess
2012-03-28 17:37 - 2012-03-28 17:37 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{097EAC17-4F07-476F-925C-11C4D6BB3F56}
2012-03-27 21:18 - 2012-03-27 21:18 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{AD511B3F-DB4A-4958-BA1A-D46738919F94}
2012-03-27 19:23 - 2012-03-27 19:23 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{E3508091-2AAB-4F3F-B28D-6486794A07B4}
2012-03-27 19:22 - 2012-03-27 19:21 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{A8C8E316-28F1-43E9-A04D-1DED772182CC}
2012-03-27 19:17 - 2012-03-27 19:17 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{ADB9F7FB-4370-4D55-B11A-28CF8AC184AB}
2012-03-26 19:59 - 2012-03-26 19:59 - 0000000 ___HD C:\Users\nolberto\Documents\CyberLink
2012-03-26 19:59 - 2012-03-26 19:59 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\CyberLink
2012-03-26 19:57 - 2012-03-26 19:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{18D13BEB-5B23-4EDA-A050-076884D4A36E}
2012-03-26 19:57 - 2012-03-26 19:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{0340B1FA-8CAB-4B50-BF70-524CC8C71725}
2012-03-26 15:10 - 2012-03-26 14:58 - 0000264 ___AH C:\Users\All Users\~RsAqkcQa5RDP5y
2012-03-26 15:10 - 2012-03-26 14:58 - 0000264 ___AH C:\ProgramData\~RsAqkcQa5RDP5y
2012-03-26 15:10 - 2012-03-26 14:58 - 0000176 ___AH C:\Users\All Users\~RsAqkcQa5RDP5yr
2012-03-26 15:10 - 2012-03-26 14:58 - 0000176 ___AH C:\ProgramData\~RsAqkcQa5RDP5yr
2012-03-26 15:09 - 2012-03-26 15:09 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{66E36730-DC20-43CA-A5C9-4A9DDCC64C65}
2012-03-26 15:05 - 2012-03-16 14:12 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Systweak
2012-03-26 14:47 - 2012-03-26 14:47 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{EE83A4FD-5AB2-4FBE-B893-7DDEA7E2B5A1}
2012-03-26 14:47 - 2012-03-26 14:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{5ED87DFE-0CA7-45FC-A353-1513D7C7BDFF}
2012-03-26 13:21 - 2012-03-26 13:21 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{6C00F74A-127F-4669-ACBB-6C5720D4B0D0}
2012-03-26 13:21 - 2012-03-26 13:20 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{A7D67F1B-46E2-4693-A59D-E6F84D5FD4DE}
2012-03-20 12:50 - 2012-04-26 22:21 - 0251528 ____A (PC Tools) C:\Windows\System32\Drivers\PCTSD64.sys
2012-03-16 14:45 - 2012-03-16 14:45 - 0000000 ___HD C:\Users\nolberto\Documents\Haenlein-Software
2012-03-16 14:45 - 2012-03-16 14:45 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\Haenlein-Software
2012-03-16 14:45 - 2012-03-16 14:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\IsolatedStorage
2012-03-16 14:44 - 2012-03-16 14:44 - 0000000 ___HD C:\Users\nolberto\Documents\pvas21022
2012-03-16 14:03 - 2012-03-16 14:03 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{2BFEBD8E-25F2-4EC2-995B-E3824F5E3CA4}
2012-03-15 22:39 - 2011-12-10 21:20 - 0000000 ___HD C:\Users\nolberto\Adobe Photoshop CS5.1
2012-03-15 22:23 - 2012-03-15 22:22 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{60F8F7FE-4AD0-4B46-8B3B-BF95FBA01009}
2012-03-15 22:22 - 2012-03-15 22:21 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3F88D207-12C0-43D7-B685-F825C1A87C10}
2012-03-15 22:02 - 2012-03-15 22:02 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{104E2703-4E1E-4F78-A2CC-F1D08FD1E4BF}
2012-03-15 22:02 - 2012-03-15 22:01 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{77F8E084-FD8F-410B-AFE4-C762078481F6}
2012-03-15 21:22 - 2012-03-15 21:22 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\Nero
2012-03-15 21:04 - 2012-03-15 21:04 - 0000264 ___AH C:\Users\All Users\~A5xcokiChWTba7
2012-03-15 21:04 - 2012-03-15 21:04 - 0000264 ___AH C:\ProgramData\~A5xcokiChWTba7
2012-03-15 21:04 - 2012-03-15 21:04 - 0000176 ___AH C:\Users\All Users\~A5xcokiChWTba7r
2012-03-15 21:04 - 2012-03-15 21:04 - 0000176 ___AH C:\ProgramData\~A5xcokiChWTba7r
2012-03-15 20:59 - 2012-03-15 20:59 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{BD0B59E2-D0F2-47E5-ACBF-ACDC589DBE7F}
2012-03-15 20:59 - 2012-03-15 20:58 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{92C3812A-6790-4BFA-AA8D-CB9EEF06ACE6}
2012-03-15 20:26 - 2012-03-15 20:26 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{802E329E-C4CF-4A4F-A557-F20DA1F2B485}
2012-03-15 20:26 - 2012-03-15 20:26 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{15FDB19C-2694-4AEE-B628-DE304BA04064}
2012-03-15 20:22 - 2012-03-15 20:22 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{96DB36C7-72E6-453A-AACE-34C60B7DA369}
2012-03-14 13:48 - 2012-03-14 13:48 - 0000136 ___AH C:\Users\nolberto\AppData\Roaming\srvblck2.tmp
2012-03-14 13:48 - 2012-03-14 13:48 - 0000065 ___AH C:\Users\nolberto\AppData\Roaming\AcroIEHelpe.txt
2012-03-14 13:48 - 2012-03-14 13:48 - 0000032 ___AH C:\Users\nolberto\AppData\Roaming\blckdom.res
2012-03-14 13:48 - 2012-03-14 13:47 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\xmldm
2012-03-14 13:48 - 2012-03-14 13:47 - 0000000 ___HD C:\Users\nolberto\AppData\Roaming\kock
2012-03-14 13:32 - 2012-03-14 13:32 - 0065536 __ASH C:\Windows\System32\config\components{3d55d37b-6e1c-11e1-993d-1c7508ab179d}.TxR.blf
2012-03-14 13:28 - 2012-03-14 13:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{91CC46A5-868E-43E5-A109-318B1E85BF21}
2012-03-14 13:28 - 2012-03-14 13:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{17858664-9A94-4232-9D1F-3DD3850E4763}
2012-03-14 12:04 - 2012-03-14 09:45 - 0000264 ___AH C:\Users\All Users\~NFdtRhcmQ8qJ7C
2012-03-14 12:04 - 2012-03-14 09:45 - 0000264 ___AH C:\ProgramData\~NFdtRhcmQ8qJ7C
2012-03-14 09:45 - 2012-03-14 09:45 - 0000176 ___AH C:\Users\All Users\~NFdtRhcmQ8qJ7Cr
2012-03-14 09:45 - 2012-03-14 09:45 - 0000176 ___AH C:\ProgramData\~NFdtRhcmQ8qJ7Cr
2012-03-14 09:45 - 2012-03-14 09:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{4129C9BB-A617-4D85-AEF4-FB519E939FE4}
2012-03-14 09:45 - 2012-03-14 09:44 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3FBD0B36-E7C0-450A-9C17-B77D72BB303B}
2012-03-14 09:40 - 2012-03-14 09:40 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{350FA94A-B8C6-4CF8-B14F-876361AE33AB}
2012-03-14 09:33 - 2012-03-14 09:33 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{DD4F8E8B-F710-4DF5-807E-0E15AC19C919}
2012-03-14 09:28 - 2012-03-14 09:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{65767A34-D172-4A49-9841-D2B051AE0FA0}
2012-03-14 09:20 - 2012-03-14 09:19 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{EAE17854-9DA8-4E30-A688-396D2E84265A}
2012-03-14 09:19 - 2012-03-14 09:18 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{2CC8A8BD-C4BC-4723-BA45-0B734250737D}
2012-03-12 18:02 - 2012-03-12 18:02 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F1BB3405-6C3A-497F-843C-E92BB0224C1B}
2012-03-12 17:59 - 2012-03-12 17:59 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{0A7EC5F7-4BEE-4A0B-88F7-F8F8EC07513E}
2012-03-12 17:59 - 2012-03-12 17:58 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{2ECDA73D-FEAA-4EB7-A883-2AA1E22F6FC7}
2012-03-10 13:06 - 2012-03-10 13:06 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{1C6A58FD-7CBE-4519-9587-FBE2FA1133DC}
2012-03-10 11:04 - 2012-03-10 11:04 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{F4F2D1BB-6841-499A-9926-F8CCD85343B2}
2012-03-10 07:07 - 2012-03-10 07:07 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{A0FF3B38-9574-4F94-8CC1-0DC015B2EE13}
2012-03-09 18:35 - 2012-03-09 18:35 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{493DD921-809C-42A3-B9E6-27199BC2A027}
2012-03-08 14:24 - 2012-03-08 14:24 - 0065536 __ASH C:\Windows\System32\config\components{9a0e457f-6967-11e1-a193-1c7508ab179d}.TxR.blf
2012-03-08 14:06 - 2011-06-06 18:33 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Apple Computer
2012-03-08 14:00 - 2012-03-08 14:00 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{BA6A8557-F6C0-40D2-A572-60AC52051FA8}
2012-03-08 14:00 - 2012-03-08 14:00 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{1E510330-99CC-4E3A-9A5B-AEDFB4B11C9C}
2012-03-08 13:46 - 2012-03-08 13:46 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{AAA3B65F-4CC3-4205-9812-592C86D03B7A}
2012-03-08 13:46 - 2012-03-08 13:45 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{AB6D0C5D-9589-4268-B8D9-CFD66389A835}
2012-03-08 13:43 - 2012-03-08 13:43 - 0275304 ____A C:\Windows\Minidump\030812-42869-01.dmp
2012-03-08 11:36 - 2012-03-08 11:36 - 0065536 __ASH C:\Windows\System32\config\components{f05e8409-6894-11e1-8e17-1c7508ab179d}.TxR.blf
2012-03-07 20:49 - 2012-03-07 20:49 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{B08E1338-D25A-4ABF-9284-9F4174DF8DDF}
2012-03-07 20:41 - 2012-03-07 20:41 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D841720E-D983-4F8D-85E9-0D0D42313D16}
2012-03-07 19:28 - 2012-03-07 19:28 - 0013073 ___AH C:\Users\nolberto\Documents\HAMLETS WEST SIDE STORY.wlmp
2012-03-07 19:16 - 2012-03-07 19:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D0DF273C-79D5-4CEC-AB54-4E6EA27A8C46}
2012-03-07 19:16 - 2012-03-07 19:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{604B0535-FBD6-4AF3-82AC-D85DD2CBF1D2}
2012-03-07 17:45 - 2012-03-07 17:45 - 0015152 ___AH C:\Users\nolberto\Documents\ophelia song (Autosaved).docx
2012-03-07 12:37 - 2012-03-07 12:37 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7EA7E048-32D0-4B32-B5B8-8F2E9D7C45E1}
2012-03-07 12:33 - 2012-03-07 12:33 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{9910C8EC-77A6-426C-B5A1-1440B1D65EE9}
2012-03-07 12:28 - 2012-03-07 12:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{4BB380EF-4ACA-4D46-A58C-0F8B56DFC437}
2012-03-05 11:52 - 2012-03-05 11:52 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{60A492D4-9491-41D1-8DDA-54C35B68E60B}
2012-03-05 11:52 - 2012-03-05 11:52 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{41567FB1-0784-444D-8639-74E7958A8C23}
2012-03-05 11:48 - 2012-03-05 11:48 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{4E240C36-6A21-4E85-84E7-78AEB2603E45}
2012-03-05 11:47 - 2012-03-05 11:47 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{76CA825E-2156-4767-BDF2-EBBF2D8FA017}
2012-03-05 11:28 - 2012-03-05 11:28 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{3253B6AB-3C53-4226-938A-876563241187}
2012-03-04 14:15 - 2012-03-04 14:15 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{11A8A61E-717A-4A5D-A1E9-2FE1B10C021C}
2012-03-04 14:14 - 2012-03-04 14:14 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{82D9625F-3110-4782-A098-0A6B9B210F60}
2012-03-04 14:13 - 2012-03-04 14:13 - 0275304 ____A C:\Windows\Minidump\030412-35802-01.dmp
2012-03-04 13:22 - 2012-03-04 12:05 - 0000162 ___AH C:\Users\nolberto\Documents\~$Act I.docx
2012-03-04 13:22 - 2012-03-03 12:04 - 0018879 ___AH C:\Users\nolberto\Documents\Act I.docx
2012-03-04 12:04 - 2012-03-04 12:03 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{D0A2CABE-F13F-48B2-8CC8-572C7ACF7E0E}
2012-03-04 12:03 - 2012-03-04 12:02 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{CACA9A63-920E-4A4F-B296-1718AF4A14AC}
2012-03-04 11:58 - 2009-07-13 23:44 - 0000000 __RHD C:\Users\Public\Recorded TV
2012-03-03 11:22 - 2012-03-03 11:22 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{1075E12B-610B-4CA4-8D5B-4EE54F9BB819}
2012-03-03 11:18 - 2012-03-03 11:18 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{41BE6809-28C1-4A05-B05C-6515CA2E3DB8}
2012-03-02 23:58 - 2012-03-02 23:58 - 0000000 ____D C:\Users\Default\AppData\Local\Apple Computer
2012-03-02 23:58 - 2012-03-02 23:58 - 0000000 ____D C:\Users\Default User\AppData\Local\Apple Computer
2012-03-02 23:57 - 2012-03-02 23:57 - 0000000 ____D C:\Users\Default\AppData\Roaming\Apple Computer
2012-03-02 23:57 - 2012-03-02 23:57 - 0000000 ____D C:\Users\Default User\AppData\Roaming\Apple Computer
2012-03-02 22:58 - 2012-03-02 22:57 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{A19C9AA5-B96A-4E5C-A122-C05DBF4798A3}
2012-03-02 22:57 - 2012-03-02 22:55 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{4BDE9376-A83B-4293-AE6B-B98698100781}
2012-03-02 21:17 - 2012-03-02 21:17 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{709D9DC3-481B-492E-99E2-226437032E99}
2012-03-02 21:17 - 2012-03-02 21:16 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{22F2765A-782D-4BA7-86B6-456EFC844DFA}
2012-03-02 20:54 - 2011-11-12 12:42 - 0000000 ___HD C:\Users\nolberto\AppData\Local\Spotify
2012-03-01 19:55 - 2012-03-01 19:55 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{7275407A-021E-4BC4-81D0-44DD6630A147}
2012-02-29 22:54 - 2012-04-15 10:44 - 0022896 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-02-29 22:45 - 2012-04-15 10:44 - 0220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-02-29 22:40 - 2012-04-15 10:44 - 0080896 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-02-29 22:35 - 2012-04-15 10:44 - 0005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-02-29 21:49 - 2012-04-15 10:44 - 0172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-02-29 21:45 - 2012-04-15 10:44 - 0158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-02-29 21:40 - 2012-04-15 10:44 - 0005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-02-29 09:31 - 2011-12-21 09:07 - 0000000 ___HD C:\Users\nolberto\Documents\English
2012-02-27 23:34 - 2012-04-15 10:45 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-02-27 23:02 - 2012-04-15 10:45 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-02-27 22:56 - 2012-04-15 10:45 - 2311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-02-27 22:50 - 2012-04-15 10:45 - 1345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-02-27 22:49 - 2012-04-15 10:45 - 1390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-02-27 22:48 - 2012-04-15 10:45 - 1493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-02-27 22:48 - 2012-04-15 10:45 - 0237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-02-27 22:47 - 2012-04-15 10:45 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-02-27 22:45 - 2012-04-15 10:45 - 0818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-02-27 22:43 - 2012-04-15 10:46 - 2144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-02-27 22:43 - 2012-04-15 10:46 - 0096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-02-27 22:42 - 2012-04-15 10:46 - 2382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-02-27 22:39 - 2012-04-15 10:45 - 0248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-02-27 17:52 - 2012-04-15 10:45 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-02-27 17:27 - 2012-04-15 10:45 - 9705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-02-27 17:18 - 2012-04-15 10:45 - 1799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-02-27 17:12 - 2012-04-15 10:45 - 1103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-02-27 17:11 - 2012-04-15 10:45 - 1427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-02-27 17:11 - 2012-04-15 10:45 - 1127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-02-27 17:09 - 2012-04-15 10:45 - 0231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-02-27 17:08 - 2012-04-15 10:45 - 0065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-02-27 17:06 - 2012-04-15 10:45 - 0716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-02-27 17:04 - 2012-04-15 10:46 - 1792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-02-27 17:03 - 2012-04-15 10:46 - 2382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-02-27 17:03 - 2012-04-15 10:46 - 0072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-02-27 16:59 - 2012-04-15 10:45 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-02-27 07:37 - 2012-02-25 08:58 - 0014308 ___AH C:\Users\nolberto\Documents\Prologue.docx
2012-02-19 06:55 - 2012-02-19 06:55 - 3695416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2012-02-19 06:55 - 2012-02-19 06:55 - 3695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2012-02-19 06:55 - 2012-02-19 06:55 - 0697344 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0603648 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0580608 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0534528 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0452608 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0448512 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2012-02-19 06:55 - 2012-02-19 06:55 - 0434176 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0420864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0403248 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0367104 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2012-02-19 06:55 - 2012-02-19 06:55 - 0353792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0353584 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0282112 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0267776 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0249344 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0227840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0223232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0222208 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0203776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0173056 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0165888 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0162304 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0160256 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0152064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0145920 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0135168 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0130560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0123392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0118784 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0114176 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0111616 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0103936 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0091648 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0089088 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0086528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0085504 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0082432 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0078848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0076800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0076800 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2012-02-19 06:55 - 2012-02-19 06:55 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0074752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0072822 ____A C:\Windows\SysWOW64\ieuinit.inf
2012-02-19 06:55 - 2012-02-19 06:55 - 0072822 ____A C:\Windows\System32\ieuinit.inf
2012-02-19 06:55 - 2012-02-19 06:55 - 0066048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0065024 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0063488 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2012-02-19 06:55 - 2012-02-19 06:55 - 0055296 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0054272 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0049664 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0041472 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0035840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0031744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0030720 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0023552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2012-02-19 06:55 - 2012-02-19 06:55 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0010752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2012-02-19 06:55 - 2012-02-19 06:55 - 0010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2012-02-19 06:55 - 2012-02-19 05:55 - 0003882 ___AH C:\Windows\IE9_main.log
2012-02-17 19:14 - 2012-03-31 22:32 - 0001864 ____A C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
2012-02-16 13:13 - 2012-02-16 13:13 - 0000000 ___HD C:\Users\All Users\McAfee
2012-02-16 13:13 - 2012-02-16 13:13 - 0000000 ___HD C:\ProgramData\McAfee
2012-02-16 13:13 - 2011-08-07 15:15 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-02-14 22:27 - 2012-03-31 21:43 - 1031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-02-14 21:44 - 2012-03-31 21:43 - 0826368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-02-14 20:47 - 2012-03-31 21:43 - 0204800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-02-14 20:46 - 2012-03-31 21:43 - 0023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-02-10 17:42 - 2012-02-10 17:41 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{89EB2FD9-4757-4AE9-9E45-37250DEA466A}
2012-02-10 17:41 - 2012-02-10 17:41 - 0000000 ___HD C:\Users\nolberto\AppData\Local\{BC3DB06F-659C-4D82-9A22-15E147A8242C}
========================= Known DLLs (Whitelisted) ============
========================= Bamital & volsnap Check ============
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe
[2009-07-13 15:34] - [2009-07-13 17:14] - 0026112 ____A (Microsoft Corporation) 6DE80F60D7DE9CE6B8C2DDFDF79EF175
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
========================= Memory info ======================
Percentage of memory in use: 17%
Total physical RAM: 3834.9 MB
Available physical RAM: 3147.65 MB
Total Pagefile: 3833.05 MB
Available Pagefile: 3136.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: (Gateway) (Fixed) (Total:452.65 GB) (Free:400.7 GB) NTFS
2 Drive e: (PQSERVICE) (Fixed) (Total:13 GB) (Free:1.92 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive g: () (Removable) (Total:0.24 GB) (Free:0.02 GB) FAT
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
6 Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 465 GB 0 B
Disk 1 Online 247 MB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 13 GB 1024 KB
Partition 2 Primary 100 MB 13 GB
Partition 3 Primary 452 GB 13 GB
======================================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE NTFS Partition 13 GB Healthy Hidden
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 Y SYSTEM RESE NTFS Partition 100 MB Healthy
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C Gateway NTFS Partition 452 GB Healthy
======================================================================================================
Partitions of Disk 1:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 246 MB 16 KB
======================================================================================================
Disk: 1
Partition 1
Type : 06
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G FAT Removable 246 MB Healthy
======================================================================================================
==========================================================
TDL4: custom:26000022 <===== ATTENTION!
==========================================================
Last Boot: 2012-05-06 17:51
======================= End Of Log ==========================
Back to top
