Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus suspected - "Windows has encountered a critical error and will close..


  • This topic is locked This topic is locked
2 replies to this topic

#1 darcyq

darcyq

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:05:21 PM

Posted 03 December 2013 - 12:40 PM

I'm not sure if I have a virus or just a corruption of something, but I get a constant looping of Windows beginning to open after I log in then shutting down and restarting back to the login page.  I was able to do F8 and get into the System Recovery Options.   I ran the Farbar Recovery Scan and have the FRST.txt log and the Search.txt logs, included.    

 

I've been having memory shortage issues and really don't know in what state my backups are in (the backups ate up so much space I ended up deleting things I probably shouldn't have), so I'd really like to try to get into the system and do some data backups somehow.  I should have a running backup of my basic work files on my D drive via an online backup, but I don't have anything set to backup online on my C drive (mostly program files reside there, I keep most user data on my D).  Can I backup files somehow even if I can't run Windows?  

 

Please advise on recommended steps for both data recovery (if possible) and virus removal.

 

THANKS!

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by SYSTEM on MININT-47ML6GN on 03-12-2013 07:45:28
Running from F:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ASUS WebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1754448 2010-03-15] ()
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2121320 2010-09-28] (Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324096 2010-05-02] (Alcor Micro Corp.)
HKLM\...\Run: [ETDWare] - C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-06-09] (ELAN Microelectronic Corp.)
HKLM\...\Run: [IntelTBRunOnce] - C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs [4156 2010-04-16] ()
HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
HKLM\...\Run: [LogMeIn GUI] - C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2010-09-17] (LogMeIn, Inc.)
HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [Windows Mobile-based device management] - C:\Windows\WindowsMobile\wmdcBase.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl9] - C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] - C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048 2010-02-23] (cyberlink)
HKLM-x32\...\Run: [UpdatePSTShortCut] - C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2010-06-24] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-05-03] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1601536 2010-09-23] ()
HKLM-x32\...\Run: [SessionLogon] - C:\ExpressGateUtil\SessionLogon.exe
HKLM-x32\...\Run: [VAWinAgent] - C:\ExpressGateUtil\VAWinAgent.exe [21504 2010-08-12] ()
HKLM-x32\...\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] - C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe [479232 2005-07-15] (Google Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intuit SyncManager] - C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe [1532760 2011-06-14] (Intuit Inc. All rights reserved.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [DLSService] - "C:\Program Files (x86)\DYMO\DYMO Label Software\DLSService.exe"
HKLM-x32\...\Run: [ControlCenter4] - C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139264 2011-04-20] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] - C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2629632 2011-10-07] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] - C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46368 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] - C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [29984 2010-03-08] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort12reminder] - C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini [377 2013-12-03] ()
HKLM-x32\...\Run: [PDFHook] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] - C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\Darcy\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\Darcy\...\Run: [349B51E152C28CEFBB5E6F76BB557A4BFBE8209E._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKU\Darcy\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\Darcy\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\Darcy\...\Run: [Pogoplug Backup] - C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe [15554560 2012-11-30] (Cloud Engines, Inc.)
HKU\Darcy\...\Run: [Eye-Fi] - C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe [3961464 2011-12-21] (Eye-Fi, Inc.)
HKU\Darcy\...\Run: [Livedrive] - C:\Program Files (x86)\Livedrive\Livedrive.exe [1814680 2013-07-29] (Livedrive Internet Ltd)
HKU\Darcy\...\Run: [Google Update] - C:\Users\Darcy\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-05] (Google Inc.)
HKU\Darcy\...\Run: [MusicManager] - C:\Users\Darcy\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7342592 2013-09-23] (Google Inc.)
HKU\Darcy\...\Run: [Amazon Cloud Player] - C:\Users\Darcy\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3139072 2013-11-24] ()
HKU\Darcy\...\Run: [GoogleChromeAutoLaunch_F8DFCF0BAD1B80C7A3F10EF9FD5CBE02] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKU\postgres\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe"
HKU\UpdatusUser\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
HKU\UpdatusUser\...\Run: [Syncables] - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe [370480 2010-07-19] (syncables, LLC)
HKU\UpdatusUser\...\Run: [349B51E152C28CEFBB5E6F76BB557A4BFBE8209E._service_run] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKU\UpdatusUser\...\Run: [chromium] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [863184 2013-11-14] (Google Inc.)
HKU\UpdatusUser\...\Run: [GameXN GO] - "C:\ProgramData\GameXN\GameXNGO.exe" /startup
HKU\UpdatusUser\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\UpdatusUser\...\Run: [Pogoplug Backup] - C:\Program Files (x86)\PogoplugBackup\ppbrowser.exe [15554560 2012-11-30] (Cloud Engines, Inc.)
HKU\UpdatusUser\...\RunOnce: [spchecker] - "C:\Program Files (x86)\AVG\AVG10\Notification\SPCheckerTE.exe"
AppInit_DLLs: C:\Windows\System32\nvinitx.dll [112232 2010-08-16] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll [100968 2010-08-16] (NVIDIA Corporation)
Startup: C:\Users\Darcy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} -  No File
 
==================== Services (Whitelisted) =================
 
S2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)
S2 CSEntService; C:\csremote38\jdk1.6.0_10\bin\java.exe [139264 2011-08-17] (Sun Microsystems, Inc.)
S2 DokanCEMounter; C:\Program Files (x86)\PogoplugBackup\dokanmnt.exe [115560 2012-11-30] (Cloud Engines)
S2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-08-10] (Sanford, L.P.)
S2 LivedriveVSSService; C:\Program Files (x86)\Livedrive\VSSService.exe [210584 2013-07-29] ()
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2013-06-11] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226640 2013-06-11] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-11-08] (LogMeIn, Inc.)
S2 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] ()
S2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 NSTSECSvc; C:\Program Files (x86)\NetSecure\SmartSwipe\NSTSECSvc_32.EXE [142040 2011-11-10] (NetSecure Technologies Ltd.)
S2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [144672 2010-03-08] (Nuance Communications, Inc.)
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2010-04-05] ()
S3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
S2 Tomcat6; c:\apache-tomcat-6.0.18\bin\tomcat6.exe [57344 2008-07-22] (Apache Software Foundation)
S2 VideAceWindowsService; C:\ExpressGateUtil\VAWinService.exe [77312 2010-08-20] ()
S2 pgsql-8.2; c:/postgres/bin/pg_ctl.exe runservice -N "pgsql-8.2" -D "c:/postgres/data" [x]
 
==================== Drivers (Whitelisted) ====================
 
S1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
S2 DokanCEDriver; C:\Program Files (x86)\PogoplugBackup\dokance.sys [66920 2012-11-30] (Cloud Engines)
S3 FLxHCIh; C:\Windows\System32\DRIVERS\FLxHCIh.sys [69120 2010-09-24] (Fresco Logic)
S2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-02] ()
S3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
S2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-04] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-19] ()
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58664 2008-07-11] (SafeNet, Inc.)
S2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13832 2010-04-16] ()
S2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl [146928 2010-02-24] (CyberLink Corp.)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [x]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [x]
S3 motccgp; system32\DRIVERS\motccgp.sys [x]
S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [x]
S3 motmodem; system32\DRIVERS\motmodem.sys [x]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [x]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [x]
S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [x]
S3 tmlwf; 
S3 tmwfp; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2013-12-03 07:45 - 2013-12-03 07:45 - 00000000 ____D C:\FRST
2013-12-03 05:43 - 2013-12-03 05:43 - 00000000 ____D C:\Users\Darcy\.syncables
2013-12-03 02:07 - 2013-10-14 17:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2013-12-03 02:04 - 2013-12-03 02:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 02:04 - 2013-12-03 02:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-12-03 02:04 - 2013-12-03 02:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-12-03 02:04 - 2013-12-03 02:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 02:04 - 2013-12-03 02:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 02:04 - 2013-12-03 02:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-12-03 02:04 - 2013-12-03 02:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-12-03 02:04 - 2013-12-03 02:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 02:04 - 2013-12-03 02:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-12-03 02:04 - 2013-12-03 02:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 02:04 - 2013-12-03 02:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-12-03 02:01 - 2013-12-03 02:07 - 00008705 _____ C:\Windows\IE11_main.log
2013-11-29 17:37 - 2013-11-29 17:37 - 00347304 _____ (Microsoft Corporation) C:\Users\Darcy\Downloads\MicrosoftFixit.dvd.RNP.131309202587200903.3.1.Run.exe
2013-11-27 19:48 - 2013-11-27 19:48 - 00001218 _____ C:\Users\Darcy\Desktop\Amazon Cloud Player.lnk
2013-11-26 12:59 - 2013-11-26 14:13 - 00000000 ____D C:\Users\Darcy\.Meridian3
2013-11-26 12:59 - 2013-11-26 13:01 - 00000000 ____D C:\Users\Darcy\.roescache
2013-11-26 12:59 - 2013-11-26 12:59 - 00002177 _____ C:\Users\Darcy\Desktop\Meridian Pro.lnk
2013-11-26 12:58 - 2013-11-26 12:58 - 00001232 _____ C:\Users\Darcy\Downloads\launch.jnlp
2013-11-26 12:55 - 2013-11-26 12:55 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-26 12:55 - 2013-10-08 06:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-11-26 12:55 - 2013-10-08 06:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-11-26 12:55 - 2013-10-08 06:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-11-26 12:55 - 2013-10-08 06:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-11-26 12:51 - 2013-11-26 12:51 - 00915368 _____ (Oracle Corporation) C:\Users\Darcy\Downloads\chromeinstall-7u45.exe
2013-11-26 08:53 - 2013-11-26 08:53 - 40325574 _____ C:\Users\Darcy\Downloads\20-20-Guide.zip
2013-11-21 11:16 - 2013-11-25 15:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-20 17:16 - 2013-11-20 17:16 - 00011626 _____ C:\Users\Darcy\Downloads\YUM (1).xlsx
2013-11-19 15:07 - 2013-11-20 17:24 - 00010159 _____ C:\Users\Darcy\Downloads\YUM.xlsx
2013-11-12 18:21 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\nshwfp.dll
2013-11-12 18:21 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2013-11-12 18:21 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL
2013-11-12 18:21 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-12 18:21 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-12 18:21 - 2013-10-05 12:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-11-12 18:21 - 2013-10-05 11:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-12 18:21 - 2013-10-03 18:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-12 18:21 - 2013-10-03 18:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\credui.dll
2013-11-12 18:21 - 2013-10-03 18:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-11-12 18:21 - 2013-10-03 17:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-12 18:21 - 2013-10-03 17:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-12 18:21 - 2013-10-03 17:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-12 18:21 - 2013-10-02 18:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2013-11-12 18:21 - 2013-10-02 18:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-12 18:21 - 2013-09-27 17:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2013-11-12 18:21 - 2013-09-24 18:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-11-12 18:21 - 2013-09-24 18:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2013-11-12 18:21 - 2013-09-24 18:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2013-11-12 18:21 - 2013-09-24 18:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2013-11-12 18:21 - 2013-09-24 18:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2013-11-12 18:21 - 2013-09-24 18:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-11-12 18:21 - 2013-09-24 18:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-11-12 18:21 - 2013-09-24 18:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2013-11-12 18:21 - 2013-09-24 17:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-12 18:21 - 2013-09-24 17:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-12 18:21 - 2013-09-24 17:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-12 18:21 - 2013-09-24 17:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-12 18:21 - 2013-09-24 17:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2013-11-12 18:21 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-11-09 09:31 - 2013-11-09 09:31 - 00728696 _____ C:\Users\Darcy\Downloads\KP CO Silver 1750-25%HSA.xls
2013-11-09 09:29 - 2013-11-09 09:29 - 00721599 _____ C:\Users\Darcy\Downloads\New West Focus HMO Bronze HSA - Deductible $6300-100%.xls
2013-11-09 09:27 - 2013-11-09 09:27 - 00729071 _____ C:\Users\Darcy\Downloads\KP CO Gold 1000-20.xls
2013-11-09 09:25 - 2013-11-09 09:25 - 00765433 _____ C:\Users\Darcy\Downloads\Rocky Mountain View PPO Bronze HSA - Deductible $6300-100%.xls
2013-11-09 09:20 - 2013-11-09 09:20 - 00681073 _____ C:\Users\Darcy\Downloads\myCigna Health Flex 1500.xls
2013-11-09 09:19 - 2013-11-09 09:19 - 00680182 _____ C:\Users\Darcy\Downloads\myCigna Health Savings 3400.xls
2013-11-09 08:57 - 2013-11-09 08:57 - 00765652 _____ C:\Users\Darcy\Downloads\Rocky Mountain View PPO Silver HSA - Deductible $2500-100%.xls
2013-11-07 15:24 - 2013-11-27 19:48 - 00001610 _____ C:\Windows\System32\Tasks\Amazon Music Helper
2013-11-07 15:23 - 2013-11-29 17:20 - 00000000 ____D C:\Users\Darcy\AppData\Local\Amazon Cloud Player
2013-11-07 15:23 - 2013-11-07 15:23 - 33506264 _____ (Amazon) C:\Users\Darcy\Downloads\AmazonCloudPlayerInstaller_344._V353717384_.exe
2013-11-06 07:15 - 2013-11-06 07:16 - 00000000 ____D C:\postgres
2013-11-06 07:15 - 2013-11-06 07:16 - 00000000 ____D C:\apache-tomcat-6.0.18
2013-11-06 07:09 - 2013-11-06 07:10 - 00000000 ____D C:\harmony1856jre1745
2013-11-06 07:06 - 2013-11-06 07:09 - 227234462 _____ ( ) C:\Users\Darcy\Downloads\Harmony1856jre1745.exe
2013-11-04 09:02 - 2013-11-04 11:06 - 00202412 _____ C:\Users\Darcy\Documents\DJ Dildime.xlsx
 
==================== One Month Modified Files and Folders =======
 
2013-12-03 07:45 - 2013-12-03 07:45 - 00000000 ____D C:\FRST
2013-12-03 06:14 - 2010-10-31 19:28 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-03 06:14 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-03 06:13 - 2009-07-13 20:51 - 00099047 _____ C:\Windows\setupact.log
2013-12-03 05:54 - 2010-10-31 19:11 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 05:53 - 2013-01-22 14:27 - 00000000 ____D C:\Users\Darcy\AppData\Local\Eye-Fi
2013-12-03 05:49 - 2010-10-31 19:32 - 00000000 ____D C:\Program Files\P4G
2013-12-03 05:43 - 2013-12-03 05:43 - 00000000 ____D C:\Users\Darcy\.syncables
2013-12-03 05:43 - 2010-12-09 09:47 - 00000000 ____D C:\users\Darcy
2013-12-03 05:37 - 2010-10-31 18:43 - 01640237 _____ C:\Windows\WindowsUpdate.log
2013-12-03 05:32 - 2013-10-05 09:16 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2860707648-2316436395-786841741-1002UA.job
2013-12-03 05:10 - 2013-02-26 10:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 05:05 - 2010-10-31 19:11 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 02:54 - 2013-02-27 02:48 - 00000000 ____D C:\Windows\rescache
2013-12-03 02:33 - 2009-07-13 20:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 02:33 - 2009-07-13 20:45 - 00010240 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 02:32 - 2009-07-13 21:13 - 00726444 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-03 02:24 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-03 02:07 - 2013-12-03 02:01 - 00008705 _____ C:\Windows\IE11_main.log
2013-12-03 02:04 - 2013-12-03 02:04 - 23212032 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 12995584 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 05765120 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-03 02:04 - 2013-12-03 02:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-12-03 02:04 - 2013-12-03 02:04 - 02332160 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01993728 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-12-03 02:04 - 2013-12-03 02:04 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-03 02:04 - 2013-12-03 02:04 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01394176 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 02:04 - 2013-12-03 02:04 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-12-03 02:04 - 2013-12-03 02:04 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-12-03 02:04 - 2013-12-03 02:04 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 02:04 - 2013-12-03 02:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-12-03 02:04 - 2013-12-03 02:04 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 02:04 - 2013-12-03 02:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 02:04 - 2013-12-03 02:04 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 02:04 - 2013-12-03 02:04 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-12-02 23:43 - 2012-12-13 11:59 - 00000000 ____D C:\Users\Darcy\AppData\Local\Pogoplug
2013-12-02 11:39 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2013-12-02 11:34 - 2012-08-02 06:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-02 11:34 - 2010-10-31 19:19 - 00125932 _____ C:\Windows\PFRO.log
2013-12-02 11:34 - 2010-10-31 19:11 - 00000000 ____D C:\Program Files\Google
2013-12-02 11:34 - 2010-10-31 19:11 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-02 11:29 - 2013-10-05 09:16 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2860707648-2316436395-786841741-1002Core.job
2013-12-02 07:30 - 2012-12-03 08:45 - 00000336 _____ C:\Windows\BRCALIB.INI
2013-12-01 12:39 - 2010-12-13 10:43 - 00000000 ____D C:\Users\Darcy\AppData\Local\CutePDF Writer
2013-12-01 12:21 - 2010-12-21 07:55 - 00101110 _____ C:\datamanager.log
2013-11-29 17:37 - 2013-11-29 17:37 - 00347304 _____ (Microsoft Corporation) C:\Users\Darcy\Downloads\MicrosoftFixit.dvd.RNP.131309202587200903.3.1.Run.exe
2013-11-29 17:30 - 2013-09-26 16:41 - 00000000 ____D C:\Users\Darcy\AppData\Roaming\Google
2013-11-29 17:30 - 2010-12-08 22:25 - 00000000 ____D C:\Users\Darcy\AppData\Local\Google
2013-11-29 17:20 - 2013-11-07 15:23 - 00000000 ____D C:\Users\Darcy\AppData\Local\Amazon Cloud Player
2013-11-27 19:48 - 2013-11-27 19:48 - 00001218 _____ C:\Users\Darcy\Desktop\Amazon Cloud Player.lnk
2013-11-27 19:48 - 2013-11-07 15:24 - 00001610 _____ C:\Windows\System32\Tasks\Amazon Music Helper
2013-11-26 14:13 - 2013-11-26 12:59 - 00000000 ____D C:\Users\Darcy\.Meridian3
2013-11-26 13:01 - 2013-11-26 12:59 - 00000000 ____D C:\Users\Darcy\.roescache
2013-11-26 12:59 - 2013-11-26 12:59 - 00002177 _____ C:\Users\Darcy\Desktop\Meridian Pro.lnk
2013-11-26 12:58 - 2013-11-26 12:58 - 00001232 _____ C:\Users\Darcy\Downloads\launch.jnlp
2013-11-26 12:56 - 2013-10-07 05:07 - 00000000 ____D C:\ProgramData\Oracle
2013-11-26 12:55 - 2013-11-26 12:55 - 00004154 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-11-26 12:55 - 2010-12-20 14:12 - 00000000 ____D C:\Program Files (x86)\Java
2013-11-26 12:51 - 2013-11-26 12:51 - 00915368 _____ (Oracle Corporation) C:\Users\Darcy\Downloads\chromeinstall-7u45.exe
2013-11-26 12:00 - 2010-10-31 19:11 - 00003908 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-11-26 12:00 - 2010-10-31 19:11 - 00003656 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-26 11:28 - 2013-08-01 11:37 - 00000000 ____D C:\Program Files\CCI Orders
2013-11-26 08:53 - 2013-11-26 08:53 - 40325574 _____ C:\Users\Darcy\Downloads\20-20-Guide.zip
2013-11-25 15:09 - 2013-11-21 11:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-11-25 08:37 - 2010-12-15 18:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-22 08:27 - 2013-10-05 09:16 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860707648-2316436395-786841741-1002UA
2013-11-22 08:27 - 2013-10-05 09:16 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2860707648-2316436395-786841741-1002Core
2013-11-20 17:24 - 2013-11-19 15:07 - 00010159 _____ C:\Users\Darcy\Downloads\YUM.xlsx
2013-11-20 17:16 - 2013-11-20 17:16 - 00011626 _____ C:\Users\Darcy\Downloads\YUM (1).xlsx
2013-11-20 14:06 - 2010-12-20 13:02 - 00000000 ____D C:\Users\Darcy\AppData\Local\Citrix
2013-11-19 06:22 - 2012-04-28 06:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-19 06:22 - 2011-12-04 07:19 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-19 06:22 - 2011-12-04 07:09 - 00002155 _____ C:\Windows\epplauncher.mif
2013-11-19 02:21 - 2011-12-04 07:21 - 00267936 ____N (Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
2013-11-13 06:11 - 2010-12-16 03:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 06:10 - 2013-08-10 06:01 - 00000000 ____D C:\Windows\System32\MRT
2013-11-13 06:05 - 2010-12-09 13:35 - 82896128 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-11-09 09:31 - 2013-11-09 09:31 - 00728696 _____ C:\Users\Darcy\Downloads\KP CO Silver 1750-25%HSA.xls
2013-11-09 09:29 - 2013-11-09 09:29 - 00721599 _____ C:\Users\Darcy\Downloads\New West Focus HMO Bronze HSA - Deductible $6300-100%.xls
2013-11-09 09:27 - 2013-11-09 09:27 - 00729071 _____ C:\Users\Darcy\Downloads\KP CO Gold 1000-20.xls
2013-11-09 09:25 - 2013-11-09 09:25 - 00765433 _____ C:\Users\Darcy\Downloads\Rocky Mountain View PPO Bronze HSA - Deductible $6300-100%.xls
2013-11-09 09:20 - 2013-11-09 09:20 - 00681073 _____ C:\Users\Darcy\Downloads\myCigna Health Flex 1500.xls
2013-11-09 09:19 - 2013-11-09 09:19 - 00680182 _____ C:\Users\Darcy\Downloads\myCigna Health Savings 3400.xls
2013-11-09 08:57 - 2013-11-09 08:57 - 00765652 _____ C:\Users\Darcy\Downloads\Rocky Mountain View PPO Silver HSA - Deductible $2500-100%.xls
2013-11-07 15:23 - 2013-11-07 15:23 - 33506264 _____ (Amazon) C:\Users\Darcy\Downloads\AmazonCloudPlayerInstaller_344._V353717384_.exe
2013-11-07 05:50 - 2013-09-12 14:28 - 00000000 ____D C:\Users\Darcy\AppData\Local\Livedrive
2013-11-06 07:16 - 2013-11-06 07:15 - 00000000 ____D C:\postgres
2013-11-06 07:16 - 2013-11-06 07:15 - 00000000 ____D C:\apache-tomcat-6.0.18
2013-11-06 07:16 - 2013-03-05 08:41 - 00001560 _____ C:\Users\Public\Desktop\Harmony.lnk
2013-11-06 07:15 - 2012-07-30 20:51 - 00000000 ____D C:\csremote38
2013-11-06 07:10 - 2013-11-06 07:09 - 00000000 ____D C:\harmony1856jre1745
2013-11-06 07:09 - 2013-11-06 07:06 - 227234462 _____ ( ) C:\Users\Darcy\Downloads\Harmony1856jre1745.exe
2013-11-06 06:57 - 2010-10-31 19:33 - 00001714 _____ C:\Windows\System32\ServiceFilter.ini
2013-11-06 06:56 - 2009-07-13 20:45 - 02622440 _____ C:\Windows\System32\FNTCACHE.DAT
2013-11-04 11:06 - 2013-11-04 09:02 - 00202412 _____ C:\Users\Darcy\Documents\DJ Dildime.xlsx
 
Some content of TEMP:
====================
C:\Users\Darcy\AppData\Local\Temp\a2zLyrics_1060-8102_v122.exe
C:\Users\Darcy\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Darcy\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\Darcy\AppData\Local\Temp\CrossReader.exe
C:\Users\Darcy\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Darcy\AppData\Local\Temp\EyeFiSetup.exe
C:\Users\Darcy\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Darcy\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\Darcy\AppData\Local\Temp\G2MInstallerExtractor.exe
C:\Users\Darcy\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Darcy\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Darcy\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Darcy\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Darcy\AppData\Local\Temp\LD6FF0.tmp.exe
C:\Users\Darcy\AppData\Local\Temp\nsf4A5A.exe
C:\Users\Darcy\AppData\Local\Temp\nsf5336.exe
C:\Users\Darcy\AppData\Local\Temp\nsk9F7B.exe
C:\Users\Darcy\AppData\Local\Temp\nskAA2B.exe
C:\Users\Darcy\AppData\Local\Temp\nskBB45.exe
C:\Users\Darcy\AppData\Local\Temp\nspE798.exe
C:\Users\Darcy\AppData\Local\Temp\nszFC46.exe
C:\Users\Darcy\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Darcy\AppData\Local\Temp\ose00000.exe
C:\Users\Darcy\AppData\Local\Temp\readSTILog.dll
C:\Users\Darcy\AppData\Local\Temp\SecondStepInstaller.exe
C:\Users\Darcy\AppData\Local\Temp\sp-downloader.exe
C:\Users\Darcy\AppData\Local\Temp\SPStub.exe
C:\Users\Darcy\AppData\Local\Temp\tbappb.dll
C:\Users\Darcy\AppData\Local\Temp\uninst1.exe
C:\Users\Darcy\AppData\Local\Temp\uninstaller-7140.exe
C:\Users\Darcy\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Darcy\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Darcy\AppData\Local\Temp\_is3B79.exe
C:\Users\Darcy\AppData\Local\Temp\_isA6FB.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
3
Restore point made on: 2013-11-29 07:09:47
Restore point made on: 2013-12-02 11:47:51
Restore point made on: 2013-12-03 02:00:36
 
==================== Memory info =========================== 
 
Percentage of memory in use: 16%
Total physical RAM: 3884.48 MB
Available physical RAM: 3257.51 MB
Total Pagefile: 3882.63 MB
Available Pagefile: 3274.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:5.65 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:327.83 GB) (Free:47.32 GB) NTFS
Drive f: (USB DISK) (Removable) (Total:3.73 GB) (Free:2.39 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=21 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=328 GB) - (Type=OF Extended)
 
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)
 
 
LastRegBack: 2013-12-03 02:47
 
==================== End Of Log ============================
 
 

Farbar Recovery Scan Tool (x64) Version: 03-12-2013
Ran by SYSTEM at 2013-12-03 07:59:39
Running from F:\
Boot Mode: Recovery
 
================== Search: "services.exe" ===================
 
C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
 
C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB
 
====== End Of Search ======
 


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 PM

Posted 08 December 2013 - 12:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/516227 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,604 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:21 PM

Posted 08 December 2013 - 12:48 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users