also @ TechSpot: iTunes 11.0.3 delivers revamped MiniPlayer, security fixes

Constant Google redirects/popups and freezing

Discussion in 'Virus and Malware Removal' started by Nordox3432, Jun 8, 2012.

Page 2 of 2

  1. Nordox3432 Newcomer, in training Posts: 22

    A friend of mine told me to use combofix, but it didn't even open up, is what I meant. I followed your instructions for Combofix and it did work this time. Here is the log for that, and I'll do the other steps.

    ComboFix 12-06-16.02 - Bethany 06/18/2012 12:45:03.2.1 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2663.1227 [GMT -5:00]
    Running from: c:\users\Bethany\Downloads\ComboFix.exe
    AV: Bitdefender Antivirus *Disabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92}
    FW: Bitdefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
    SP: Bitdefender Antispyware *Disabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\1325023467.bdinstall.bin
    c:\windows\assembly\GAC_32\Desktop.ini
    c:\windows\assembly\GAC_64\Desktop.ini
    c:\windows\assembly\temp\@
    c:\windows\assembly\temp\cfg.ini
    c:\windows\system32\consrv.dll
    c:\windows\system32\Thumbs.db
    c:\windows\system32\wbem\Performance\WmiApRpl_new.ini
    c:\windows\System64
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-05-18 to 2012-06-18 )))))))))))))))))))))))))))))))
    .
    .
    2012-06-18 18:31 . 2012-06-18 18:31 -------- d-----w- c:\users\Public\AppData\Local\temp
    2012-06-18 18:31 . 2012-06-18 18:31 -------- d-----w- c:\users\Default\AppData\Local\temp
    2012-06-17 05:21 . 2012-06-17 05:22 -------- d-----w- c:\users\Eilnae
    2012-06-13 03:12 . 2012-06-13 03:12 128625 ----a-w- c:\windows\system32\bda5DE3.tmp
    2012-06-09 07:55 . 2012-06-09 07:55 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-06-04 16:40 . 2012-06-04 16:40 -------- d-----w- c:\users\Bethany\AppData\Roaming\Malwarebytes
    2012-06-04 16:39 . 2012-06-04 16:39 -------- d-----w- c:\programdata\Malwarebytes
    2012-06-04 16:39 . 2012-06-04 16:40 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2012-06-04 16:39 . 2012-04-04 20:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-01 06:35 . 2012-06-01 06:35 -------- d-----w- c:\programdata\BDLogging
    2012-06-01 06:12 . 2012-06-01 06:12 79952 ----a-w- c:\windows\system32\drivers\bdsandbox.sys
    2012-06-01 06:11 . 2012-06-01 06:11 545064 ----a-w- c:\windows\system32\drivers\avckf.sys
    2012-06-01 06:10 . 2012-06-01 06:10 691896 ----a-w- c:\windows\system32\drivers\avc3.sys
    2012-05-31 16:30 . 2012-05-31 16:30 8769696 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-31 16:14 . 2012-05-31 16:14 -------- d-----w- c:\program files (x86)\Common Files\Java
    2012-05-31 16:14 . 2012-05-31 16:13 476960 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
    2012-05-31 16:13 . 2012-05-31 16:13 -------- d-----w- c:\program files (x86)\Java
    2012-05-31 16:07 . 2012-06-01 04:13 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-30 07:26 . 2012-05-30 07:27 -------- d-----w- c:\users\Bethany\AppData\Roaming\Musicnotes
    2012-05-30 07:26 . 2012-05-30 07:26 -------- d-----w- c:\programdata\Musicnotes
    2012-05-30 05:22 . 2012-05-30 06:02 -------- d-----w- c:\program files (x86)\EASEUS
    2012-05-30 04:58 . 2012-05-30 04:58 -------- d-----w- c:\programdata\ParetoLogic
    2012-05-30 04:55 . 2012-05-30 04:55 -------- d-----w- c:\programdata\Cached Installations
    2012-05-29 18:41 . 2012-05-29 18:42 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
    2012-05-29 18:41 . 2012-05-29 18:41 157352 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
    2012-05-29 18:41 . 2012-05-29 18:41 129976 ----a-w- c:\program files (x86)\Mozilla Firefox\maintenanceservice.exe
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-06-18 16:34 . 2012-06-17 04:53 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5CA3C14C-D645-4F8E-8662-D632BCF325D2}\offreg.dll
    2012-06-01 04:13 . 2011-12-02 21:11 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-31 16:13 . 2010-11-22 23:14 472864 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-04-02 05:34 . 2012-05-14 03:31 5504880 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-04-02 04:46 . 2012-05-14 03:30 3902320 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
    2012-04-02 04:46 . 2012-05-14 03:30 3958128 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
    2012-04-02 03:01 . 2012-05-14 03:30 3143680 ----a-w- c:\windows\system32\win32k.sys
    2012-03-30 11:09 . 2012-05-14 03:30 1895280 ----a-w- c:\windows\system32\drivers\tcpip.sys
    .
    .
    ((((((((((((((((((((((((((((( SnapShot@2011-12-27_23.56.15 )))))))))))))))))))))))))))))))))))))))))

    Edit: Excess Snapshot entries deleted. Total of 8 full posts following were included.
    Nordox3432, Jun 18, 2012
    #21

  2. Nordox3432 Newcomer, in training Posts: 22

    Edit: Excess Snapshot entries have been deleted.
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-22 39408]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-10 336384]
    "TWebCamera"="c:\program files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-11-02 2475384]
    "ToshibaServiceStation"="c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-07-01 1295224]
    "NortonOnlineBackupReminder"="c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" [2010-08-17 3218792]
    "ToshibaAppPlace"="c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 552960]
    "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
    "Freecorder FLV Service"="c:\program files (x86)\Freecorder\FLVSrvc.exe" [2011-03-24 167936]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
    .
    c:\users\Bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MagicDisc.lnk - c:\program files (x86)\MagicDisc\MagicDisc.exe [2011-5-2 576000]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv
    .
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-01 257696]
    R3 avckf;avckf;c:\windows\system32\DRIVERS\avckf.sys [x]
    R3 bdsandbox;bdsandbox;c:\windows\system32\drivers\bdsandbox.sys [x]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 136176]
    R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-05-29 129976]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 174440]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
    R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 466736]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 avc3;avc3;c:\windows\system32\DRIVERS\avc3.sys [x]
    S1 bdfwfpf;bdfwfpf;c:\program files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-15 103504]
    S1 BDVEDISK;BDVEDISK;c:\windows\system32\DRIVERS\bdvedisk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
    S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe [2010-10-20 115056]
    S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe [2009-08-24 126392]
    S2 UPDATESRV;BitDefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-06-01 66096]
    S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 avchv;avchv Function Driver;c:\windows\system32\DRIVERS\avchv.sys [x]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
    S3 FwLnk;FwLnk Driver;c:\windows\system32\DRIVERS\FwLnk.sys [x]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x]
    S3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-07-01 51576]
    S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560]
    .
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-31 04:13]
    .
    2012-06-17 c:\windows\Tasks\At1.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At11.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At13.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At15.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At17.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At19.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-12 c:\windows\Tasks\At21.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At23.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-18 c:\windows\Tasks\At25.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At27.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-18 c:\windows\Tasks\At29.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-08 c:\windows\Tasks\At3.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At31.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At33.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-11 c:\windows\Tasks\At35.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At37.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-07 c:\windows\Tasks\At39.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-07 c:\windows\Tasks\At41.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At43.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-06 c:\windows\Tasks\At45.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-12 c:\windows\Tasks\At47.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At5.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At7.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-01 c:\windows\Tasks\At9.job
    - c:\windows\system32\Y8Uj0v.com [2011-12-02 21:22]
    .
    2012-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38]
    .
    2012-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38]
    .
    2012-06-01 c:\windows\Tasks\ParetoLogic Registration.job
    - c:\windows\system32\rundll32.exe [2009-07-13 01:14]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 307768]
    "ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
    "SmartFaceVWatcher"="c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
    "TPwrMain"="c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
    "SmoothView"="c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
    "00TCrdMain"="c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
    "TosVolRegulator"="c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 24376]
    "TosSENotify"="c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 709976]
    "TosNC"="c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
    "TosReelTimeMonitor"="c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
    "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]
    "BDAgent"="c:\program files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-06-01 1067256]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uStart Page = about:blank
    mStart Page = about:blank
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Add to TOSHIBA Bulletin Board - c:\program files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
    IE: {{97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} -
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - c:\users\Bethany\AppData\Roaming\Mozilla\Firefox\Profiles\g18bkup8.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1307415405&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB1&ctid=CT1060933&SearchSource=2&q=
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false
    .
    - - - - ORPHANS REMOVED - - - -
    .
    URLSearchHooks-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    Toolbar-Locked - (no file)
    Toolbar-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
    Toolbar-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    WebBrowser-{1392B8D2-5C05-419F-A8F6-B9F15A596612} - (no file)
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
    "ImagePath"="\"c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\ccSvcHst.exe\" /s \"PCCUJobMgr\" /m \"c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\diMaster.dll\" /prefetch:1"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_USERS\.Default\Software\SetId\Internal]
    @Denied: (A 2) (LocalSystem)
    "DEVICE2"="vcvIsaaxyAA="
    "DATA2"="<settings accountStatus=\"4\" oldDevice=\"\" timeDiff=\"1106312873\" expireTime=\"1309830893\" productStatus=\"1\" obSize=\"0\" InstallSTD=\"1289332796\" isSubsc=\"0\" authStat_av=\"0\" version=\"14.1\" keyType=\"194\" prodId=\"3\" moduleId1=\"9\" moduleId2=\"0\" relType=\"1\" />"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.11"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker4"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    .
    **************************************************************************
    .
    Completion time: 2012-06-18 14:10:34 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-06-18 19:10
    ComboFix2.txt 2011-12-28 00:10
    .
    Pre-Run: 123,271,667,712 bytes free
    Post-Run: 123,383,304,192 bytes free
    .
    - - End Of File - - 23E7925A4A8C978B0C799581C82244F7
    Nordox3432, Jun 18, 2012
    #22

  3. Nordox3432 Newcomer, in training Posts: 22

    CKScanner - Additional Security Risks - These are not necessarily bad
    c:\program files (x86)\gimp-2.0\share\gimp\2.0\patterns\cracked.pat
    scanner sequence 3.AP.11.TRBBRU
    ----- EOF -----





    Results of screen317's Security Check version 0.99.42
    Windows 7 x64 (UAC is enabled)
    Out of date service pack!!
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Bitdefender Antivirus
    Antivirus out of date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.61.0.1400
    Java(TM) 6 Update 32
    Java version out of Date!
    Adobe Flash Player 11.2.202.235 Flash Player out of Date!
    Adobe Reader 9 Adobe Reader out of Date!
    Mozilla Firefox 12.0 Firefox out of Date!
    Google Chrome 19.0.1084.52
    Google Chrome 19.0.1084.56
    ````````Process Check: objlist.exe by Laurent````````
    Norton ccSvcHst.exe
    Malwarebytes Anti-Malware mbamservice.exe
    Malwarebytes Anti-Malware mbamgui.exe
    Bitdefender Bitdefender 2012 vsserv.exe
    Bitdefender Bitdefender 2012 bdagent.exe
    Bitdefender Bitdefender 2012 updatesrv.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 9%
    ````````````````````End of Log``````````````````````
    Nordox3432, Jun 18, 2012
    #23

  4. Bobbye Helper on the Fringe Posts: 16,406   +16

    About advice from friends when it comes to removing malware from computer: The less you take, the better. All of the firums have stickys telling users not to use Combofix unless directed to do so by their helper- who will also assist them with the results!
    ==========================================
    1) Please update the following:
    Note: Check each download screen for any pre-checked Toolbars or BHOs. Uncheck them before the download.

    1. Windows 7 Service Pack: Windows Updates. You should get All updates marked Critical and the current SP updates.
    2. Bit Defender
    3. Adobe Flash>> Flash Player Update without any extras
    Win 32-bit IE> http://fpdownload.macromedia.com/pu...in/install_flash_player_11_active_x_32bit.exe
    Win32-bit other> http://fpdownload.macromedia.com/pu.../win/install_flash_player_11_plugin_32bit.exe
    Win 64-bit IE: http://fpdownload.macromedia.com/pu...in/install_flash_player_11_active_x_64bit.exe
    Win 64-bit Other http://fpdownload.macromedia.com/pu.../win/install_flash_player_11_plugin_64bit.exe
    4. Adobe Reader>> Adobe Reader Update
    5. Java>> Java Updates .
    6. Firefox
    Uninstall all outdated versions of the above as they are vunerabilities to the system.
    ===============================================
    2) Delete the Following Scheduled Tasks:
    Access Scheduled Tasks with Click on Start> All Programs> Accessories> System Tools> Scheduled Tasks.
    1. c:\windows\Tasks\Adobe Flash Player Updater
    2. c:\windows\Tasks\ParetoLogic Registration >> this is spyware
    To delete a task> right-click the task> click Delete.
    ==============================================
    3) You have Norton PC Checkup on the system, a known high resource user. This is a program downloaded either separately or as a bundle with updates to Adobe Flash, or in this care, bundled and preloaded by Toshiba. I'd like to remove these processes, okay?

    There are 3 entries for this running:
    1. Toshiba NortonOnlineBackupReminder to activate
    2. Toshiba Norton PC Checkup Application Launcher
    3. Norton ccSvcHst.exe which run it and uses 50-100% of the system resources
    mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
    S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe [2011-1-17 115056]

    Let me know on this please.
    ===================================================
    4. Firefox Keyword Reset:

    • [1]. Open FireFox and instead of a url, type about:config in the Address Bar.
      [2]. Firefox will give you a warning, but go in anyway.
      [3]. Locate the keyword.url line. It should look like the image below.
      [IMG]
      [4]. Right click on keyword.url, then select Reset
    ======================================================
    5) Have you intentionally set these pages to come up blank?
    Bobbye, Jun 19, 2012
    #24

  5. Nordox3432 Newcomer, in training Posts: 22

    Thank you for your help. I'll finish updating ASAP, and I already finished steps 2 and 4. I haven't had any problems so far. And no I did not set those pages to intentionally come up blank.
    Nordox3432, Jun 20, 2012
    #25

  6. Bobbye Helper on the Fringe Posts: 16,406   +16

    The Start pages do not have any URL set. You need to go to the site you want for your home page> click on Tools> Options or Internet Options> Find the Homepage section and click on Use current.

    I write script to run through Combofix tomorrow AM.
    Bobbye, Jun 21, 2012
    #26
     

  7. Bobbye Helper on the Fringe Posts: 16,406   +16

    Please be sure to complete everything in my Reply #24.

    nordox
    Please run this Custom CFScript:

    • [1]. Close any open browsers.
      [2]. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
      [3]. Open notepad> click on Format> Uncheck 'Word Wrap> and copy/paste the text in the code below into it:
    Code:
    File::
c:\windows\system32\bda5DE3.tmp
c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe 
Folder::
c:\programdata\ParetoLogic
c:\programdata\Cached Installations
DDS::
uStart Page = about:blank
mStart Page = about:blank
uURLSearchHooks: H - No File
mURLSearchHooks: H - No File
mURLSearchHooks: H - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
TB-X64: {90b49673-5506-483e-b92b-ca0265bd9ca8} - No File
TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
At.Job::
File::
c:\windows\system32\Y8Uj0v.com
Extra::
File::
Firefox::
Firefox-: - Profile - c:\users\Bethany\AppData\Roaming\Mozilla\Firefox\Profiles\g18bkup8.default\
Firefox-: - prefs.js - Searxh.DefaultURL
Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NortonOnlineBackupReminder"=-
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr]
"ImagePath"=-

Clearjavacache::

Driver::
Norton PC Checkup Application Launcher
    Save this as CFScript.txt, in the same location as ComboFix.exe
    [IMG]

    Referring to the picture above, drag CFScript into ComboFix.exe

    When finished, it will produce a log for you at C:\ComboFix.txt . Please paste into to your next reply.
    ====================
    Please leave the new Combofix log after you run the script.
    I'd like to finish this u in the next day or two.
    Bobbye, Jun 22, 2012
    #27

  8. Nordox3432 Newcomer, in training Posts: 22

    I have the log, but my internet connection won't work. I'll post it as soon as I can get it to connect. I'm logged in from another computer.
    Nordox3432, Jun 25, 2012
    #28

  9. Bobbye Helper on the Fringe Posts: 16,406   +16

    Please fill me in on the loss of the internet connection.
    When did that happen?
    Any error messages?
    What was the last thing you did before you lost the connection?
    There haven't been any connections problems so far have there?

    Can you connect a flash drive to the system and download the log to it- then connect to the other computer to paste it here? I may see a problem noted in that log that I can help with.
    Bobbye, Jun 25, 2012
    #29

  10. Nordox3432 Newcomer, in training Posts: 22

    Okay. Somehow I managed to fix it by resetting the router a few times. Not sure exactly what the issue was. It happened right after I restarted the computer and got the combofix log. I said it was connected with no access, and this was the first time thathas happened. Here is the log:
    ComboFix 12-06-16.02 - Bethany 06/25/2012 13:55:23.3.1 - x64
    Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.2663.1620 [GMT -5:00]
    Running from: C:\Users\Bethany\Downloads\ComboFix.exe
    Command switches used :: C:\Users\Bethany\Downloads\CFscript.txt
    AV: Bitdefender Antivirus *Disabled/Outdated* {50909708-FF80-02AF-F814-B28405891E92}
    FW: Bitdefender Firewall *Disabled* {68AB162D-B5EF-03F7-D34B-1BB1FB5A59E9}
    SP: Bitdefender Antispyware *Disabled/Outdated* {EBF176EC-D9BA-0D21-C2A4-89F67E0E542F}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    - REDUCED FUNCTIONALITY MODE -

    FILE ::
    "c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe"
    "c:\windows\system32\bda5DE3.tmp"
    "c:\windows\system32\Y8Uj0v.com"


    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    c:\program files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe
    C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
    c:\programdata\Cached Installations
    c:\programdata\Cached Installations\{E472E726-B8D2-4B6D-9A37-0AE08EA2B042}\ParetoLogic Data Recovery.msi
    c:\programdata\ParetoLogic
    c:\programdata\ParetoLogic\UUS2\Temp\Update.exe
    c:\windows\system32\bda5DE3.tmp


    ((((((((((((((((((((((((( Files Created from 2012-05-25 to 2012-06-25 )))))))))))))))))))))))))))))))


    2012-06-25 18:59:39 . 2012-06-25 18:59:39 -------- d-----w- C:\Users\Public\AppData\Local\temp
    2012-06-25 18:59:39 . 2012-06-25 18:59:39 -------- d-----w- C:\Users\Default\AppData\Local\temp
    2012-06-24 08:44:21 . 2012-06-24 08:44:21 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
    2012-06-24 08:44:21 . 2012-06-24 08:44:21 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
    2012-06-22 21:26:13 . 2012-05-31 04:04:02 9013136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{80ED8195-95AC-4EFF-8678-D0751C866A8C}\mpengine.dll
    2012-06-19 08:01:59 . 2012-05-18 01:58:39 1494528 ----a-w- C:\windows\system32\inetcpl.cpl
    2012-06-18 22:00:04 . 2012-04-24 04:47:04 139264 ----a-w- C:\windows\SysWow64\cryptsvc.dll
    2012-06-18 22:00:04 . 2012-04-24 04:47:04 103936 ----a-w- C:\windows\SysWow64\cryptnet.dll
    2012-06-18 22:00:03 . 2012-04-24 04:47:03 1156608 ----a-w- C:\windows\SysWow64\crypt32.dll
    2012-06-18 21:59:36 . 2012-04-24 05:59:45 182272 ----a-w- C:\windows\system32\cryptsvc.dll
    2012-06-18 21:59:36 . 2012-04-24 05:59:45 1460224 ----a-w- C:\windows\system32\crypt32.dll
    2012-06-18 21:59:36 . 2012-04-24 05:59:45 140288 ----a-w- C:\windows\system32\cryptnet.dll
    2012-06-18 21:55:19 . 2012-06-02 22:19:42 57880 ----a-w- C:\windows\system32\wuauclt.exe
    2012-06-18 21:55:19 . 2012-06-02 22:19:42 44056 ----a-w- C:\windows\system32\wups2.dll
    2012-06-18 21:55:19 . 2012-06-02 22:15:31 2622464 ----a-w- C:\windows\system32\wucltux.dll
    2012-06-18 21:55:18 . 2012-06-02 22:19:43 2428952 ----a-w- C:\windows\system32\wuaueng.dll
    2012-06-18 21:54:43 . 2012-06-02 22:19:46 38424 ----a-w- C:\windows\system32\wups.dll
    2012-06-18 21:54:43 . 2012-06-02 22:19:23 701976 ----a-w- C:\windows\system32\wuapi.dll
    2012-06-18 21:54:43 . 2012-06-02 22:15:08 99840 ----a-w- C:\windows\system32\wudriver.dll
    2012-06-18 21:54:14 . 2012-06-02 20:19:42 186752 ----a-w- C:\windows\system32\wuwebv.dll
    2012-06-18 21:54:14 . 2012-06-02 20:15:12 36864 ----a-w- C:\windows\system32\wuapp.exe
    2012-06-18 19:32:28 . 2012-05-02 05:32:43 208896 ----a-w- C:\windows\system32\profsvc.dll
    2012-06-18 19:32:24 . 2012-05-04 10:52:22 5505392 ----a-w- C:\windows\system32\ntoskrnl.exe
    2012-06-18 19:32:21 . 2012-05-04 10:08:16 3958128 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe
    2012-06-18 19:32:21 . 2012-05-04 10:08:15 3902320 ----a-w- C:\windows\SysWow64\ntoskrnl.exe
    2012-06-18 19:32:15 . 2012-05-15 01:32:20 3144192 ----a-w- C:\windows\system32\win32k.sys
    2012-06-18 19:32:12 . 2012-04-28 03:50:40 204800 ----a-w- C:\windows\system32\drivers\rdpwd.sys
    2012-06-18 19:32:09 . 2012-04-07 12:18:36 3213824 ----a-w- C:\windows\system32\msi.dll
    2012-06-18 19:32:08 . 2012-04-07 11:34:37 2342400 ----a-w- C:\windows\SysWow64\msi.dll
    2012-06-18 19:29:58 . 2012-04-26 05:34:37 149504 ----a-w- C:\windows\system32\rdpcorekmts.dll
    2012-06-18 19:29:57 . 2012-04-26 05:34:38 76288 ----a-w- C:\windows\system32\rdpwsx.dll
    2012-06-18 19:29:57 . 2012-04-26 05:28:32 9216 ----a-w- C:\windows\system32\rdrmemptylst.exe
    2012-06-17 05:21:55 . 2012-06-17 05:22:06 -------- d-----w- C:\Users\Eilnae
    2012-06-09 07:55:05 . 2012-06-09 07:55:05 -------- d-----w- C:\TDSSKiller_Quarantine
    2012-06-04 16:40:35 . 2012-06-04 16:40:35 -------- d-----w- C:\Users\Bethany\AppData\Roaming\Malwarebytes
    2012-06-04 16:39:18 . 2012-06-04 16:39:18 -------- d-----w- C:\ProgramData\Malwarebytes
    2012-06-04 16:39:15 . 2012-06-04 16:40:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2012-06-04 16:39:15 . 2012-04-04 20:56:40 24904 ----a-w- C:\windows\system32\drivers\mbam.sys
    2012-06-01 06:35:49 . 2012-06-01 06:35:49 -------- d-----w- C:\ProgramData\BDLogging
    2012-06-01 06:12:00 . 2012-06-01 06:12:00 79952 ----a-w- C:\windows\system32\drivers\bdsandbox.sys
    2012-06-01 06:11:18 . 2012-06-01 06:11:18 545064 ----a-w- C:\windows\system32\drivers\avckf.sys
    2012-06-01 06:10:54 . 2012-06-01 06:10:54 691896 ----a-w- C:\windows\system32\drivers\avc3.sys
    2012-05-31 16:30:18 . 2012-05-31 16:30:18 8769696 ----a-w- C:\windows\SysWow64\FlashPlayerInstaller.exe
    2012-05-31 16:14:46 . 2012-05-31 16:14:46 -------- d-----w- C:\Program Files (x86)\Common Files\Java
    2012-05-31 16:14:10 . 2012-05-31 16:13:47 476960 ----a-w- C:\windows\SysWow64\npdeployJava1.dll
    2012-05-31 16:13:42 . 2012-05-31 16:13:42 -------- d-----w- C:\Program Files (x86)\Java
    2012-05-31 16:07:50 . 2012-06-01 04:13:58 419488 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
    2012-05-30 07:26:17 . 2012-05-30 07:27:27 -------- d-----w- C:\Users\Bethany\AppData\Roaming\Musicnotes
    2012-05-30 07:26:12 . 2012-05-30 07:26:12 -------- d-----w- C:\ProgramData\Musicnotes
    2012-05-30 05:22:29 . 2012-05-30 06:02:34 -------- d-----w- C:\Program Files (x86)\EASEUS
    2012-05-29 18:41:57 . 2012-06-24 08:44:38 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
    2012-05-29 18:41:51 . 2012-06-24 08:44:22 157608 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
    2012-05-29 18:41:51 . 2012-06-24 08:44:22 113120 ----a-w- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
    .


    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

    2012-06-01 04:13:58 . 2011-12-02 21:11:22 70304 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-05-31 16:13:47 . 2010-11-22 23:14:23 472864 ----a-w- C:\windows\SysWow64\deployJava1.dll
    2012-03-30 11:09:53 . 2012-05-14 03:30:32 1895280 ----a-w- C:\windows\system32\drivers\tcpip.sys


    ((((((((((((((((((((((((((((( SnapShot_2012-06-18_18.59.23 )))))))))))))))))))))))))))))))))))))))))

    + 2012-06-19 08:02:09 . 2012-05-17 22:25:17 73216 C:\windows\SysWOW64\mshtmled.dll
    + 2012-06-19 08:01:57 . 2012-05-17 22:31:16 65024 C:\windows\SysWOW64\jsproxy.dll
    - 2012-04-19 11:44:26 . 2012-02-28 01:08:15 65024 C:\windows\SysWOW64\jsproxy.dll
    - 2009-07-14 04:46:26 . 2012-06-12 03:39:27 80352 C:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    + 2009-07-14 04:46:26 . 2012-06-22 20:49:18 80352 C:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:07 87408 C:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    - 2012-05-29 05:12:59 . 2012-05-29 05:12:59 87408 C:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsFormsIntegration\v4.0_4.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:06 93024 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    - 2012-05-29 05:12:58 . 2012-05-29 05:12:58 93024 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationTypes\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:06 35688 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    - 2012-05-29 05:12:58 . 2012-05-29 05:12:58 35688 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationProvider\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
    - 2012-05-29 05:12:59 . 2012-05-29 05:12:59 11120 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    + 2012-06-19 08:24:07 . 2012-06-19 08:24:07 11120 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Serialization.dll
    - 2012-05-29 05:12:59 . 2012-05-29 05:12:59 17784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:06 17784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Presentation\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Presentation.dll
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:06 58240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    - 2012-05-29 05:12:58 . 2012-05-29 05:12:58 58240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Input.Manipulations\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Input.Manipulations.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 44920 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    + 2012-06-19 08:23:55 . 2012-06-19 08:23:55 44920 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.ApplicationServices\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.ApplicationServices.dll
    - 2012-05-29 05:12:52 . 2012-05-29 05:12:52 37240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 37240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Channels\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Channels.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 64352 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    + 2012-06-19 08:23:55 . 2012-06-19 08:23:55 64352 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Numerics\v4.0_4.0.0.0__b77a5c561934e089\System.Numerics.dll
    + 2012-06-19 08:23:55 . 2012-06-19 08:23:55 51032 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 51032 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Device\v4.0_4.0.0.0__b77a5c561934e089\System.Device.dll
    - 2012-05-29 05:12:45 . 2012-05-29 05:12:45 50552 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    + 2012-06-19 08:23:53 . 2012-06-19 08:23:53 50552 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.DataSetExtensions\v4.0_4.0.0.0__b77a5c561934e089\System.Data.DataSetExtensions.dll
    + 2012-06-19 08:23:47 . 2012-06-19 08:23:47 81784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    - 2012-05-29 05:12:38 . 2012-05-29 05:12:38 81784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration.Install\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    - 2012-05-29 05:12:44 . 2012-05-29 05:12:44 81800 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-19 08:23:52 . 2012-06-19 08:23:52 81800 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.DataAnnotations\v4.0_4.0.0.0__31bf3856ad364e35\System.ComponentModel.DataAnnotations.dll
    + 2012-06-19 08:23:51 . 2012-06-19 08:23:51 39784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-05-29 05:12:43 . 2012-05-29 05:12:43 39784 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn.Contract\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.AddIn.Contract.dll
    - 2012-05-29 05:12:49 . 2012-05-29 05:12:49 68952 C:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    + 2012-06-19 08:23:57 . 2012-06-19 08:23:57 68952 C:\windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll
    - 2012-05-29 05:12:49 . 2012-05-29 05:12:49 62880 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    + 2012-06-19 08:23:57 . 2012-06-19 08:23:57 62880 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.ApplicationServer.Applications\v4.0_4.0.0.0__31bf3856ad364e35\Microsoft.Windows.ApplicationServer.Applications.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 12128 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2012-05-29 05:12:37 . 2012-05-29 05:12:38 12128 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualC\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    + 2012-06-19 08:23:56 . 2012-06-19 08:23:56 97680 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 97680 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 17240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    - 2012-05-29 05:12:36 . 2012-05-29 05:12:36 17240 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2012-06-19 08:23:44 . 2012-06-19 08:23:44 94552 C:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    - 2012-05-29 05:12:32 . 2012-05-29 05:12:32 94552 C:\windows\Microsoft.NET\assembly\GAC_64\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 91488 C:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2012-05-29 05:12:36 . 2012-05-29 05:12:36 91488 C:\windows\Microsoft.NET\assembly\GAC_64\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2012-06-19 08:23:17 . 2012-06-19 08:23:17 78168 C:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    - 2012-05-29 05:12:03 . 2012-05-29 05:12:03 78168 C:\windows\Microsoft.NET\assembly\GAC_32\ISymWrapper\v4.0_4.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2012-06-19 08:23:20 . 2012-06-19 08:23:20 81248 C:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2012-05-29 05:12:05 . 2012-05-29 05:12:05 81248 C:\windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2011-06-06 22:09:23 . 2012-06-19 08:05:39 34144 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\oisicon.exe
    - 2011-06-06 22:09:23 . 2012-05-29 16:12:35 34144 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\oisicon.exe
    - 2011-06-06 22:09:23 . 2012-05-29 16:12:35 42848 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\msouc.exe
    + 2011-06-06 22:09:23 . 2012-06-19 08:05:39 42848 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\msouc.exe
    + 2011-06-06 22:09:23 . 2012-06-19 08:05:39 19296 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\cagicon.exe
    - 2011-06-06 22:09:23 . 2012-05-29 16:12:35 19296 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\cagicon.exe
    - 2011-06-24 23:04:20 . 2012-05-29 16:12:13 34144 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\oisicon.exe
    + 2011-06-24 23:04:20 . 2012-06-19 08:04:59 34144 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\oisicon.exe
    + 2011-06-24 23:04:20 . 2012-06-19 08:04:59 42848 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\msouc.exe
    - 2011-06-24 23:04:20 . 2012-05-29 16:12:13 42848 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\msouc.exe
    + 2011-06-24 23:04:20 . 2012-06-19 08:04:59 19296 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\cagicon.exe
    - 2011-06-24 23:04:20 . 2012-05-29 16:12:13 19296 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\cagicon.exe
    + 2012-06-20 00:04:21 . 2012-06-20 00:04:21 54784 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\0e8a192d6df9aa905653ddce81fa3895\System.Web.DynamicData.Design.ni.dll
    + 2012-06-20 00:15:07 . 2012-06-20 00:15:07 47616 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveWriter\86b25cd3802c2b6b36ed86d5c0500505\WindowsLiveWriter.ni.exe
    + 2012-06-20 00:15:34 . 2012-06-20 00:15:34 99840 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\febee1108905a882d857ac65c80d41f3\WindowsLive.Writer.Api.ni.dll
    + 2012-06-20 00:19:57 . 2012-06-20 00:19:57 36864 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\f5c5517bf252bf6c4d8de833d2111309\System.Web.DynamicData.Design.ni.dll
    - 2012-06-15 18:08:23 . 2012-06-18 18:58:09 2048 C:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2012-06-25 19:01:15 . 2012-06-25 19:32:45 2048 C:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2012-06-15 18:08:23 . 2012-06-18 18:58:09 2048 C:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-06-25 19:01:15 . 2012-06-25 19:32:45 2048 C:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2012-06-19 08:02:08 . 2012-05-17 22:33:08 231936 C:\windows\SysWOW64\url.dll
    - 2012-04-19 11:44:31 . 2012-02-28 01:09:51 231936 C:\windows\SysWOW64\url.dll
    + 2012-06-19 08:01:58 . 2012-05-17 22:29:30 716800 C:\windows\SysWOW64\jscript.dll
    - 2012-04-19 11:44:29 . 2012-02-28 01:06:48 716800 C:\windows\SysWOW64\jscript.dll
    - 2012-03-04 16:17:26 . 2012-03-04 16:17:26 142848 C:\windows\SysWOW64\ieUnatt.exe
    + 2012-06-19 08:02:02 . 2012-05-17 22:29:45 142848 C:\windows\SysWOW64\ieUnatt.exe
    - 2012-04-19 11:44:30 . 2012-02-28 00:59:59 176640 C:\windows\SysWOW64\ieui.dll
    + 2012-06-19 08:02:05 . 2012-05-17 22:20:42 176640 C:\windows\SysWOW64\ieui.dll
    + 2009-07-14 05:01:48 . 2012-06-25 19:00:19 344136 C:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    - 2009-07-14 05:01:48 . 2012-06-15 17:27:39 344136 C:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
    + 2012-04-21 16:03:36 . 2012-04-21 16:03:36 616024 C:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Drawing.dll
    - 2012-04-13 02:05:12 . 2012-01-26 23:32:18 630784 C:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
    + 2012-06-18 19:30:14 . 2012-04-23 22:38:23 630784 C:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Drawing.dll
    + 2012-04-21 16:03:36 . 2012-04-21 16:03:36 616024 C:\windows\Microsoft.NET\Framework\v4.0.30319\System.Drawing.dll
    + 2012-06-18 19:30:15 . 2012-04-23 22:37:48 630784 C:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
    - 2012-04-13 02:05:12 . 2012-01-26 23:35:31 630784 C:\windows\Microsoft.NET\Framework\v2.0.50727\System.Drawing.dll
    + 2012-06-19 08:24:05 . 2012-06-19 08:24:05 350592 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
    - 2012-05-29 05:12:57 . 2012-05-29 05:12:57 350592 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClientsideProviders\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClientsideProviders.dll
    - 2012-05-29 05:12:57 . 2012-05-29 05:12:57 163168 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
    + 2012-06-19 08:24:05 . 2012-06-19 08:24:05 163168 C:\windows\Microsoft.NET\assembly\GAC_MSIL\UIAutomationClient\v4.0_4.0.0.0__31bf3856ad364e35\UIAutomationClient.dll
    + 2012-06-19 08:23:55 . 2012-06-19 08:23:55 138592 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 138592 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Xml.Linq.dll
    + 2012-06-19 08:24:02 . 2012-06-19 08:24:02 699224 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
    - 2012-05-29 05:12:54 . 2012-05-29 05:12:54 699224 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xaml\v4.0_4.0.0.0__b77a5c561934e089\System.Xaml.dll
    + 2012-06-19 08:24:02 . 2012-06-19 08:24:02 857960 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    - 2012-05-29 05:12:53 . 2012-05-29 05:12:53 857960 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Services\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    - 2012-05-29 05:12:54 . 2012-05-29 05:12:54 675672 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
    + 2012-06-19 08:24:02 . 2012-06-19 08:24:02 675672 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Speech\v4.0_4.0.0.0__31bf3856ad364e35\System.Speech.dll
    + 2012-06-19 08:23:50 . 2012-06-19 08:23:50 113512 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    - 2012-05-29 05:12:42 . 2012-05-29 05:12:42 113512 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    - 2012-05-29 05:12:52 . 2012-05-29 05:12:52 129912 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 129912 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Routing\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Routing.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 390008 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
    - 2012-05-29 05:12:52 . 2012-05-29 05:12:52 390008 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Discovery\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Discovery.dll
    + 2012-06-19 08:24:00 . 2012-06-19 08:24:00 505208 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
    - 2012-05-29 05:12:52 . 2012-05-29 05:12:52 505208 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Activities.dll
    + 2012-06-19 08:23:50 . 2012-06-19 08:23:50 261472 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    - 2012-05-29 05:12:42 . 2012-05-29 05:12:42 261472 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    - 2012-05-29 05:12:53 . 2012-05-29 05:12:53 122264 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 122264 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 291184 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    - 2012-05-29 05:12:53 . 2012-05-29 05:12:53 291184 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Remoting\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    - 2012-05-29 05:12:51 . 2012-05-29 05:12:51 349568 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
    + 2012-06-19 08:23:59 . 2012-06-19 08:23:59 349568 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Runtime.DurableInstancing.dll
    + 2012-06-19 08:23:54 . 2012-06-19 08:23:54 236880 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 236880 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Net\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Net.dll
    - 2012-05-29 05:12:53 . 2012-05-29 05:12:53 253280 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    + 2012-06-19 08:24:01 . 2012-06-19 08:24:01 253280 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Messaging\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    + 2012-06-19 08:23:49 . 2012-06-19 08:23:49 378720 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    - 2012-05-29 05:12:41 . 2012-05-29 05:12:41 378720 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    + 2012-06-19 08:23:54 . 2012-06-19 08:23:54 134528 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
    - 2012-05-29 05:12:47 . 2012-05-29 05:12:47 134528 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Management.Instrumentation\v4.0_4.0.0.0__b77a5c561934e089\System.Management.Instrumentation.dll
    + 2012-06-19 08:23:58 . 2012-06-19 08:23:58 123736 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
    - 2012-05-29 05:12:50 . 2012-05-29 05:12:50 123736 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Log\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.IO.Log.dll
    + 2012-06-19 08:23:58 . 2012-06-19 08:23:58 392552 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
    - 2012-05-29 05:12:50 . 2012-05-29 05:12:50 392552 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
    - 2012-05-29 05:12:50 . 2012-05-29 05:12:50 125816 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
    + 2012-06-19 08:23:58 . 2012-06-19 08:23:58 125816 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel.Selectors\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.Selectors.dll
    - 2012-05-29 05:12:35 . 2012-05-29 05:12:35 120152 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 120152 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll
    + 2012-06-19 08:23:49 . 2012-06-19 08:23:49 616024 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    - 2012-05-29 05:12:40 . 2012-05-29 05:12:40 395120 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    + 2012-06-19 08:23:48 . 2012-06-19 08:23:48 395120 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    - 2012-05-29 05:12:40 . 2012-05-29 05:12:40 182144 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
    + 2012-06-19 08:23:48 . 2012-06-19 08:23:48 182144 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.Protocols\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
    - 2012-05-29 05:12:40 . 2012-05-29 05:12:40 285072 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
    + 2012-06-19 08:23:48 . 2012-06-19 08:23:48 285072 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.DirectoryServices.AccountManagement\v4.0_4.0.0.0__b77a5c561934e089\System.DirectoryServices.AccountManagement.dll
    - 2012-05-29 05:12:40 . 2012-05-29 05:12:40 829280 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    + 2012-06-19 08:23:48 . 2012-06-19 08:23:48 829280 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Deployment\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    - 2012-05-29 05:12:40 . 2012-05-29 05:12:40 747360 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2012-06-19 08:23:47 . 2012-06-19 08:23:48 747360 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.SqlXml\v4.0_4.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2012-06-19 08:23:54 . 2012-06-19 08:23:54 436600 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
    - 2012-05-29 05:12:46 . 2012-05-29 05:12:46 436600 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Services.Client\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Services.Client.dll
    - 2012-05-29 05:12:46 . 2012-05-29 05:12:46 683872 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
    + 2012-06-19 08:23:54 . 2012-06-19 08:23:54 683872 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Linq\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Linq.dll
    - 2012-05-29 05:12:38 . 2012-05-29 05:12:38 409448 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    + 2012-06-19 08:23:47 . 2012-06-19 08:23:47 409448 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Configuration\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    - 2012-05-29 05:12:44 . 2012-05-29 05:12:44 210816 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
    + 2012-06-19 08:23:52 . 2012-06-19 08:23:52 210816 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ComponentModel.Composition\v4.0_4.0.0.0__b77a5c561934e089\System.ComponentModel.Composition.dll
    + 2012-06-19 08:23:52 . 2012-06-19 08:23:52 156440 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
    - 2012-05-29 05:12:44 . 2012-05-29 05:12:44 156440 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.AddIn\v4.0_4.0.0.0__b77a5c561934e089\System.AddIn.dll
    + 2012-06-19 08:23:58 . 2012-06-19 08:23:58 122248 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
    - 2012-05-29 05:12:50 . 2012-05-29 05:12:50 122248 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.DurableInstancing\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.DurableInstancing.dll
    - 2012-05-29 05:12:49 . 2012-05-29 05:12:49 525704 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
    + 2012-06-19 08:23:57 . 2012-06-19 08:23:57 525704 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Core.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Core.Presentation.dll
    - 2012-05-29 05:12:38 . 2012-05-29 05:12:38 112976 C:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2012-06-19 08:23:47 . 2012-06-19 08:23:47 112976 C:\windows\Microsoft.NET\assembly\GAC_MSIL\sysglobl\v4.0_4.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2012-06-19 08:24:06 . 2012-06-19 08:24:06 581464 C:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
    - 2012-05-29 05:12:58 . 2012-05-29 05:12:58 581464 C:\windows\Microsoft.NET\assembly\GAC_MSIL\ReachFramework\v4.0_4.0.0.0__31bf3856ad364e35\ReachFramework.dll
    - 2012-05-29 05:12:56 . 2012-05-29 05:12:56 832856 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
    + 2012-06-19 08:24:05 . 2012-06-19 08:24:05 832856 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationUI\v4.0_4.0.0.0__31bf3856ad364e35\PresentationUI.dll
    - 2012-05-29 05:12:56 . 2012-05-29 05:12:56 194424 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
    + 2012-06-19 08:24:04 . 2012-06-19 08:24:04 194424 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Royale\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Royale.dll
    + 2012-06-19 08:24:04 . 2012-06-19 08:24:04 478576 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
    - 2012-05-29 05:12:56 . 2012-05-29 05:12:56 478576 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Luna\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Luna.dll
    + 2012-06-19 08:24:04 . 2012-06-19 08:24:04 167288 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
    - 2012-05-29 05:12:56 . 2012-05-29 05:12:56 167288 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Classic\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Classic.dll
    + 2012-06-19 08:24:04 . 2012-06-19 08:24:04 232304 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
    - 2012-05-29 05:12:56 . 2012-05-29 05:12:56 232304 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework.Aero\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 661352 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    - 2012-05-29 05:12:37 . 2012-05-29 05:12:37 661352 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    - 2012-05-29 05:12:48 . 2012-05-29 05:12:48 349576 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    + 2012-06-19 08:23:56 . 2012-06-19 08:23:56 349576 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    - 2012-05-29 05:12:48 . 2012-05-29 05:12:48 387960 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
    + 2012-06-19 08:23:56 . 2012-06-19 08:23:56 387960 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Transactions.Bridge\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.dll
    + 2012-06-19 08:23:46 . 2012-06-19 08:23:46 746336 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    - 2012-05-29 05:12:37 . 2012-05-29 05:12:37 746336 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.JScript\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    + 2012-06-19 08:23:45 . 2012-06-19 08:23:45 505184 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
    - 2012-05-29 05:12:34 . 2012-05-29 05:12:34 505184 C:\windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll
    + 2012-06-19 08:24:02 . 2012-06-19 08:24:02 288616 C:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
    - 2012-05-29 05:12:53 . 2012-05-29 05:12:53 288616 C:\windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
    + 2012-06-19 08:24:02 . 2012-06-19 08:24:02 335712 C:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
    - 2012-05-29 05:12:54 . 2012-05-29 05:12:54 335712 C:\windows\Microsoft.NET\assembly\GAC_64\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
    - 2012-05-29 05:12:34 . 2012-05-29 05:12:34 125440 C:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    Nordox3432, Jun 27, 2012
    #30

  11. Nordox3432 Newcomer, in training Posts: 22

    + 2012-06-19 08:23:45 . 2012-06-19 08:23:45 125440 C:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2012-05-29 05:12:34 . 2012-05-29 05:12:34 237424 C:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2012-06-19 08:23:45 . 2012-06-19 08:23:45 237424 C:\windows\Microsoft.NET\assembly\GAC_64\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    - 2012-05-29 05:12:48 . 2012-05-29 05:12:48 187776 C:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
    + 2012-06-19 08:23:56 . 2012-06-19 08:23:56 187776 C:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
    + 2012-06-19 08:23:38 . 2012-06-19 08:23:38 269672 C:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
    - 2012-05-29 05:12:24 . 2012-05-29 05:12:24 269672 C:\windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
    - 2012-05-29 05:12:27 . 2012-05-29 05:12:27 334688 C:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
    + 2012-06-19 08:23:40 . 2012-06-19 08:23:40 334688 C:\windows\Microsoft.NET\assembly\GAC_32\System.Printing\v4.0_4.0.0.0__31bf3856ad364e35\System.Printing.dll
    + 2012-06-19 08:23:18 . 2012-06-19 08:23:18 109568 C:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2012-05-29 05:12:04 . 2012-05-29 05:12:04 109568 C:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2012-05-29 05:12:04 . 2012-05-29 05:12:04 246128 C:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2012-06-19 08:23:18 . 2012-06-19 08:23:18 246128 C:\windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    - 2012-05-29 05:12:17 . 2012-05-29 05:12:17 170368 C:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
    + 2012-06-19 08:23:33 . 2012-06-19 08:23:33 170368 C:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.Transactions.Bridge.Dtc\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.Transactions.Bridge.Dtc.dll
    - 2011-06-06 22:09:23 . 2012-05-29 16:12:35 571232 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\misc.exe
    + 2011-06-06 22:09:23 . 2012-06-19 08:05:39 571232 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\misc.exe
    + 2011-06-24 23:04:20 . 2012-06-19 08:04:59 571232 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\misc.exe
    - 2011-06-24 23:04:20 . 2012-05-29 16:12:13 571232 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\misc.exe
    + 2012-06-20 00:14:04 . 2012-06-20 00:14:04 337408 C:\windows\assembly\NativeImages_v4.0.30319_64\WindowsFormsIntegra#\08becdcc9bd647c4e4d07ceea7fe4895\WindowsFormsIntegration.ni.dll
    + 2012-06-20 00:13:25 . 2012-06-20 00:13:25 281088 C:\windows\assembly\NativeImages_v4.0.30319_64\System.ServiceProce#\ca5505a49a075ee7ad2535f89d9ea992\System.ServiceProcess.ni.dll
    + 2012-06-20 00:13:16 . 2012-06-20 00:13:16 781824 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Messaging\0d8257087be3e57b071d1d5ccd705c2f\System.Messaging.ni.dll
    + 2012-06-20 00:13:02 . 2012-06-20 00:13:02 181760 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Configuratio#\52792a7ce63196551c29f5201562c1ae\System.Configuration.Install.ni.dll
    + 2012-06-20 00:06:26 . 2012-06-20 00:06:26 232960 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\db2b738efe91eed6c4413faf44707248\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
    + 2012-06-20 00:06:32 . 2012-06-20 00:06:32 247808 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\b3b3284d16359533332c3424e1330c5c\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
    + 2012-06-20 00:06:30 . 2012-06-20 00:06:30 864768 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualStu#\13f2ca7a3f3c6cf653896f76a7b167b6\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
    + 2012-06-20 00:06:22 . 2012-06-20 00:06:22 422912 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\fc9d45f1361d9823c646afb111ffe211\Microsoft.VisualBasic.Compatibility.Data.ni.dll
    + 2012-06-20 00:05:20 . 2012-06-20 00:05:20 432128 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\f669d7c64bbabbc41a4dc0221b5e8fb9\Microsoft.Office.Tools.Common.ni.dll
    + 2012-06-20 00:05:44 . 2012-06-20 00:05:44 408576 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\bb8d2264f4d981464a0130304a27697a\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
    + 2012-06-20 00:05:41 . 2012-06-20 00:05:41 199680 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\90d90e963577dcdcf1474cb98bd76781\Microsoft.Office.Tools.Outlook.ni.dll
    + 2012-06-20 00:05:31 . 2012-06-20 00:05:31 993280 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\644f5d4e386c5f2d2602e7348cc8a4a5\Microsoft.Office.Tools.Excel.ni.dll
    + 2012-06-20 00:22:32 . 2012-06-20 00:22:32 253952 C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\44752ffa92ebb7170951a41898d8b9c6\WindowsFormsIntegration.ni.dll
    + 2012-06-20 00:22:13 . 2012-06-20 00:22:13 221696 C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\5552b27237c3dbe4f21a10e97adf2edc\System.ServiceProcess.ni.dll
    + 2012-06-20 00:22:05 . 2012-06-20 00:22:05 626176 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\a730931e386537e3c229e049c9a6d271\System.Messaging.ni.dll
    + 2012-06-20 00:21:54 . 2012-06-20 00:21:54 148480 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\c7d60a49e43964b1ae17e9a080376c6d\System.Configuration.Install.ni.dll
    + 2012-06-20 00:21:15 . 2012-06-20 00:21:15 708608 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\f120c1f17850a7b8d105f22907a09dd0\Microsoft.VisualStudio.Tools.Office.Runtime.ni.dll
    + 2012-06-20 00:21:13 . 2012-06-20 00:21:13 177152 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\740410269afdf2276525e1dfd870fee8\Microsoft.VisualStudio.Tools.Office.ContainerControl.ni.dll
    + 2012-06-20 00:21:16 . 2012-06-20 00:21:16 210432 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualStu#\39817a23777554d968852971b91a4f78\Microsoft.VisualStudio.Tools.Office.Runtime.Internal.ni.dll
    + 2012-06-20 00:21:09 . 2012-06-20 00:21:09 303104 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\4f4a0eaa862dd1ec9c57c564455187d2\Microsoft.VisualBasic.Compatibility.Data.ni.dll
    + 2012-06-20 00:20:39 . 2012-06-20 00:20:39 864768 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\ec9a55a16c6613554d1a7409811b7a2c\Microsoft.Office.Tools.Common.Implementation.ni.dll
    + 2012-06-20 00:20:50 . 2012-06-20 00:20:50 312320 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\60979432fb582bd7037dc2e54a468141\Microsoft.Office.Tools.Outlook.Implementation.ni.dll
    + 2012-06-20 00:20:36 . 2012-06-20 00:20:36 336384 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\54ab02cb617ed9070723032361c72de6\Microsoft.Office.Tools.Common.ni.dll
    + 2012-06-20 00:20:48 . 2012-06-20 00:20:48 152064 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\42a5e49641bff019e55a8228560fc541\Microsoft.Office.Tools.Outlook.ni.dll
    + 2012-06-20 00:20:41 . 2012-06-20 00:20:41 730624 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\282f3b9bd8dc8a67787e210a9b0e78e3\Microsoft.Office.Tools.Excel.ni.dll
    + 2012-06-20 00:20:52 . 2012-06-20 00:20:52 676864 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\14ae412fbc10916dda33ce1616a63cf1\Microsoft.Office.Tools.Word.ni.dll
    + 2012-06-20 00:05:08 . 2012-06-20 00:05:08 329216 C:\windows\assembly\NativeImages_v2.0.50727_64\WindowsFormsIntegra#\0599e722d086c85c54a6dc71de5781f5\WindowsFormsIntegration.ni.dll
    + 2012-06-20 00:05:03 . 2012-06-20 00:05:03 304128 C:\windows\assembly\NativeImages_v2.0.50727_64\TaskScheduler\ecf332ee723fd33a408a00e926935c4a\TaskScheduler.ni.dll
    + 2012-06-20 00:04:16 . 2012-06-20 00:04:16 187392 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Routing\2c66bb8492ad0ccd7c86eb204a86f16a\System.Web.Routing.ni.dll
    + 2012-06-20 00:04:24 . 2012-06-20 00:04:24 449024 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity\e3ca70a436f9c8a0cb178f3fe0d15ce6\System.Web.Entity.ni.dll
    + 2012-06-20 00:04:28 . 2012-06-20 00:04:28 398848 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Entity.D#\4a722f8a9668af77c08a921ec5d249f2\System.Web.Entity.Design.ni.dll
    + 2012-06-20 00:04:18 . 2012-06-20 00:04:18 753664 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.DynamicD#\5e3e171d6b46739a8f89e2a589de1062\System.Web.DynamicData.ni.dll
    + 2012-06-20 00:03:49 . 2012-06-20 00:03:49 204800 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Abstract#\8f8685c0362ccfae34c1c958fc43bf40\System.Web.Abstractions.ni.dll
    + 2012-06-19 22:12:41 . 2012-06-19 22:12:41 295424 C:\windows\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\993018172a83c2431adeb6a309aa27cf\System.ServiceProcess.ni.dll
    + 2012-06-19 23:55:43 . 2012-06-19 23:55:43 783360 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Messaging\984398a06970ec18178ddf072de6167e\System.Messaging.ni.dll
    + 2012-06-19 22:12:40 . 2012-06-19 22:12:40 288768 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing.Desi#\a650d1b1ee920b0fecfe5e8342217265\System.Drawing.Design.ni.dll
    + 2012-06-20 00:03:21 . 2012-06-20 00:03:21 855040 C:\windows\assembly\NativeImages_v2.0.50727_64\napsnap\33ae5cf0b1603f19a9c66e376b4cdcda\napsnap.ni.dll
    + 2012-06-20 00:03:18 . 2012-06-20 00:03:18 162816 C:\windows\assembly\NativeImages_v2.0.50727_64\napinit\5c28e1b5ec388ca1b62f229a068b9842\napinit.ni.dll
    + 2012-06-19 23:58:22 . 2012-06-19 23:58:22 417792 C:\windows\assembly\NativeImages_v2.0.50727_64\MMCFxCommon\bf084532afc235bb8947191850be2dbd\MMCFxCommon.ni.dll
    + 2012-06-20 00:02:47 . 2012-06-20 00:02:47 226304 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\971cdcb686fdca748f67faa45abe822f\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
    + 2012-06-20 00:02:57 . 2012-06-20 00:02:57 225280 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\7ae200b6e9918f07c1e2ca91d0afc077\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
    + 2012-06-20 00:02:54 . 2012-06-20 00:02:54 773120 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\69f1603e8bea291a7bb2a51e57ba7494\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
    + 2012-06-19 23:55:37 . 2012-06-19 23:55:37 311296 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\4a48b203f340a070934d5e0e01ce5f7a\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
    + 2012-06-19 23:55:25 . 2012-06-19 23:55:25 305664 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualStu#\33b1dfec72751f9a970dfb60ae3c56a6\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
    + 2012-06-20 00:01:45 . 2012-06-20 00:01:45 222208 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\34bbffa913de4314dd929576139dddf2\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
    + 2012-06-19 23:55:28 . 2012-06-19 23:55:28 253952 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\16e02a73159ebfa9566836b56eab4b3b\Microsoft.Office.Tools.v9.0.ni.dll
    + 2012-06-19 23:58:12 . 2012-06-19 23:58:12 152576 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\611f809f625bafde88d989c624f5fd0f\Microsoft.MediaCenter.ITVVM.ni.dll
    + 2012-06-19 23:58:15 . 2012-06-19 23:58:15 312320 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\390ab84a69a72771f8c15596c3918ca3\Microsoft.MediaCenter.iTv.ni.dll
    + 2012-06-19 23:58:21 . 2012-06-19 23:58:21 797696 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Managemen#\e357bfb6a7358070a31cfb315e1094b8\Microsoft.ManagementConsole.ni.dll
    + 2012-06-19 23:58:56 . 2012-06-19 23:58:56 549376 C:\windows\assembly\NativeImages_v2.0.50727_64\mcplayerinterop\3cbc899f004a3144820b162f339cc299\mcplayerinterop.ni.dll
    + 2012-06-19 23:58:52 . 2012-06-19 23:58:52 696320 C:\windows\assembly\NativeImages_v2.0.50727_64\mcGlidHostObj\1ee690ef6472178228e84214d7f136ad\mcGlidHostObj.ni.dll
    + 2012-06-19 23:58:18 . 2012-06-19 23:58:18 659456 C:\windows\assembly\NativeImages_v2.0.50727_64\EventViewer\bef11fb4617a18e0cdb5c7673308f0d8\EventViewer.ni.dll
    + 2012-06-19 23:55:49 . 2012-06-19 23:55:49 389120 C:\windows\assembly\NativeImages_v2.0.50727_64\ehExtHost\3266ef1067584da5503061cb4c694b82\ehExtHost.ni.exe
    + 2012-06-20 00:15:48 . 2012-06-20 00:15:48 626688 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLiveLocal.Wr#\b4339d59d892015b9b85f45da5405968\WindowsLiveLocal.WriterPlugin.ni.dll
    + 2012-06-20 00:15:45 . 2012-06-20 00:15:45 321536 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\cab30ee882d32c6359c5e71f91115674\WindowsLive.Writer.SpellChecker.ni.dll
    + 2012-06-20 00:15:20 . 2012-06-20 00:15:20 843776 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\bf812087547b87d15f5d962567c19ed5\WindowsLive.Writer.Controls.ni.dll
    + 2012-06-20 00:15:43 . 2012-06-20 00:15:43 594944 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\9fd83508417a1fbcaecbd9bc4517cf87\WindowsLive.Writer.HtmlEditor.ni.dll
    + 2012-06-20 00:15:25 . 2012-06-20 00:15:25 319488 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\94b811060d696946b20fd357b734ee53\WindowsLive.Writer.Interop.ni.dll
    + 2012-06-20 00:15:29 . 2012-06-20 00:15:29 258560 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\8382b11f7b421755b4cf07b344e761b1\WindowsLive.Writer.Mshtml.ni.dll
    + 2012-06-20 00:15:37 . 2012-06-20 00:15:37 851968 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\6b2fbf2e97edff13c87a1d542aec6190\WindowsLive.Writer.BlogClient.ni.dll
    + 2012-06-20 00:15:26 . 2012-06-20 00:15:26 174080 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\58895e1ec530c5a0b4d304c071ea9608\WindowsLive.Writer.BrowserControl.ni.dll
    + 2012-06-20 00:15:27 . 2012-06-20 00:15:27 428032 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\54289c8fe09f12d1257a647b73237956\WindowsLive.Writer.Localization.ni.dll
    + 2012-06-20 00:15:46 . 2012-06-20 00:15:46 119296 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\4301a860eb28265f4e4181ff0b238f31\WindowsLive.Writer.FileDestinations.ni.dll
    + 2012-06-20 00:15:28 . 2012-06-20 00:15:28 108544 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\16b217f8f1a2694db53b5acda8231485\WindowsLive.Writer.Passport.ni.dll
    + 2012-06-20 00:15:33 . 2012-06-20 00:15:33 118784 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\0f0ac77d1901c796f6fb7cd1335ba4d9\WindowsLive.Writer.Extensibility.ni.dll
    + 2012-06-20 00:15:41 . 2012-06-20 00:15:41 145920 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Client\7cea701bfe1a6fbc1e1b0d09a690f873\WindowsLive.Client.ni.dll
    + 2012-06-20 00:20:27 . 2012-06-20 00:20:27 240128 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\961b28b18dc304d4434ca9938abd1d60\WindowsFormsIntegration.ni.dll
    + 2012-06-20 00:20:23 . 2012-06-20 00:20:23 245248 C:\windows\assembly\NativeImages_v2.0.50727_32\TaskScheduler\58b6523c5167dd748a679e8a46330c32\TaskScheduler.ni.dll
    + 2012-06-20 00:19:52 . 2012-06-20 00:19:52 129536 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\e8583c3f80cd2a94f552a64b4953dde2\System.Web.Routing.ni.dll
    + 2012-06-20 00:20:07 . 2012-06-20 00:20:07 860160 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\394765924d5b924fe87103c943abc69c\System.Web.Extensions.Design.ni.dll
    + 2012-06-20 00:20:00 . 2012-06-20 00:20:00 328192 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\4b72a66912627a66c65ebc8ce8d82e91\System.Web.Entity.ni.dll
    + 2012-06-20 00:20:02 . 2012-06-20 00:20:02 301568 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\973d534cb631a5c9c7ea74842056332d\System.Web.Entity.Design.ni.dll
    + 2012-06-20 00:19:54 . 2012-06-20 00:19:54 547328 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\c80448d686095317e9019f48572b03e0\System.Web.DynamicData.ni.dll
    + 2012-06-20 00:19:29 . 2012-06-20 00:19:29 141312 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\a5f548d874a19f075ca408ac46e57d72\System.Web.Abstractions.ni.dll
    + 2012-06-19 21:59:23 . 2012-06-19 21:59:23 212992 C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8b7a7f9c607e09bfa03c07b5ff3a8ae3\System.ServiceProcess.ni.dll
    + 2012-06-20 00:16:12 . 2012-06-20 00:16:12 593408 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\9023843c5179d58bd814b64f440679a1\System.Messaging.ni.dll
    + 2012-06-19 21:59:22 . 2012-06-19 21:59:22 208384 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\4e3449df387e6a0680d25969da6f965a\System.Drawing.Design.ni.dll
    + 2012-06-20 00:19:07 . 2012-06-20 00:19:07 723456 C:\windows\assembly\NativeImages_v2.0.50727_32\napsnap\0e9f88f220b048e2b0d2c8e3801e1fbd\napsnap.ni.dll
    + 2012-06-20 00:19:05 . 2012-06-20 00:19:05 117760 C:\windows\assembly\NativeImages_v2.0.50727_32\napinit\821bb293acac9e6fbb0dc69087e2a172\napinit.ni.dll
    + 2012-06-20 00:16:43 . 2012-06-20 00:16:43 287232 C:\windows\assembly\NativeImages_v2.0.50727_32\MMCFxCommon\1f10581674c9eb08c896e21fc1f43be4\MMCFxCommon.ni.dll
    + 2012-06-20 00:14:46 . 2012-06-20 00:14:46 215040 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\9815f2a6390be8e13f4f2e6cda2ac909\Microsoft.VisualStudio.Tools.Office.AddInAdapter.v9.0.ni.dll
    + 2012-06-20 00:18:48 . 2012-06-20 00:18:48 161280 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\842d1b41df7172d96e5a12f811a769ee\Microsoft.VisualStudio.Tools.Office.Word.AddInProxy.v9.0.ni.dll
    + 2012-06-20 00:14:59 . 2012-06-20 00:14:59 196608 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\68f74019c05d5ef8b225a1fedcd5335b\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.ni.dll
    + 2012-06-20 00:18:45 . 2012-06-20 00:18:45 617472 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\59045fac7909ff7e7406136b8420e0a0\Microsoft.VisualStudio.Tools.Office.Runtime.v10.0.ni.dll
    + 2012-06-20 00:18:38 . 2012-06-20 00:18:38 145920 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualStu#\070061a96bbebf7fd532aacefb4c73b7\Microsoft.VisualStudio.Tools.Office.ContainerControl.v10.0.ni.dll
    + 2012-06-20 00:18:03 . 2012-06-20 00:18:03 854528 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\fb87b5e5b7a8a27d9d9cfd66649e2e57\Microsoft.Office.Tools.Word.v9.0.ni.dll
    + 2012-06-20 00:17:12 . 2012-06-20 00:17:12 816128 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\b52deba66ef7111df86c9dd266203e28\Microsoft.Office.Tools.Common.v9.0.ni.dll
    + 2012-06-20 00:17:59 . 2012-06-20 00:17:59 155648 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\41688e91a4f9f04836b80f5d184d95db\Microsoft.Office.Tools.Outlook.v9.0.ni.dll
    + 2012-06-20 00:14:49 . 2012-06-20 00:14:49 152064 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\2ed362cbb1ed6b2003b0b2c5a4abc0c3\Microsoft.Office.Tools.v9.0.ni.dll
    + 2012-06-20 00:17:56 . 2012-06-20 00:17:56 947200 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Office.To#\0b1acddff7b7f3eea144e8913b7a55dd\Microsoft.Office.Tools.Excel.v9.0.ni.dll
    + 2012-06-20 00:16:42 . 2012-06-20 00:16:42 561664 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Managemen#\49af28b21e53bc36f58c371995dfae1a\Microsoft.ManagementConsole.ni.dll
    + 2012-06-20 00:16:38 . 2012-06-20 00:16:38 553472 C:\windows\assembly\NativeImages_v2.0.50727_32\EventViewer\491bfb35b47079843c7faecb5b67787d\EventViewer.ni.dll
    + 2012-06-20 00:16:17 . 2012-06-20 00:16:17 254464 C:\windows\assembly\NativeImages_v2.0.50727_32\ehExtHost32\97a8bea875e2f88da466cfa59340a528\ehExtHost32.ni.exe
    - 2012-04-13 02:05:12 . 2012-01-26 23:35:31 630784 C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2012-06-18 19:30:15 . 2012-04-23 22:37:48 630784 C:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2012-06-19 08:02:02 . 2012-05-17 22:35:47 1129472 C:\windows\SysWOW64\wininet.dll
    + 2012-06-19 08:02:07 . 2012-05-17 22:36:06 1103872 C:\windows\SysWOW64\urlmon.dll
    + 2012-06-19 08:01:58 . 2012-05-17 22:45:37 1800192 C:\windows\SysWOW64\jscript9.dll
    + 2012-06-19 08:02:06 . 2012-05-17 22:27:18 1793024 C:\windows\SysWOW64\iertutil.dll
    + 2012-06-19 08:01:46 . 2012-05-17 22:48:40 9737728 C:\windows\SysWOW64\ieframe.dll
    + 2009-07-14 04:45:55 . 2012-06-19 21:53:31 3798234 C:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    - 2009-07-14 04:45:55 . 2012-06-12 00:15:04 3798234 C:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\tokens.dat
    - 2011-01-18 03:55:34 . 2012-06-01 06:01:06 2127168 C:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    + 2011-01-18 03:55:34 . 2012-06-23 16:39:23 2127168 C:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat
    + 2012-03-15 18:17:58 . 2012-03-15 18:17:58 5029672 C:\windows\Microsoft.NET\Framework64\v4.0.30319\System.Windows.Forms.dll
    - 2009-07-13 20:37:26 . 2009-06-10 20:40:02 4927488 C:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
    + 2012-06-18 19:30:28 . 2012-03-21 22:28:15 4927488 C:\windows\Microsoft.NET\Framework64\v2.0.50727\System.Design.dll
    + 2012-03-15 18:17:58 . 2012-03-15 18:17:58 5029672 C:\windows\Microsoft.NET\Framework\v4.0.30319\System.Windows.Forms.dll
    - 2009-07-13 20:46:34 . 2009-06-10 21:23:18 4927488 C:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
    + 2012-06-18 19:30:28 . 2012-03-21 22:29:45 4927488 C:\windows\Microsoft.NET\Framework\v2.0.50727\System.Design.dll
    - 2012-05-29 05:12:57 . 2012-05-29 05:12:57 1369872 C:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
    + 2012-06-19 08:24:05 . 2012-06-19 08:24:05 1369872 C:\windows\Microsoft.NET\assembly\GAC_MSIL\WindowsBase\v4.0_4.0.0.0__31bf3856ad364e35\WindowsBase.dll
    - 2012-05-29 05:12:41 . 2012-05-29 05:12:41 3512072 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
    + 2012-06-19 08:23:49 . 2012-06-19 08:23:49 3512072 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System\v4.0_4.0.0.0__b77a5c561934e089\System.dll
    + 2012-06-19 08:23:51 . 2012-06-19 08:23:51 2207568 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
    - 2012-05-29 05:12:43 . 2012-05-29 05:12:43 2207568 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Xml\v4.0_4.0.0.0__b77a5c561934e089\System.XML.dll
    + 2012-06-19 08:23:50 . 2012-06-19 08:23:50 5029672 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    - 2012-05-29 05:12:43 . 2012-05-29 05:12:43 1711496 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
    + 2012-06-19 08:23:51 . 2012-06-19 08:23:51 1711496 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms.DataVisualization\v4.0_4.0.0.0__31bf3856ad364e35\System.Windows.Forms.DataVisualization.dll
    + 2012-06-19 08:23:59 . 2012-06-19 08:23:59 6097256 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
    - 2012-05-29 05:12:51 . 2012-05-29 05:12:51 6097256 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
    - 2012-05-29 05:12:51 . 2012-05-29 05:12:51 1026936 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
    + 2012-06-19 08:23:59 . 2012-06-19 08:23:59 1026936 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Runtime.Serialization\v4.0_4.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
    - 2012-05-29 05:12:45 . 2012-05-29 05:12:45 4464480 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
    + 2012-06-19 08:23:53 . 2012-06-19 08:23:53 4464480 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Data.Entity\v4.0_4.0.0.0__b77a5c561934e089\System.Data.Entity.dll
    + 2012-06-19 08:23:52 . 2012-06-19 08:23:52 1354584 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
    - 2012-05-29 05:12:45 . 2012-05-29 05:12:45 1354584 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Core\v4.0_4.0.0.0__b77a5c561934e089\System.Core.dll
    - 2012-05-29 05:12:50 . 2012-05-29 05:12:50 1199968 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
    + 2012-06-19 08:23:58 . 2012-06-19 08:23:58 1199968 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.dll
    - 2012-05-29 05:12:49 . 2012-05-29 05:12:50 1462648 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
    + 2012-06-19 08:23:57 . 2012-06-19 08:23:57 1462648 C:\windows\Microsoft.NET\assembly\GAC_MSIL\System.Activities.Presentation\v4.0_4.0.0.0__31bf3856ad364e35\System.Activities.Presentation.dll
    + 2012-06-19 08:24:03 . 2012-06-19 08:24:03 6429992 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
    - 2012-05-29 05:12:55 . 2012-05-29 05:12:55 6429992 C:\windows\Microsoft.NET\assembly\GAC_MSIL\PresentationFramework\v4.0_4.0.0.0__31bf3856ad364e35\PresentationFramework.dll
    + 2012-06-19 08:23:47 . 2012-06-19 08:23:47 3116376 C:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
    - 2012-05-29 05:12:39 . 2012-05-29 05:12:39 3116376 C:\windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
    + 2012-06-19 08:24:03 . 2012-06-19 08:24:03 3825952 C:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
    - 2012-05-29 05:12:54 . 2012-05-29 05:12:54 3825952 C:\windows\Microsoft.NET\assembly\GAC_64\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
    - 2012-05-29 05:12:33 . 2012-05-29 05:12:33 4970768 C:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2012-06-19 08:23:44 . 2012-06-19 08:23:45 4970768 C:\windows\Microsoft.NET\assembly\GAC_64\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
    - 2012-05-29 05:12:48 . 2012-05-29 05:12:48 3563408 C:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
    + 2012-06-19 08:23:56 . 2012-06-19 08:23:56 3563408 C:\windows\Microsoft.NET\assembly\GAC_64\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
    - 2012-05-29 05:12:06 . 2012-05-29 05:12:07 2975064 C:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
    + 2012-06-19 08:23:22 . 2012-06-19 08:23:22 2975064 C:\windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
    - 2012-05-29 05:12:27 . 2012-05-29 05:12:27 3790112 C:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
    + 2012-06-19 08:23:40 . 2012-06-19 08:23:40 3790112 C:\windows\Microsoft.NET\assembly\GAC_32\PresentationCore\v4.0_4.0.0.0__31bf3856ad364e35\PresentationCore.dll
    + 2012-06-19 08:23:17 . 2012-06-19 08:23:17 5201168 C:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
    - 2012-05-29 05:12:03 . 2012-05-29 05:12:03 5201168 C:\windows\Microsoft.NET\assembly\GAC_32\mscorlib\v4.0_4.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2012-06-19 08:23:33 . 2012-06-19 08:23:33 2989456 C:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
    - 2012-05-29 05:12:17 . 2012-05-29 05:12:17 2989456 C:\windows\Microsoft.NET\assembly\GAC_32\Microsoft.VisualBasic.Activities.Compiler\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Activities.Compiler.dll
    + 2012-04-23 03:46:00 . 2012-04-23 03:46:00 1187328 C:\windows\Installer\2736a2e.msp
    + 2012-03-15 19:26:06 . 2012-03-15 19:26:06 4212736 C:\windows\Installer\2736a26.msp
    + 2012-05-17 08:01:34 . 2012-05-17 08:01:34 3447808 C:\windows\Installer\2736a11.msp
    - 2011-06-06 22:09:23 . 2012-05-29 16:12:34 1858400 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\wordicon.exe
    + 2011-06-06 22:09:23 . 2012-06-19 08:05:39 1858400 C:\windows\Installer\{90140000-001B-0000-1000-0000000FF1CE}\wordicon.exe
    - 2011-06-24 23:04:20 . 2012-05-29 16:12:13 3792736 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\pptico.exe
    + 2011-06-24 23:04:20 . 2012-06-19 08:04:59 3792736 C:\windows\Installer\{90140000-0018-0000-1000-0000000FF1CE}\pptico.exe
    + 2012-06-20 00:06:55 . 2012-06-20 00:06:55 5237248 C:\windows\assembly\NativeImages_v4.0.30319_64\WindowsBase\e286701acf74012d3aa4a21953f03b6b\WindowsBase.ni.dll
    + 2012-06-20 00:13:55 . 2012-06-20 00:13:55 5645824 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Form#\950f64ba9fb22ca06c5b2b9cf6f5f4b4\System.Windows.Forms.DataVisualization.ni.dll
    + 2012-06-20 00:12:11 . 2012-06-20 00:12:11 1467392 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Printing\d2de16284459454472a6875185c64d08\System.Printing.ni.dll
    + 2012-06-20 00:10:48 . 2012-06-20 00:10:48 2305024 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\1225ef41527a975de83f22328d0a3b93\System.Drawing.ni.dll
    Nordox3432, Jun 27, 2012
    #31

  12. Nordox3432 Newcomer, in training Posts: 22

    + 2012-06-20 00:10:56 . 2012-06-20 00:10:56 2403328 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Deployment\ad9ff5d55f7ea22e80c39e0ff0240984\System.Deployment.ni.dll
    + 2012-06-20 00:12:57 . 2012-06-20 00:12:58 5048832 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Activities.P#\707f90689caf41ad429bf3ad373503cb\System.Activities.Presentation.ni.dll
    + 2012-06-20 00:12:32 . 2012-06-20 00:12:32 4233216 C:\windows\assembly\NativeImages_v4.0.30319_64\ReachFramework\16c9569b75a9f47c38b60ba733936e1a\ReachFramework.ni.dll
    + 2012-06-20 00:10:37 . 2012-06-20 00:10:38 2056704 C:\windows\assembly\NativeImages_v4.0.30319_64\PresentationUI\9c3d6b3ddef66cac069b6ab1fec514f8\PresentationUI.ni.dll
    + 2012-06-20 00:06:09 . 2012-06-20 00:06:09 2317312 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\70e2694fe050bd480b9f61f935ca2da5\Microsoft.VisualBasic.ni.dll
    + 2012-06-20 00:06:19 . 2012-06-20 00:06:19 1843712 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.VisualBas#\32031f122f594b2f001829c5ba8d2375\Microsoft.VisualBasic.Compatibility.ni.dll
    + 2012-06-20 00:05:40 . 2012-06-20 00:05:40 2035200 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\d8e1453ff4337647b784f72536bb1a24\Microsoft.Office.Tools.Excel.Implementation.ni.dll
    + 2012-06-20 00:05:27 . 2012-06-20 00:05:27 1118208 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\a134c72a9b938f147c994096bd1518bf\Microsoft.Office.Tools.Common.Implementation.ni.dll
    + 2012-06-20 00:05:49 . 2012-06-20 00:05:49 1070080 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\8da91be67f85f2d15c39ff4857bf123e\Microsoft.Office.Tools.Word.ni.dll
    + 2012-06-20 00:05:55 . 2012-06-20 00:05:55 1470464 C:\windows\assembly\NativeImages_v4.0.30319_64\Microsoft.Office.To#\06034e1109df8482b90168f33585070b\Microsoft.Office.Tools.Word.Implementation.ni.dll
    + 2012-06-19 08:24:55 . 2012-06-19 08:24:55 3858432 C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
    + 2012-06-20 00:22:23 . 2012-06-20 00:22:23 4587008 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\7f0476e4df01ca2219f7db531408e91c\System.Windows.Forms.DataVisualization.ni.dll
    + 2012-06-20 00:21:30 . 2012-06-20 00:21:30 1060864 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f87f8bc0bc9563096150f23f6c220e7b\System.Printing.ni.dll
    + 2012-06-19 08:26:04 . 2012-06-19 08:26:04 1666048 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll
    + 2012-06-20 00:21:27 . 2012-06-20 00:21:27 1880064 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Deployment\e899cda47704280f54949c69b78c55cc\System.Deployment.ni.dll
    + 2012-06-20 00:21:50 . 2012-06-20 00:21:50 3757568 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\36299fad6b7b591cfb6bd9e50dbd33df\System.Activities.Presentation.ni.dll
    + 2012-06-20 00:21:38 . 2012-06-20 00:21:38 2906624 C:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\442af6f7c8b447bdec3ad8d23da89c5a\ReachFramework.ni.dll
    + 2012-06-20 00:21:24 . 2012-06-20 00:21:24 1641984 C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\cf455da9b8fedf66767c1a7ab3eea9c9\PresentationUI.ni.dll
    + 2012-06-20 00:21:07 . 2012-06-20 00:21:07 1139712 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\1be66789a218a6016ab987f17779d664\Microsoft.VisualBasic.Compatibility.ni.dll
    + 2012-06-20 00:21:02 . 2012-06-20 00:21:02 1838080 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualBas#\09c2f8f606e09d85cfe6e0ad89fbe729\Microsoft.VisualBasic.ni.dll
    + 2012-06-20 00:20:46 . 2012-06-20 00:20:46 1551872 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\7cfb808ac13b9432c5b771d64ff37f8d\Microsoft.Office.Tools.Excel.Implementation.ni.dll
    + 2012-06-20 00:20:55 . 2012-06-20 00:20:55 1117696 C:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Office.To#\3053fc29935c7c0df891177b6ef2efea\Microsoft.Office.Tools.Word.Implementation.ni.dll
    + 2012-06-20 00:05:00 . 2012-06-20 00:05:00 1817600 C:\windows\assembly\NativeImages_v2.0.50727_64\System.WorkflowServ#\5e8951a5428e1e760a668b48983988f8\System.WorkflowServices.ni.dll
    + 2012-06-19 22:14:20 . 2012-06-19 22:14:20 2707456 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Run#\13dec2cd87ea433f1746027ccbaa3bc4\System.Workflow.Runtime.ni.dll
    + 2012-06-19 22:13:43 . 2012-06-19 22:13:43 5955072 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Com#\1c1764b9120f6a73ebdfb58b8e4ab9df\System.Workflow.ComponentModel.ni.dll
    + 2012-06-19 22:13:08 . 2012-06-19 22:13:08 3895296 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Workflow.Act#\254e69d8d12742213f715fc860aad36f\System.Workflow.Activities.ni.dll
    + 2012-06-19 22:11:30 . 2012-06-19 22:11:30 2291712 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Services\35b994e63fbc2836f32326e9f5862a1b\System.Web.Services.ni.dll
    + 2012-06-20 00:04:48 . 2012-06-20 00:04:48 3335680 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Mobile\991f0a84aef8729bde6ae7d9a5ee3eab\System.Web.Mobile.ni.dll
    + 2012-06-20 00:03:58 . 2012-06-20 00:03:58 3043840 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\1c19687f7c7c4dc03e75c0d23646def6\System.Web.Extensions.ni.dll
    + 2012-06-20 00:04:34 . 2012-06-20 00:04:34 1155072 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web.Extensio#\116bbcff5d5ec37d4606353e4d79fb07\System.Web.Extensions.Design.ni.dll
    + 2012-06-19 22:09:48 . 2012-06-19 22:09:48 1453568 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Printing\86a3611cdef98c49edd41c3cb52d5b81\System.Printing.ni.dll
    + 2012-06-19 22:02:36 . 2012-06-19 22:02:36 2318336 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\6ea40f2da0e2321428a7bdd387e475fd\System.Drawing.ni.dll
    + 2012-06-19 22:02:12 . 2012-06-19 22:02:12 2444288 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Deployment\817485fd285d4ceca00b5a2f54127187\System.Deployment.ni.dll
    + 2012-06-19 22:09:37 . 2012-06-19 22:09:37 3101696 C:\windows\assembly\NativeImages_v2.0.50727_64\ReachFramework\ace65925339dc7a67f7d5801d305fea7\ReachFramework.ni.dll
    + 2012-06-19 22:08:54 . 2012-06-19 22:08:54 2109952 C:\windows\assembly\NativeImages_v2.0.50727_64\PresentationUI\bb6de6dc7e0983ff5d5eb50e4d303401\PresentationUI.ni.dll
    + 2012-06-20 00:03:34 . 2012-06-20 00:03:34 3601920 C:\windows\assembly\NativeImages_v2.0.50727_64\Narrator\fcfebf142d7794efa4d9f3442b4078b0\Narrator.ni.exe
    + 2012-06-20 00:03:15 . 2012-06-20 00:03:15 2327040 C:\windows\assembly\NativeImages_v2.0.50727_64\MMCEx\53fc273e6830f8ed9f4a6861bd9e3259\MMCEx.ni.dll
    + 2012-06-19 23:58:43 . 2012-06-19 23:58:44 7966208 C:\windows\assembly\NativeImages_v2.0.50727_64\MIGUIControls\cbd80a405506069dcbc40bcf9e35cdbe\MIGUIControls.ni.dll
    + 2012-06-20 00:02:38 . 2012-06-20 00:02:38 2131968 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.VisualBas#\c43123085590686ee0fe2157c6cf78c8\Microsoft.VisualBasic.ni.dll
    + 2012-06-20 00:02:02 . 2012-06-20 00:02:02 2175488 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\e67017ef44edf5abace08749ba07b3b8\Microsoft.PowerShell.Commands.Utility.ni.dll
    + 2012-06-20 00:02:23 . 2012-06-20 00:02:23 5351424 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.PowerShel#\57340a7859df958d29fa5caa530dcf5f\Microsoft.PowerShell.Editor.ni.dll
    + 2012-06-20 00:01:43 . 2012-06-20 00:01:43 1223680 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\e18b1203a2c5a1f8dde3e2211bf82455\Microsoft.Office.Tools.Excel.v9.0.ni.dll
    + 2012-06-20 00:01:51 . 2012-06-20 00:01:51 1186304 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\afe6ee4dfd1b3439790c5527e5444d65\Microsoft.Office.Tools.Word.v9.0.ni.dll
    + 2012-06-20 00:00:52 . 2012-06-20 00:00:52 1093632 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.To#\61e7c1dfa8846d05b61108fcc01fec4f\Microsoft.Office.Tools.Common.v9.0.ni.dll
    + 2012-06-20 00:00:03 . 2012-06-20 00:00:03 2826240 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.Bu#\fcf3d54ed747f8109c9dadd6dd9aebb1\Microsoft.Office.BusinessApplications.RuntimeUi.ni.dll
    + 2012-06-20 00:00:29 . 2012-06-20 00:00:29 6565376 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.Bu#\dea476de1aed0593b8d32afd75728ecc\Microsoft.Office.BusinessApplications.SyncServices.ni.dll
    + 2012-06-20 00:00:47 . 2012-06-20 00:00:47 4488704 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Office.Bu#\237ce26418e2e588e0fa4408a26b1883\Microsoft.Office.BusinessData.ni.dll
    + 2012-06-19 23:59:38 . 2012-06-19 23:59:38 1508864 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\cb5ff04ccae6b9da5dbe37a6ae0fa6c1\Microsoft.MediaCenter.Bml.ni.dll
    + 2012-06-19 23:56:26 . 2012-06-19 23:56:26 8979456 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\b6af7cba1817dc28bdcea3f0552b05f3\Microsoft.MediaCenter.UI.ni.dll
    + 2012-06-19 23:55:54 . 2012-06-19 23:55:54 1516032 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.MediaCent#\77cfbc9d38b1f0ba1dda1acbf8dc864e\Microsoft.MediaCenter.ni.dll
    + 2012-06-19 23:59:30 . 2012-06-19 23:59:30 2365952 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Ink\a036f49088456b29078f9450be06443f\Microsoft.Ink.ni.dll
    + 2012-06-19 23:59:11 . 2012-06-19 23:59:11 2218496 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\9293388abb9fd1c2e63ae6224b5f1631\Microsoft.Build.Tasks.ni.dll
    + 2012-06-19 23:59:21 . 2012-06-19 23:59:21 2677760 C:\windows\assembly\NativeImages_v2.0.50727_64\Microsoft.Build.Tas#\1f21383dca22c1a8cbe08f00f26150df\Microsoft.Build.Tasks.v3.5.ni.dll
    + 2012-06-19 23:56:35 . 2012-06-19 23:56:35 2801664 C:\windows\assembly\NativeImages_v2.0.50727_64\mcstore\dc68964376339f9b71d002094cb3f0ca\mcstore.ni.dll
    + 2012-06-20 00:15:17 . 2012-06-20 00:15:17 6392832 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\b7831aa9ae1459f54994bb88096135a0\WindowsLive.Writer.PostEditor.ni.dll
    + 2012-06-20 00:15:32 . 2012-06-20 00:15:32 1105408 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\5970a18cc76b9e7f063e964d61a7f3e4\WindowsLive.Writer.ApplicationFramework.ni.dll
    + 2012-06-20 00:15:24 . 2012-06-20 00:15:24 2018304 C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsLive.Writer.#\2137f840aa4841440459310c974098ab\WindowsLive.Writer.CoreServices.ni.dll
    + 2012-06-20 00:20:20 . 2012-06-20 00:20:20 1358336 C:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\b345f2895557e6ef39b94aebdeb4a57e\System.WorkflowServices.ni.dll
    + 2012-06-19 22:00:07 . 2012-06-19 22:00:07 1914880 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\fd5cec6034bba6b7c0c9b8429b6f2222\System.Workflow.Runtime.ni.dll
    + 2012-06-19 21:59:59 . 2012-06-19 21:59:59 4514304 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\7ad53a4ed45b577ddc8f80aa5c8e012d\System.Workflow.ComponentModel.ni.dll
    + 2012-06-19 21:59:42 . 2012-06-19 21:59:43 2994688 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\5c617f481e72820be334a511ad7e0648\System.Workflow.Activities.ni.dll
    + 2012-06-19 21:58:58 . 2012-06-19 21:58:58 1840640 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\675c8bd801698993255d100c3b350d4b\System.Web.Services.ni.dll
    + 2012-06-20 00:20:11 . 2012-06-20 00:20:11 2209792 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\e950097b782a3726f9ec9a2662944e73\System.Web.Mobile.ni.dll
    + 2012-06-20 00:19:33 . 2012-06-20 00:19:33 2403840 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\99d890cec9c7b5d0883d2d84ad98a457\System.Web.Extensions.ni.dll
    + 2012-06-19 21:58:14 . 2012-06-19 21:58:14 1035776 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\da97dedec4a2fd679a2c45b6e91b2481\System.Printing.ni.dll
    + 2012-06-19 21:55:55 . 2012-06-19 21:55:55 1591808 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
    + 2012-06-19 21:55:41 . 2012-06-19 21:55:41 1806848 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\37aa8a6e1a69671c23eb916417629682\System.Deployment.ni.dll
    + 2012-06-19 21:58:08 . 2012-06-19 21:58:08 2147328 C:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\4ddbf3609f6efff982c900440dcdb181\ReachFramework.ni.dll
    + 2012-06-19 21:57:59 . 2012-06-19 21:57:59 1658368 C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\1b357b8f86096b51ac50f1d7c90fd9b9\PresentationUI.ni.dll
    + 2012-06-20 00:19:12 . 2012-06-20 00:19:12 2623488 C:\windows\assembly\NativeImages_v2.0.50727_32\Narrator\edd366eb04c2fe0aaabba01c5a2105e0\Narrator.ni.exe
    + 2012-06-20 00:19:02 . 2012-06-20 00:19:02 1545216 C:\windows\assembly\NativeImages_v2.0.50727_32\MMCEx\e143c439fa3698366c4b2b1911a5f8f2\MMCEx.ni.dll
    + 2012-06-20 00:16:50 . 2012-06-20 00:16:51 6434304 C:\windows\assembly\NativeImages_v2.0.50727_32\MIGUIControls\66183b1d79527c54e9d5ffdd8f8fda69\MIGUIControls.ni.dll
    + 2012-06-20 00:16:08 . 2012-06-20 00:16:08 1670144 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3eaec5bc57c67c3b24ca2bb281ca249d\Microsoft.VisualBasic.ni.dll
    + 2012-06-20 00:18:20 . 2012-06-20 00:18:20 3724288 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\b02bdb4f1d9b1e3fb1c5b79838e371e4\Microsoft.PowerShell.Editor.ni.dll
    + 2012-06-20 00:18:10 . 2012-06-20 00:18:10 1681920 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.PowerShel#\4f309ae82c753663e09a9a4cdb8375e1\Microsoft.PowerShell.Commands.Utility.ni.dll
    + 2012-06-20 00:16:20 . 2012-06-20 00:16:20 1009664 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\f606df7f73ca8fb4ad5fc8edf23c3a88\Microsoft.MediaCenter.ni.dll
    + 2012-06-20 00:16:30 . 2012-06-20 00:16:30 6499840 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.MediaCent#\3e794c9f632eef8f63037605644b2385\Microsoft.MediaCenter.UI.ni.dll
    + 2012-06-20 00:17:06 . 2012-06-20 00:17:06 1361408 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Ink\4c9b801dd450ef4344d43ba63cd8928f\Microsoft.Ink.ni.dll
    + 2012-06-20 00:17:02 . 2012-06-20 00:17:02 1966080 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\d7fe0033c89960de70477f3a3bf6f139\Microsoft.Build.Tasks.v3.5.ni.dll
    + 2012-06-20 00:16:58 . 2012-06-20 00:16:58 1620992 C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\608fbe1dfdc8d81dacec493fb0359ff4\Microsoft.Build.Tasks.ni.dll
    + 2012-06-20 00:16:36 . 2012-06-20 00:16:36 2035712 C:\windows\assembly\NativeImages_v2.0.50727_32\mcstore\9118d768723cabeb71ee31c9ae817dd5\mcstore.ni.dll
    - 2009-07-13 20:46:34 . 2009-06-10 21:23:18 4927488 C:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
    + 2012-06-18 19:30:28 . 2012-03-21 22:29:45 4927488 C:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
    + 2012-06-19 08:01:55 . 2012-05-17 23:11:00 12314624 C:\windows\SysWOW64\mshtml.dll
    + 2011-03-17 02:19:42 . 2012-06-25 19:00:21 44021718 C:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-3495281029-1677404467-2030556029-1001-8192.dat
    + 2012-06-20 00:12:02 . 2012-06-20 00:12:02 17355264 C:\windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\e883d90a0210bf99ca88f3b4ade53a24\System.Windows.Forms.ni.dll
    + 2012-06-20 00:10:21 . 2012-06-20 00:10:22 24407552 C:\windows\assembly\NativeImages_v4.0.30319_64\PresentationFramewo#\a3c3789d54894008501ce5891f1eeb40\PresentationFramework.ni.dll
    + 2012-06-20 00:08:14 . 2012-06-20 00:08:15 15908864 C:\windows\assembly\NativeImages_v4.0.30319_64\PresentationCore\9d69a7a407bbc43a1bcb2da603af5840\PresentationCore.ni.dll
    + 2012-06-19 08:26:39 . 2012-06-19 08:26:40 13198336 C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll
    + 2012-06-19 08:25:56 . 2012-06-19 08:25:57 18000896 C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
    + 2012-06-19 08:25:21 . 2012-06-19 08:25:21 11451904 C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
    + 2012-06-19 22:04:12 . 2012-06-19 22:04:12 17382912 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\ced1d3b0790804426463ad06a61f180e\System.Windows.Forms.ni.dll
    + 2012-06-19 22:11:13 . 2012-06-19 22:11:14 15252992 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Web\f6514b690596d60ca9f4fa64e14a8355\System.Web.ni.dll
    + 2012-06-19 22:12:38 . 2012-06-19 22:12:38 13609472 C:\windows\assembly\NativeImages_v2.0.50727_64\System.Design\dfb7152260d641e49ec1ecf0f2df0f37\System.Design.ni.dll
    + 2012-06-19 22:08:32 . 2012-06-19 22:08:33 19173376 C:\windows\assembly\NativeImages_v2.0.50727_64\PresentationFramewo#\916af5e5c39e1226e0b87a80e3a979f2\PresentationFramework.ni.dll
    + 2012-06-19 22:01:42 . 2012-06-19 22:01:42 16517120 C:\windows\assembly\NativeImages_v2.0.50727_64\PresentationCore\ea90a194614680a484a25b6ccc4df754\PresentationCore.ni.dll
    + 2012-06-19 23:58:10 . 2012-06-19 23:58:10 25462272 C:\windows\assembly\NativeImages_v2.0.50727_64\ehshell\a1484b74816bb58e5a5e59cc750fc3bd\ehshell.ni.dll
    + 2012-06-19 21:56:36 . 2012-06-19 21:56:37 12433920 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
    + 2012-06-19 21:58:50 . 2012-06-19 21:58:51 11824128 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
    + 2012-06-19 21:59:20 . 2012-06-19 21:59:20 10578432 C:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\1321319c8922886e520d2821b5a64dca\System.Design.ni.dll
    + 2012-06-20 00:16:04 . 2012-06-20 00:16:04 11519488 C:\windows\assembly\NativeImages_v2.0.50727_32\SmartAudio\4e9a77202c5704f602bed02c13051a77\SmartAudio.ni.exe
    + 2012-06-19 21:57:47 . 2012-06-19 21:57:48 14325760 C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
    + 2012-06-19 21:52:45 . 2012-06-19 21:52:45 12218880 C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll

    -- Snapshot reset to current date --

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-11-22 23:38:34 39408]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2009-07-14 01:39:41 1475072]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-10 23:32:46 336384]
    "TWebCamera"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" [2010-11-02 20:01:58 2475384]
    "ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" [2010-07-01 18:59:04 1295224]
    "ToshibaAppPlace"="C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe" [2010-09-23 18:03:36 552960]
    "DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 23:08:12 1259376]
    "Freecorder FLV Service"="C:\Program Files (x86)\Freecorder\FLVSrvc.exe" [2011-03-24 07:11:25 167936]
    "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 19:02:04 254696]
    "Malwarebytes' Anti-Malware"="C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 20:56:38 462408]

    C:\Users\Bethany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    MagicDisc.lnk - C:\Program Files (x86)\MagicDisc\MagicDisc.exe [2011-5-2 576000]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "aux"=wdmaud.drv

    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 18:16:28 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 19:27:14 138576]
    R2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38:42 136176]
    R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.6.22\SymcPCCULaunchSvc.exe [x]
    R2 PCCUJobMgr;Common Client Job Manager Service; [x]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-01 04:13:59 257696]
    R3 avckf;avckf;C:\windows\system32\DRIVERS\avckf.sys [x]
    R3 bdsandbox;bdsandbox;C:\windows\system32\drivers\bdsandbox.sys [x]
    R3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38:42 136176]
    R3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-24 08:44:22 113120]
    R3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-10 02:20:56 174440]
    R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 02:34:24 4925184]
    R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys [x]
    R3 Update Server;BitDefender Update Server v2;C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe [2011-10-15 04:57:26 466736]
    R3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe [x]
    S0 avc3;avc3;C:\windows\system32\DRIVERS\avc3.sys [x]
    S1 bdfwfpf;bdfwfpf;C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [2011-11-15 01:16:38 103504]
    S1 BDVEDISK;BDVEDISK;C:\windows\system32\DRIVERS\bdvedisk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe [x]
    S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 20:56:40 654408]
    S2 UPDATESRV;BitDefender Desktop Update Service;C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe [2012-06-01 06:11:01 66096]
    S3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys [x]
    S3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys [x]
    S3 avchv;avchv Function Driver;C:\windows\system32\DRIVERS\avchv.sys [x]
    S3 ETD;ELAN PS/2 Port Input Device;C:\windows\system32\DRIVERS\ETD.sys [x]
    S3 FwLnk;FwLnk Driver;C:\windows\system32\DRIVERS\FwLnk.sys [x]
    S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\system32\DRIVERS\L1C62x64.sys [x]
    S3 MBAMProtector;MBAMProtector;C:\windows\system32\drivers\mbam.sys [x]
    S3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys [x]
    S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;C:\windows\system32\DRIVERS\rtl8192Ce.sys [x]
    S3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2010-07-01 18:59:02 51576]
    S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 01:44:48 137560]


    Contents of the 'Scheduled Tasks' folder

    2012-06-25 C:\windows\Tasks\At1.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At11.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At13.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At15.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At17.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At19.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At21.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At23.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At25.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-24 C:\windows\Tasks\At27.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\At29.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\At3.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-22 C:\windows\Tasks\At31.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-22 C:\windows\Tasks\At33.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-22 C:\windows\Tasks\At35.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-22 C:\windows\Tasks\At37.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At39.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At41.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At43.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At45.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\At47.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\At5.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\At7.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-23 C:\windows\Tasks\At9.job
    - C:\windows\system32\Y8Uj0v.com [2011-12-02 21:22:21 . 2011-12-02 21:22:10]

    2012-06-25 C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38:47 . 2010-11-22 23:38:42]

    2012-06-25 C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-22 23:38:47 . 2010-11-22 23:38:42]


    --------- X64 Entries -----------


    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SmartAudio"="C:\Program Files\CONEXANT\SAII\SAIICpl.exe" [2010-04-28 19:31:40 307768]
    "ETDCtrl"="C:\Program Files (x86)\Elantech\ETDCtrl.exe" [BU]
    "SmartFaceVWatcher"="C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe" [BU]
    "TPwrMain"="C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE" [BU]
    "SmoothView"="C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe" [BU]
    "00TCrdMain"="C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe" [BU]
    "TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe" [2009-11-11 22:31:34 24376]
    "TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe" [2010-02-06 01:45:06 709976]
    "TosNC"="C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe" [BU]
    "TosReelTimeMonitor"="C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe" [BU]
    "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 19:54:26 112512]
    "BDAgent"="C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe" [2012-06-01 06:10:23 1067256]

    ------- Supplementary Scan -------

    uLocal Page = C:\windows\system32\blank.htm
    mLocal Page = C:\Windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = <local>
    IE: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll/1000
    IE: {{97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} -
    TCP: DhcpNameServer = 192.168.1.1
    FF - ProfilePath - C:\Users\Bethany\AppData\Roaming\Mozilla\Firefox\Profiles\g18bkup8.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2612669&SearchSource=3&q={searchTerms}
    FF - prefs.js: browser.startup.homepage - hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1307415405&rver=6.1.6206.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us&cbcxt=mai&snsc=1
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?SSPV=FFOB1&ctid=CT1060933&SearchSource=2&q=
    FF - user.js: network.cookie.cookieBehavior - 0
    FF - user.js: privacy.clearOnShutdown.cookies - false
    FF - user.js: security.warn_viewing_mixed - false
    FF - user.js: security.warn_viewing_mixed.show_once - false
    FF - user.js: security.warn_submit_insecure - false
    FF - user.js: security.warn_submit_insecure.show_once - false

    - - - - ORPHANS REMOVED - - - -

    Toolbar-Locked - (no file)
    Toolbar-{90b49673-5506-483e-b92b-ca0265bd9ca8} - (no file)
    Toolbar-{1392b8d2-5c05-419f-a8f6-b9f15a596612} - (no file)
    Nordox3432, Jun 27, 2012
    #32

  13. Bobbye Helper on the Fringe Posts: 16,406   +16

    I'm going to wait until you post the rest of the Combofix log.
    Bobbye, Jun 27, 2012
    #33

  14. Nordox3432 Newcomer, in training Posts: 22

    That was the entire log...
    Nordox3432, Jul 1, 2012
    #34

  15. Bobbye Helper on the Fringe Posts: 16,406   +16

    Please update and rerun Combofix. About half of the log is missing.
    Bobbye, Jul 1, 2012
    #35
Page 2 of 2
Topic Status:
Not open for further replies.

Add New Comment

Social Login & Guest Posting

TechSpot Members
Login here or sign up for free,
it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.