[mewsick75]

I was able to boot into safe mode but nothing came up.
I had to go to the command line and open Malware Bytes from a flash drive.
I was able to run a Quick scan but couldn't update the program.
I saved the log and didn't do anything to clean what it found.
Here is my log file, I hope someone can help me out.


Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7035

Windows 6.0.6002 Service Pack 2 (Safe Mode)
Internet Explorer 8.0.6001.19170

1/15/2012 5:42:30 PM
mbam-log-2012-01-15 (17-41-58).txt

Scan type: Quick scan
Objects scanned: 180689
Time elapsed: 6 minute(s), 54 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Bruce\AppData\Local\Temp\wuauclt.exe (Trojan.Agent) -> No action taken.

[Advertisements]

Hello, mewsick75!

I'm Nedklaw and I'll be glad to help you with your malware issues.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for mewsick75 only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:

• Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
• Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
• Be patient with me, logs can take some time to research and my life can mean that I'm busy.
• Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
• If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
• NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
• Refrain from running any other tools apart from the ones I tell you to.

Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


First, I have some questions for you:

• Could you elaborate on what you mean when nothing comes up? Can you see the Taskbar? Are all of your icons/shortcuts in the Start Menu or on your desktop?
• Can you access the internet in Safe Mode with Networking?
• Can you download tools and run them?

Things I want to see in your next reply

• Answers to my questions

[Nedklaw]

Hello, mewsick75!

I'm Nedklaw and I'll be glad to help you with your malware issues.

I am currently still in training and my posts have to be approved by an expert so please expect a delay between my posts.

These instructions are specifically designed for mewsick75 only. No one else should follow these instructions because it can cause serious damage to your computer.

Before we start to clean your computer of malware, please read through the following points to help me and you, and prevent damage to your computer:

• Please completely read through all of the instructions given to you before attempting to follow them. Reading too lightly will cause you to miss important steps, which could have DESTRUCTIVE effects. If you can't perform a certain step or you are unsure about what to do, let me know!
• Don't be afraid to ask questions! If you are unsure about anything, ask me! No question is considered stupid here!
• Be patient with me, logs can take some time to research and my life can mean that I'm busy.
• Please copy and paste all logs into your reply. Do not attach logs to a post unless I tell you to or if they don't fit in the post.
• If I instruct you to download a specific tool in which you already have, please delete the copy that you have and re-download the tool. The reason I ask you to do this is because these tools are updated fairly regularly.
• NEVER fix anything in OTL or other programs on your own! This can be very dangerous and cause harm to your system.
• Refrain from running any other tools apart from the ones I tell you to.

Note: You should save or print out my instructions for easy reference, as part of the fix may be in Safe Mode and you won't be able to access GeeksToGo.


First, I have some questions for you:

• Could you elaborate on what you mean when nothing comes up? Can you see the Taskbar? Are all of your icons/shortcuts in the Start Menu or on your desktop?
• Can you access the internet in Safe Mode with Networking?
• Can you download tools and run them?

Things I want to see in your next reply

• Answers to my questions

[mewsick75]

To answer your questions:

The screen does come up but its black and only some icons appear.
But when the screen does come up a get tons of pop-ups that say: Windows-Delayed Write Failed.
Then a System Check pops up and says there are errors.
I can not connect to the internet.

Is this a Hardware issue or malware trying to make me think it's a hardware issue?

Right now I have one computer I'm writing back and forth on and the one with the problem is not connected to the internet.

[Nedklaw]

Hi.
This does seem to be a malware issue.


On your clean computer:


Step 1

• Please download Panda USB Vaccine (you must provide valid e-mail and they will send you download link to this e-mail address) to your desktop.
• Install and run the program.
  
  • Double-click on the file USBVaccine.zip located on your desktop.
  • A file viewer will open. Double-click on the file USBVaccineSetup.exe. Please select Yes if you are asked if you want to allow the program to make changes to the computer.
  • Follow the steps on screen to install the program on your computer.
• Plug in your USB drive and click on Vaccinate USB and Vaccinate Computer.

Step 2

Download RogueKiller, OTL and aswMBR to your flash drive.


On your infected computer:


Step 3

• Quit all running programs.
• For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe.
• When prompted, type 6 and validate.
• The RKreport.txt shall be generated next to the executable.
• If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe.

Please post the contents of RKreport.txt in your next reply.


Step 4

• Double click on the OTL icon to run it. Make sure all other windows are closed to let it run uninterrupted.
  
  • Select Scan All Users.
  • Under the Custom Scan box paste this in:

  netsvcs
  %SYSTEMDRIVE%\*.exe
  /md5start
  explorer.exe
  winlogon.exe
  Userinit.exe
  svchost.exe
  /md5stop
  hklm\software\clients\startmenuinternet|command /rs
  hklm\software\clients\startmenuinternet|command /64 /rs
  C:\Windows\assembly\tmp\U\*.* /s
  %Temp%\smtmp\1\*.*
  %Temp%\smtmp\2\*.*
  %Temp%\smtmp\3\*.*
  %Temp%\smtmp\4\*.*
  CREATERESTOREPOINT

• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
• When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

Step 5

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.



On completion of the scan click save log, save it to your flash drive and post it in your next reply.



Things I want to see in your next reply

• RKreport.txt
• OTL.txt
• Extras.txt
• aswMBR.txt

[mewsick75]

RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo...13-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: Bruce [Admin rights]
Mode: Shortcuts HJfix -- Date : 01/16/2012 17:39:19

¤¤¤ Bad processes: 8 ¤¤¤
[SUSP PATH] dplayx.dll -- C:\Users\Bruce\AppData\Local\dplayx.dll -> UNLOADED
[SUSP PATH] 7174E.exe -- C:\Users\Bruce\AppData\Roaming\6EDB0\7174E.exe -> KILLED [TermProc]
[SUSP PATH] lvvm.exe -- C:\Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe -> KILLED [TermProc]
[SUSP PATH] jgnIDHkbQg.exe -- C:\ProgramData\jgnIDHkbQg.exe -> KILLED [TermProc]
[SUSP PATH] dplaysvr.exe -- C:\Users\Bruce\AppData\Local\dplaysvr.exe -> KILLED [TermProc]
[SUSP PATH] b107jUE5zkj3O4.exe -- C:\ProgramData\b107jUE5zkj3O4.exe -> KILLED [TermProc]
[SUSP PATH] 38A.exe -- C:\Users\Bruce\AppData\Roaming\Microsoft\0156\38A.exe -> KILLED [TermProc]
[SUSP PATH] 6CC2.tmp -- C:\Users\Bruce\AppData\Local\Temp\6CC2.tmp -> KILLED [TermProc]

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 5852 / Fail 0
Quick launch: Success 12 / Fail 0
Programs: Success 1174 / Fail 0
Start menu: Success 49 / Fail 0
User folder: Success 25144 / Fail 0
My documents: Success 1316 / Fail 0
My favorites: Success 503 / Fail 0
My pictures: Success 1890 / Fail 0
My music: Success 160 / Fail 0
My videos: Success 2 / Fail 0
Local drives: Success 156135 / Fail 0
Backup: [FOUND] Success 18 / Fail 3

Drives:
[C:] \Device\HarddiskVolume3 -- 0x3 --> Restored
[D:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[E:] -- 0x1 --> Skipped

¤¤¤ Infection : Rogue.FakeHDD ¤¤¤

Finished : << RKreport[1].txt >>
RKreport[1].txt



OTL logfile created on: 1/16/2012 5:44:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.14% Memory free
4.21 Gb Paging File | 2.63 Gb Available in Paging File | 62.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 68.57 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 2.38 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive E: | 29.80 Gb Total Space | 24.62 Gb Free Space | 82.61% Space Free | Partition Type: FAT32

Computer Name: BRUCE | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/11/20 14:17:49 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\RadioPI_4e\bar\1.bin\4ebarsvc.exe
PRC - [2011/11/20 14:17:49 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files\RadioPI_4e\bar\1.bin\4ebrmon.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/23 21:20:18 | 000,887,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/11 11:00:04 | 000,093,752 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
PRC - [2010/08/03 14:40:18 | 000,885,216 | ---- | M] () -- C:\Program Files\SelectRebates\SelectRebates.exe
PRC - [2010/02/10 08:19:09 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/02/28 23:18:02 | 000,017,920 | ---- | M] ( ) -- C:\DELL\E-Center\EULALauncher.exe
PRC - [2007/12/21 10:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 06:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/07 16:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/07 01:50:02 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 01:49:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 01:49:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/07 01:49:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/08/31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
PRC - [2007/03/29 07:15:54 | 000,435,696 | ---- | M] (Dell) -- C:\Program Files\Dell AIO Printer A960\dlbfmon.exe
PRC - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbfcoms.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/14 04:51:48 | 000,124,392 | --S- | M] () -- C:\Users\Bruce\AppData\Local\dplayx.dll
MOD - [2012/01/12 11:58:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 11:58:30 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012/01/11 09:07:32 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_327d25aa\mscorlib.dll
MOD - [2012/01/08 00:37:56 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/08 00:37:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/08 00:37:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0d34a2f81f5d945e604ff66c1e64fc72\System.Xml.ni.dll
MOD - [2012/01/08 00:37:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/07 10:46:17 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/07 10:46:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/08/03 14:40:18 | 000,885,216 | ---- | M] () -- C:\Program Files\SelectRebates\SelectRebates.exe
MOD - [2010/03/23 09:54:54 | 000,118,784 | ---- | M] () -- c:\Program Files\Common Files\aol\1272388487\ee\services\proxyprovider\ver1_0_0_1\proxyprovider.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/12/12 01:01:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/11/20 14:17:49 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\RadioPI_4e\bar\1.bin\4ebarsvc.exe -- (RadioPI_4eService)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/17 15:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/06/11 07:06:08 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/09 05:45:36 | 003,192,184 | ---- | M] (Symantec Corporation) [On_Demand | Stopped] -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE -- (LiveUpdate)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/08/31 10:49:50 | 000,243,064 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe -- (Automatic LiveUpdate Scheduler)
SRV - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbfcoms.exe -- (dlbf_device)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/03 18:00:34 | 000,079,052 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/07 01:49:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2000/06/15 20:54:02 | 000,206,368 | ---- | M] (Adaptec) [File_System | System | Stopped] -- C:\Windows\System32\drivers\udfreadr.sys -- (UdfReadr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox...aspx?tbid=80099
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://toolbar.inbox...id=80099&lng=en


IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://toolbar.inbox...tb_id&%language
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\URLSearchHook: {54d0da58-64e7-4408-be1f-72659f70fcbe} - No CLSID value found
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\URLSearchHook: {8bc67b0f-a721-45e0-a0b6-db0121b0aade} - No CLSID value found
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\URLSearchHook: {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:53172

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@RadioPI_4e.com/Plugin: C:\Program Files\RadioPI_4e\bar\1.bin\NP4eStub.dll (MindSpark)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/10 03:00:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4effxtbr@RadioPI_4e.com: C:\Program Files\RadioPI_4e\bar\1.bin [2011/11/20 14:17:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/16 13:07:46 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2006/09/18 16:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (Toolbar BHO) - {35fd2bab-ab2b-494f-b5bf-8755ec043784} - C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll (MindSpark)
O2 - BHO: (Search Assistant BHO) - {4adc9c1b-9c50-4c2d-a471-5c06d8de7e80} - C:\Program Files\RadioPI_4e\bar\1.bin\4eSrcAs.dll (MindSpark)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111220093216.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Inbox Toolbar) - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ShopAtHomeIEHelper Class) - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (RadioPI) - {92926b63-5116-4c6f-a33e-378767b8d15f} - C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (ShopAtHome Toolbar) - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (no name) - {54D0DA58-64E7-4408-BE1F-72659F70FCBE} - No CLSID value found.
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (RadioPI) - {92926B63-5116-4C6F-A33E-378767B8D15F} - C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll (MindSpark)
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (ShopAtHome Toolbar) - {98279C38-DE4B-4BCF-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll (ShopAtHome)
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..\Toolbar\WebBrowser: (&Inbox Toolbar) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe (Ascentive LLC)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell AIO Printer A960] "C:\Program Files\Dell AIO Printer A960\dlbfbmgr.exe" File not found
O4 - HKLM..\Run: [dlbfmon.exe] C:\Program Files\Dell AIO Printer A960\dlbfmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PC SpeedScan Pro] C:\Program Files\Ascentive\PC SpeedScan Pro\PCSpeedScan.exe -m File not found
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Performance Center] C:\Program Files\Ascentive\Performance Center\APCMain.exe (Ascentive)
O4 - HKLM..\Run: [RadioPI Search Scope Monitor] C:\Program Files\RadioPI_4e\bar\1.bin\4eSrchMn.exe (MindSpark)
O4 - HKLM..\Run: [RadioPI_4e Browser Plugin Loader] C:\Program Files\RadioPI_4e\bar\1.bin\4ebrmon.exe (VER_COMPANY_NAME)
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [SelectRebates] C:\Program Files\SelectRebates\SelectRebates.exe ()
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [{1E9E9511-68EF-2F72-E9BA-CDD6E421389E}] C:\Users\Bruce\AppData\Roaming\Lymeo\ypkaiku.exe ()
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [38A.exe] C:\Users\Bruce\AppData\Roaming\Microsoft\0156\38A.exe ()
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [chknet] C:\Users\Bruce\AppData\Roaming\chknet.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [confWITray] rundll32.exe "C:\Users\Bruce\AppData\Local\iTunesNetman\confWITray.dll",isaEventnt5 DirectapiPath File not found
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [dplaysvr] C:\Users\Bruce\AppData\Local\dplaysvr.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [nlskb] C:\ProgramData\nlskb.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [PopularScreensaversWallpaper] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\F3SCRCTR.DLL,LES File not found
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103470 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB5; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET CLR 1.1.4322)" -"file:///C:/Users/Bruce/AppData/Local/Temp/movie.htm" File not found
F3 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 WinNT: Load - (C:\Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe) -C:\Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: ancestry.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B4DF2DA-443E-471F-B2CA-AD5ED101BF32}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\inbox {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files\Inbox Toolbar\Inbox.dll (Inbox.com, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 Winlogon: Shell - (C:\Users\Bruce\AppData\Roaming\6EDB0\00001.exe) -C:\Users\Bruce\AppData\Roaming\6EDB0\00001.exe ()
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper: C:\Users\Bruce\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/01/16 17:16:10 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\install\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\readfile\command - "" = hh.exe readme.htm
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

File not found -- C:\ProgramData\~b107jUE5zkj3O4r
[2012/01/16 17:23:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\RK_Quarantine
[2012/01/16 17:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/01/16 17:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/01/16 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2012/01/16 16:50:43 | 000,109,544 | ---- | C] (Microsoft Corporation) -- C:\ProgramData\nlskb.exe
[2012/01/16 16:50:43 | 000,109,544 | ---- | C] (Microsoft Corporation) -- C:\Users\Bruce\AppData\Roaming\chknet.exe
[2012/01/16 13:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/01/15 17:29:58 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Bruce\Desktop\mbam-setup-1.51.1.1800.exe
[2012/01/15 12:04:48 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/15 12:04:04 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\Ogopve
[2012/01/15 12:04:04 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\Lymeo
[2012/01/15 10:42:29 | 000,000,000 | ---D | C] -- C:\Program Files\LP
[2012/01/15 10:33:08 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\B0B0A
[2012/01/15 10:32:48 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\Ifuqpef
[2012/01/15 10:32:48 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\Aho
[2012/01/15 10:32:27 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\6EDB0
[2012/01/15 10:32:16 | 000,114,664 | --S- | C] (Microsoft Corporation) -- C:\Users\Bruce\AppData\Local\dplaysvr.exe
[2012/01/06 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2012/01/06 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ancestry.com
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Family Tree Maker 2012
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
[2012/01/06 13:21:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012/01/06 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012/01/06 13:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2012/01/06 13:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
[2012/01/06 12:59:53 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\PackageAware
[2010/02/07 13:54:01 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbfusb1.dll
[2010/02/07 13:54:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbfpmui.dll
[2010/02/07 13:54:01 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbfinpa.dll
[2010/02/07 13:54:01 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbfiesc.dll
[2010/02/07 13:54:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbfserv.dll
[2010/02/07 13:54:00 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbfhbn3.dll
[2010/02/07 13:54:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbfcomc.dll
[2010/02/07 13:54:00 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbflmpm.dll
[2010/02/07 13:54:00 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbfcoms.exe
[2010/02/07 13:54:00 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbfih.exe
[2010/02/07 13:54:00 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbfprox.dll
[2010/02/07 13:54:00 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbfpplc.dll
[2010/02/07 13:53:59 | 000,352,256 | ---- | C] ( ) -- C:\Windows\System32\DLBFUTIL.DLL
[2010/02/07 13:53:59 | 000,069,632 | ---- | C] ( ) -- C:\Windows\System32\DLBFCU.DLL
[2010/02/07 13:53:58 | 000,086,016 | ---- | C] ( ) -- C:\Windows\System32\DLBFCUR.DLL
[2007/03/01 14:52:06 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbcih.exe
[2007/03/01 14:52:04 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbccoms.exe
[2007/03/01 14:52:04 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbccfg.exe
[2007/02/02 05:06:34 | 000,483,328 | ---- | C] ( ) -- C:\Windows\System32\dlbcjswr.dll
[2007/02/02 04:55:30 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbccu.dll
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbcpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbcserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbcpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbcprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbcinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlbcusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbchbn3.dll
[4 C:\Users\Bruce\Desktop\*.tmp files -> C:\Users\Bruce\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Users\Bruce\Documents\*.tmp files -> C:\Users\Bruce\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/16 17:52:15 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job
[2012/01/16 17:41:45 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/16 17:11:09 | 000,649,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/16 17:11:09 | 000,122,904 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/16 17:01:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/16 17:01:16 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/16 16:19:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/16 13:08:26 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/16 13:04:50 | 000,000,631 | ---- | M] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/01/16 13:01:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/16 13:01:06 | 2134,974,464 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 12:04:48 | 000,000,607 | ---- | M] () -- C:\Users\Bruce\Desktop\System Check.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:42:13 | 000,178,012 | ---- | M] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:42:07 | 000,396,541 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:34:32 | 000,124,578 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:32:35 | 000,152,978 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:30:09 | 000,105,497 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:16 | 000,663,069 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:18:10 | 000,681,268 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:15:58 | 000,301,667 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:13:50 | 000,466,938 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:11:36 | 000,367,633 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:09:47 | 000,441,669 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/14 04:51:48 | 000,124,392 | --S- | M] () -- C:\Users\Bruce\AppData\Local\dplayx.dll
[2012/01/13 13:22:32 | 000,729,860 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:19:42 | 000,677,879 | ---- | M] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:22 | 000,535,074 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:16:43 | 000,861,047 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:14:41 | 001,030,486 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:07:54 | 000,623,469 | ---- | M] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:03:05 | 000,787,387 | ---- | M] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | M] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:54:09 | 000,296,116 | ---- | M] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:26 | 000,656,606 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:36:22 | 000,611,841 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:02 | 000,398,812 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:39 | 000,419,259 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:31:40 | 000,288,070 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:56:14 | 000,229,379 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:55:23 | 000,403,524 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:52:21 | 000,234,021 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:49:25 | 000,444,851 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:44:41 | 000,312,906 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:50:26 | 032,715,779 | ---- | M] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:36 | 052,912,921 | ---- | M] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:53:52 | 000,178,034 | ---- | M] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:48:08 | 000,117,644 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:44:53 | 000,107,016 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:40:05 | 000,153,150 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:39:49 | 000,118,901 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:38:54 | 000,100,433 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:36:35 | 000,433,423 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:35:56 | 000,469,429 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:14 | 000,124,329 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:32:55 | 000,058,997 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:30:14 | 000,145,904 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:23:09 | 000,585,515 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:55 | 000,123,280 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 19:58:01 | 000,145,775 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:42:23 | 000,166,171 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 13:24:12 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/06 11:21:56 | 000,166,621 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:17:28 | 000,248,991 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:34 | 000,375,537 | ---- | M] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:50:19 | 000,428,247 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:38 | 000,630,416 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/30 01:07:44 | 239,774,814 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/28 01:14:53 | 000,015,964 | ---- | M] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:06:00 | 000,549,902 | ---- | M] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:12:31 | 000,161,064 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:08:59 | 000,157,638 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:07:04 | 000,186,291 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:58:59 | 000,376,185 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:52:18 | 000,457,368 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:50:38 | 000,494,112 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:44 | 000,401,831 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:44:23 | 000,846,555 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:42:09 | 000,047,923 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:40:18 | 000,118,451 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:35:45 | 000,060,059 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:59 | 000,123,346 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:25:31 | 000,073,984 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:22:17 | 000,124,929 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:20:00 | 000,396,692 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:13:49 | 000,547,625 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:11:08 | 000,811,326 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:08:38 | 000,271,269 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:02:06 | 000,354,947 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:57:00 | 000,389,024 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:51:01 | 000,275,127 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 22:27:11 | 000,091,006 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Van, Albert, Dorothy Beeching, Hester.jpg
[2011/12/27 22:03:11 | 000,627,300 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Memorial Park.jpg
[2011/12/27 21:56:58 | 000,072,967 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:55:04 | 000,080,123 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:52:23 | 000,377,676 | ---- | M] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:39 | 001,165,547 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:12 | 000,812,934 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:23 | 000,659,609 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:07:00 | 001,009,353 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:01:22 | 000,461,207 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:56 | 000,912,511 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:59 | 000,726,805 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:55:37 | 001,379,479 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:53:02 | 000,733,214 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:23 | 000,911,228 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:45 | 000,919,779 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:07 | 001,074,141 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:08 | 001,111,575 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:46 | 000,900,144 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:41:21 | 000,737,498 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:53 | 000,748,057 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:01 | 000,827,906 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:37:12 | 000,619,966 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:35:31 | 000,497,424 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:30 | 000,783,250 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:38 | 000,940,319 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:51:03 | 000,363,596 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:47:03 | 000,690,620 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:41:25 | 001,322,452 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:32 | 001,254,867 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:37:15 | 000,690,658 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:51 | 001,288,337 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:43 | 001,458,669 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:59 | 000,830,252 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:06:00 | 000,165,320 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 16:00:59 | 000,445,856 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:56:35 | 001,144,390 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:47:07 | 000,734,730 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | M] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:05 | 000,680,132 | ---- | M] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/26 17:02:20 | 000,771,072 | ---- | M] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2011/12/24 14:48:02 | 000,454,154 | ---- | M] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg
[2011/12/18 23:26:40 | 000,164,433 | ---- | M] () -- C:\Users\Bruce\Documents\Kolk family.jpg
[2011/12/18 22:18:13 | 000,116,756 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Bruce and Art Slepian 1966 Glassboro.jpg
[2011/12/18 22:13:50 | 000,026,451 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0038.jpg
[2011/12/18 22:10:46 | 000,029,193 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0037.jpg
[2011/12/18 22:08:36 | 000,190,487 | ---- | M] () -- C:\Users\Bruce\Documents\Kolk, Mary with Irene and Edward.jpg
[2011/12/18 22:06:59 | 000,176,435 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0034.jpg
[2011/12/18 22:03:53 | 000,044,186 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0035.jpg
[2011/12/18 22:00:55 | 000,133,675 | ---- | M] () -- C:\Users\Bruce\Documents\Adamus, family assorted.jpg
[2011/12/18 21:56:11 | 000,049,922 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0017.jpg
[2011/12/18 21:53:00 | 000,137,110 | ---- | M] () -- C:\Users\Bruce\Documents\Adamus, 1914 Rochester.jpg
[2011/12/18 21:47:37 | 000,060,384 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0030.jpg
[2011/12/18 21:45:02 | 000,103,243 | ---- | M] () -- C:\Users\Bruce\Documents\Adamus Kolk family.jpg
[2011/12/18 21:41:23 | 000,162,762 | ---- | M] () -- C:\Users\Bruce\Documents\Adamus, John wife Mary and sister Mary Kolk.jpg
[2011/12/18 21:28:46 | 000,207,477 | ---- | M] () -- C:\Users\Bruce\Documents\Adamus, Mary Kolk.jpg
[2011/12/18 21:25:54 | 000,109,880 | ---- | M] () -- C:\Users\Bruce\Documents\Kolk, Irene.jpg
[2011/12/18 21:13:31 | 000,157,288 | ---- | M] () -- C:\Users\Bruce\Documents\adamus, ray, Irene kolk eleanor.jpg
[2011/12/18 20:54:48 | 000,204,913 | ---- | M] () -- C:\Users\Bruce\Documents\AdamusKolk, Irene, Edward, Eleanor.jpg
[2011/12/18 20:49:56 | 000,191,794 | ---- | M] () -- C:\Users\Bruce\Documents\KolkAdamus family.jpg
[2011/12/18 20:46:51 | 000,154,358 | ---- | M] () -- C:\Users\Bruce\Documents\Kolk, Adamus, Mary.jpg
[4 C:\Users\Bruce\Desktop\*.tmp files -> C:\Users\Bruce\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[3 C:\Users\Bruce\Documents\*.tmp files -> C:\Users\Bruce\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/16 17:25:12 | 000,001,623 | ---- | C] () -- C:\Users\Public\Desktop\Internet Explorer.lnk
[2012/01/16 17:25:12 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/16 17:25:11 | 000,001,917 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/16 17:25:11 | 000,000,945 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2012/01/16 17:25:11 | 000,000,815 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Security Scan.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart PDF Creator.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2012/01/16 17:25:11 | 000,000,742 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2012/01/16 17:25:11 | 000,000,258 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/16 17:25:11 | 000,000,240 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/16 17:23:39 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/16 17:23:22 | 000,771,072 | ---- | C] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2012/01/16 13:04:50 | 000,000,631 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk
[2012/01/16 13:01:06 | 2134,974,464 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 12:04:48 | 000,000,607 | ---- | C] () -- C:\Users\Bruce\Desktop\System Check.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:48:16 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/15 10:40:39 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/15 10:32:17 | 000,124,392 | --S- | C] () -- C:\Users\Bruce\AppData\Local\dplayx.dll
[2012/01/14 12:37:15 | 000,396,541 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:33:09 | 000,124,578 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:31:16 | 000,152,978 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:28:17 | 000,105,497 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:57 | 000,178,012 | ---- | C] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:17:46 | 000,681,268 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:16:59 | 000,663,069 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:14:57 | 000,301,667 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:12:23 | 000,466,938 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:10:29 | 000,367,633 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:08:23 | 000,441,669 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:21:49 | 000,729,860 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:18:38 | 000,677,879 | ---- | C] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:21 | 000,535,074 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:15:43 | 000,861,047 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:13:43 | 001,030,486 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:06:27 | 000,623,469 | ---- | C] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:01:43 | 000,787,387 | ---- | C] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | C] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:38:53 | 000,296,116 | ---- | C] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:06 | 000,611,841 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:56 | 000,656,606 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:34:01 | 000,398,812 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:38 | 000,419,259 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:28:10 | 000,288,070 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:54:36 | 000,229,379 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:54:03 | 000,403,524 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:51:20 | 000,234,021 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:47:46 | 000,444,851 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:43:26 | 000,312,906 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:49:47 | 032,715,779 | ---- | C] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:25 | 052,912,921 | ---- | C] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:52:45 | 000,178,034 | ---- | C] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:47:30 | 000,117,644 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:43:11 | 000,107,016 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:39:10 | 000,153,150 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:38:53 | 000,118,901 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:37:22 | 000,100,433 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:34:12 | 000,469,429 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:12 | 000,433,423 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:32:53 | 000,124,329 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:31:34 | 000,058,997 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:23:06 | 000,145,904 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:21:01 | 000,585,515 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 23:16:25 | 000,123,280 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 19:56:35 | 000,145,775 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:40:36 | 000,166,171 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 11:20:17 | 000,166,621 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:16:07 | 000,248,991 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:33 | 000,375,537 | ---- | C] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:48:14 | 000,428,247 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:37 | 000,630,416 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/28 01:14:53 | 000,015,964 | ---- | C] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:05:26 | 000,549,902 | ---- | C] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:09:25 | 000,161,064 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:07:57 | 000,157,638 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:06:19 | 000,186,291 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:55:36 | 000,376,185 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:51:44 | 000,457,368 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:48:49 | 000,494,112 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:14 | 000,401,831 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:43:49 | 000,846,555 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:39:32 | 000,118,451 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:38:20 | 000,047,923 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:35:03 | 000,060,059 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:09 | 000,123,346 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:24:53 | 000,073,984 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:18:54 | 000,396,692 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:18:54 | 000,124,929 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:13:16 | 000,547,625 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:10:31 | 000,811,326 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:07:48 | 000,271,269 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:01:30 | 000,354,947 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:56:06 | 000,389,024 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:50:21 | 000,275,127 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 21:56:19 | 000,072,967 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:54:27 | 000,080,123 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:51:26 | 000,377,676 | ---- | C] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:38 | 001,165,547 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:11 | 000,812,934 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:22 | 000,659,609 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:06:28 | 001,009,353 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:00:39 | 000,461,207 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:55 | 000,912,511 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:58 | 000,726,805 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:54:42 | 001,379,479 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:52:27 | 000,733,214 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:22 | 000,911,228 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:44 | 000,919,779 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:06 | 001,074,141 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:07 | 001,111,575 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:45 | 000,900,144 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:40:45 | 000,737,498 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:52 | 000,748,057 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:00 | 000,827,906 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:36:10 | 000,619,966 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:34:28 | 000,497,424 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:29 | 000,783,250 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:37 | 000,940,319 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:49:45 | 000,363,596 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:42:21 | 000,690,620 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:40:35 | 001,322,452 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:31 | 001,254,867 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:36:37 | 000,690,658 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:21 | 001,288,337 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:14 | 001,458,669 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:25 | 000,830,252 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:04:51 | 000,165,320 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 15:57:55 | 000,445,856 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:53:06 | 001,144,390 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:46:21 | 000,734,730 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | C] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:04 | 000,680,132 | ---- | C] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/24 14:48:02 | 000,454,154 | ---- | C] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg
[2011/12/18 23:25:04 | 000,164,433 | ---- | C] () -- C:\Users\Bruce\Documents\Kolk family.jpg
[2011/12/18 22:17:09 | 000,116,756 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Bruce and Art Slepian 1966 Glassboro.jpg
[2011/12/18 22:13:16 | 000,026,451 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0038.jpg
[2011/12/18 22:10:15 | 000,029,193 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0037.jpg
[2011/12/18 22:07:52 | 000,190,487 | ---- | C] () -- C:\Users\Bruce\Documents\Kolk, Mary with Irene and Edward.jpg
[2011/12/18 22:06:58 | 000,176,435 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0034.jpg
[2011/12/18 22:03:22 | 000,044,186 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0035.jpg
[2011/12/18 22:00:00 | 000,133,675 | ---- | C] () -- C:\Users\Bruce\Documents\Adamus, family assorted.jpg
[2011/12/18 21:55:24 | 000,049,922 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0017.jpg
[2011/12/18 21:50:49 | 000,137,110 | ---- | C] () -- C:\Users\Bruce\Documents\Adamus, 1914 Rochester.jpg
[2011/12/18 21:47:03 | 000,060,384 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0030.jpg
[2011/12/18 21:43:04 | 000,103,243 | ---- | C] () -- C:\Users\Bruce\Documents\Adamus Kolk family.jpg
[2011/12/18 21:37:25 | 000,162,762 | ---- | C] () -- C:\Users\Bruce\Documents\Adamus, John wife Mary and sister Mary Kolk.jpg
[2011/12/18 21:28:02 | 000,207,477 | ---- | C] () -- C:\Users\Bruce\Documents\Adamus, Mary Kolk.jpg
[2011/12/18 21:22:49 | 000,109,880 | ---- | C] () -- C:\Users\Bruce\Documents\Kolk, Irene.jpg
[2011/12/18 21:02:29 | 000,157,288 | ---- | C] () -- C:\Users\Bruce\Documents\adamus, ray, Irene kolk eleanor.jpg
[2011/12/18 20:53:04 | 000,204,913 | ---- | C] () -- C:\Users\Bruce\Documents\AdamusKolk, Irene, Edward, Eleanor.jpg
[2011/12/18 20:46:45 | 000,191,794 | ---- | C] () -- C:\Users\Bruce\Documents\KolkAdamus family.jpg
[2011/12/18 20:35:29 | 000,154,358 | ---- | C] () -- C:\Users\Bruce\Documents\Kolk, Adamus, Mary.jpg
[2011/10/24 09:37:26 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbfinsb.dll
[2011/08/09 00:25:43 | 000,002,194 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011/08/08 01:19:58 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/07/29 14:09:29 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2010/07/29 14:09:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLBFLCNP.DLL
[2010/04/27 12:12:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/07 13:54:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbfcnv4.dll
[2010/02/07 13:54:01 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbfvs.dll
[2010/02/07 13:53:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dlbfcoin.dll
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/24 10:04:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 10:04:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 23:41:55 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2009/09/11 23:35:36 | 000,223,232 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009/09/11 23:35:35 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SQLiteWrapper.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/07 22:14:21 | 000,001,340 | ---- | C] () -- C:\Users\Bruce\AppData\Roaming\wklnhst.dat
[2008/08/27 08:00:35 | 000,000,801 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/07/26 07:49:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/19 06:59:43 | 000,030,208 | -H-- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/16 08:05:19 | 000,005,972 | ---- | C] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2008/07/14 15:26:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/11 09:32:12 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/06/11 09:32:12 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/06/11 09:32:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/06/11 09:32:12 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/06/11 09:32:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/06/11 09:32:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/06/11 06:53:57 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/06/11 06:53:56 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/02/03 18:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/02/02 05:06:10 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbccur.dll
[2007/02/02 04:55:10 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbcutil.dll
[2007/01/22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbccoin.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,988,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,649,426 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,904 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/05 12:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbcvs.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/09/20 02:32:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dlbfcinf.dll
[2003/09/20 02:32:34 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbfscin.dll
[2003/07/09 12:34:56 | 000,000,177 | ---- | C] () -- C:\Windows\System32\dlbfcoin.ini

========== LOP Check ==========

[2012/01/15 17:32:36 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\6EDB0
[2012/01/15 10:32:48 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Aho
[2012/01/15 10:33:32 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\B0B0A
[2010/03/31 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\DriverCure
[2012/01/06 19:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2012/01/15 10:32:48 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Ifuqpef
[2012/01/15 12:04:04 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Lymeo
[2010/08/20 20:46:28 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\MyHeritage
[2012/01/16 17:41:05 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Ogopve
[2010/02/26 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Smart PDF Creator
[2010/09/11 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\TeamViewer
[2010/05/06 20:52:15 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Template
[2010/08/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011/11/22 19:21:15 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\BackUpDutyLite.job
[2011/12/11 12:46:15 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job
[2010/10/02 03:45:18 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010/03/03 22:02:01 | 000,000,654 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010/10/26 17:00:01 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/10/27 01:25:18 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/12/07 02:25:01 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2011/11/22 19:21:15 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/01/15 12:10:49 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/16 17:52:15 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2008/10/29 01:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008/10/29 01:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008/10/29 22:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008/10/27 21:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008/01/20 21:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: SVCHOST.EXE >
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\System32\svchost.exe
[2008/01/20 21:23:43 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=3794B461C45882E06856F282EEF025AF -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe

< MD5 for: USERINIT.EXE >
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008/01/20 21:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009/04/11 01:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008/01/20 21:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -rb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -hb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -sb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.5\aol.exe [2010/03/23 09:54:46 | 000,029,520 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/03 01:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/11/03 01:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -rb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -hb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AOL9~1.5\accdef.exe -sb [2010/03/23 09:54:45 | 000,016,720 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AOL9~1.5\aol.exe [2010/03/23 09:54:46 | 000,029,520 | ---- | M] (AOL Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --show-icons [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --hide-icons [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Program Files\Google\Chrome\Application\chrome.exe" [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\system32\ie4uinit.exe" -hide [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\system32\ie4uinit.exe" -show [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\system32\ie4uinit.exe" -reinstall [2011/11/02 23:45:23 | 000,174,080 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/11/03 01:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/11/03 01:23:19 | 000,638,240 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >
[2010/04/27 12:18:11 | 000,000,742 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\AOL 9.5.lnk
[2009/10/09 21:31:56 | 000,000,286 | -HS- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\desktop.ini
[2011/08/30 09:06:55 | 000,001,917 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Google Chrome.lnk
[2009/10/09 21:31:56 | 000,000,945 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Launch Internet Explorer Browser.lnk
[2011/02/11 10:31:03 | 000,000,940 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Launch Microsoft Outlook.lnk
[2010/09/12 23:44:06 | 000,000,804 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Malwarebytes' Anti-Malware.lnk
[2010/03/27 22:21:40 | 000,000,815 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\McAfee Security Scan.lnk
[2008/01/20 21:42:47 | 000,000,258 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Shows Desktop.lnk
[2010/10/24 18:56:05 | 000,000,804 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Smart PDF Creator.lnk
[2012/01/15 12:04:48 | 000,000,631 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\System Check.lnk
[2008/01/20 21:42:47 | 000,000,240 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Window Switcher.lnk
[2008/07/16 07:49:00 | 000,000,940 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Windows Media Player.lnk

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >
[2008/01/20 21:43:21 | 000,000,174 | -HS- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\4\desktop.ini
[2012/01/06 13:24:12 | 000,000,865 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\4\Family Tree Maker 2012.lnk
[2008/06/11 06:43:16 | 000,001,623 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\4\Internet Explorer.lnk
[2010/09/12 23:44:06 | 000,000,780 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\4\Malwarebytes' Anti-Malware.lnk
[2012/01/14 15:40:29 | 000,001,697 | ---- | M] () -- C:\Users\Bruce\AppData\Local\Temp\smtmp\4\McAfee Total Protection.lnk

========== Alternate Data Streams ==========

@Alternate Data Stream - 64 bytes -> C:\Users\Bruce\Desktop\Tom.MPG:TOC.WMV

< End of report >



OTL Extras logfile created on: 1/16/2012 5:44:01 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.14% Memory free
4.21 Gb Paging File | 2.63 Gb Available in Paging File | 62.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 68.57 Gb Free Space | 50.14% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 2.38 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive E: | 29.80 Gb Total Space | 24.62 Gb Free Space | 82.61% Space Free | Partition Type: FAT32

Computer Name: BRUCE | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0CDABB18-59B2-4C0A-B205-C25206FC37AD}" = lport=137 | protocol=17 | dir=in | app=system |
"{1CD80776-6692-4C70-B6C1-D884EB54C167}" = lport=138 | protocol=17 | dir=in | app=system |
"{1D8BD1AC-AD66-4C53-B828-F04316AA4C72}" = lport=445 | protocol=6 | dir=in | app=system |
"{2AA6D623-91A5-4620-B416-2413F7079695}" = lport=139 | protocol=6 | dir=in | app=system |
"{59FE7F44-4A86-40FB-B439-732597A29A38}" = rport=445 | protocol=6 | dir=out | app=system |
"{7959383E-B3D5-4635-9641-E32C2484247D}" = rport=137 | protocol=17 | dir=out | app=system |
"{8536CEC0-3E1E-4C2F-80C2-6595C5107B6B}" = rport=139 | protocol=6 | dir=out | app=system |
"{B5373234-E416-4D40-AD67-E0A79A23409A}" = rport=138 | protocol=17 | dir=out | app=system |
"{E71FE77D-EDCA-406F-B2CD-4005AB76CB58}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F66E3559-3A46-41F6-9B8F-D3193E9B4A98}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01FA6FF0-B689-48A9-9626-6C4419E1ECC1}" = protocol=58 | dir=out | [email protected],-28546 |
"{0446FD42-116C-4404-B899-920685FAC203}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{0CBD8F3A-F584-44A8-9DAD-C5F5BE28B91C}" = dir=in | app=c:\program files\dell\mediadirect\mediadirect.exe |
"{1599B3FF-0E75-41E6-8C8B-46772676C183}" = protocol=6 | dir=in | app=c:\windows\system32\dlbfcoms.exe |
"{18DEFE19-6246-4E87-A7FC-DBBC58D2BA1C}" = dir=in | app=c:\program files\common files\mcafee\mna\mcnasvc.exe |
"{1AE57C42-5700-4A1E-8EFF-FE7B7594CA59}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{1B98089A-1AA5-41A0-AC3A-E07BFD2D6981}" = protocol=17 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{1C493FFC-0E18-409A-B443-F7831697D511}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{2D428C1B-9214-4023-ADB7-6E8592CC3E5F}" = protocol=6 | dir=in | app=c:\program files\common files\aol\1272388487\ee\aolsoftware.exe |
"{3FAD4B7B-2CD8-48D4-B749-921A28AB005F}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbfpswx.exe |
"{44A596C5-0555-4E3B-8E73-2C12E18C8338}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aolacsd.exe |
"{467371C0-6F47-4B1E-8E63-7EEAF332A3F7}" = protocol=6 | dir=in | app=c:\program files\dell aio printer a960\dlbfaiox.exe |
"{4B7FC888-D3B7-4968-A33A-B383F2294F6F}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dmp\clbrowserengine.exe |
"{4CF7B402-24AF-49D4-AFD1-AFCAFF2A31B9}" = protocol=6 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{4E7CC48A-A87F-4C3D-B641-B864145C80EA}" = protocol=17 | dir=in | app=c:\program files\dell aio printer a960\dlbfaiox.exe |
"{54898C51-1C25-43AE-A9B6-6E16A42CD031}" = protocol=17 | dir=in | app=c:\program files\common files\aol\acs\aoldial.exe |
"{5603DF8D-C558-4A00-8AA9-850A2AB1E3B0}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5A1AD15E-B06C-46E8-8B50-51F30FBC541B}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{5D6AB35A-E578-44CC-83CA-483107AB8952}" = protocol=17 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{5E67C0AB-A3D2-4C58-81A4-18C72B7C5B07}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{65CA8D6C-AE30-4490-8F5A-C645F2231423}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{680F5E66-E397-4C3D-B273-8F2B85E8CDEA}" = protocol=17 | dir=in | app=c:\program files\common files\aol\1272388487\ee\aolsoftware.exe |
"{6F594536-C869-4B29-BD31-5FFFD1BD760A}" = dir=in | app=c:\program files\dell\mediadirect\kernel\dms\clmsservice.exe |
"{70F5C273-7132-4FF0-9EFE-0C059CF50686}" = protocol=17 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{7609286B-5BB0-47AC-AE7E-77CCDB97E01D}" = protocol=17 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{8AE3D2ED-864E-4DFE-B715-0A4708122484}" = protocol=58 | dir=in | [email protected],-28545 |
"{8F545FA9-B5A8-421D-A5A1-239075466ECD}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\w32x86\3\dlbfpswx.exe |
"{92C7F392-CB26-4119-ABDB-BC647086009C}" = protocol=6 | dir=in | app=c:\program files\dell aio printer a960\dlbfmon.exe |
"{99C50526-1E6A-4740-B484-C1F926527D39}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{AB827157-D5EF-40DE-8E8F-81B5E2EDA952}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{AB94F5E2-742C-4400-9D5F-C4EF84FC20AF}" = protocol=1 | dir=out | [email protected],-28544 |
"{AF1C3A6A-7619-414C-854A-E42D111E8C38}" = protocol=17 | dir=in | app=c:\windows\system32\dlbfcoms.exe |
"{BA4515CE-C6DC-4764-83AE-DC0B2D4BEB16}" = protocol=6 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{C6B626EA-0B23-41B3-8BD1-E697FA735555}" = protocol=6 | dir=in | app=c:\windows\system32\dlbccoms.exe |
"{CCA7FD84-31EF-4133-A2B7-6B399C6D542E}" = dir=in | app=c:\program files\dell\mediadirect\pcmservice.exe |
"{CDFE9FE3-9342-41B0-B0A9-572C16F15D9C}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{CEEFB60B-0E4C-40CE-8449-87BBADA1F8F3}" = protocol=6 | dir=in | app=c:\program files\common files\aol\system information\sinf.exe |
"{D7ED94B2-9961-4E62-BF66-388C8D9222E0}" = protocol=6 | dir=in | app=c:\program files\common files\aol\loader\aolload.exe |
"{E05DEFFB-F5C3-4647-A144-B1B9854A5477}" = protocol=6 | dir=in | app=c:\program files\common files\aol\topspeed\3.0\aoltpsd3.exe |
"{E2A807DC-2C72-449A-9AB0-AB5C2F248083}" = protocol=1 | dir=in | [email protected],-28543 |
"{E49189F0-DF66-4A7C-A9BF-85F5462141F0}" = protocol=17 | dir=in | app=c:\program files\dell aio printer a960\dlbfmon.exe |
"{F25FFBA6-5B94-4687-85B6-05D7C0058D97}" = protocol=17 | dir=in | app=c:\program files\aol 9.5\waol.exe |
"{FDC5D271-573F-4366-9605-61D073FFF4E9}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"TCP Query User{759BD6D2-45B9-43D6-B819-01879D54892A}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{876E849A-F201-419B-9274-D219C0522202}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{130E5108-547F-4482-91EE-F45C784E08C7}" = HP Officejet 6500 E710n-z Help
"{13F2D4A5-E141-4BBF-898F-E36293348540}" = PC SpeedScan Pro
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CB0993B-1CD4-4A18-9C85-9732AFD9843F}" = Family Tree Maker 2012
"{1E0D8F69-A6AB-4934-9B2D-159D9F97BA4A}" = ParetoLogic DriverCure
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java™ 6 Update 20
"{2CE5A2E7-3437-4CE7-BCF4-85ED6EEFF9E4}" = iTunes
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E5386F5-C0F6-4532-A54A-374865AEAB71}" = Cisco PEAP Module
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5AC7DE29-F09A-490B-B145-C94F26D73CC3}" = ActiveSpeed
"{600AB648-F79B-41EC-B426-A49A7DB121EA}" = HP Officejet 6500 E710n-z Basic Device Software
"{612AD33D-9824-4E87-8396-92374E91C4BB}_is1" = Inbox Toolbar
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6B7B6D4D-8F9B-4CB3-8CA4-BCA9CC4C1A22}" = EDocs
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76F9CF97-FC4B-4E20-B363-D127C888448F}" = Cisco LEAP Module
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}" = Microsoft VC9 runtime libraries
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{7DCA3763-701D-45DD-8F6B-A8C3206C0289}" = ActiveSpeed
"{80F24F31-F641-4349-83F3-59E335976D16}" = PC SpeedScan Pro
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89CEAE14-DD0F-448E-9554-15781EC9DB24}" = Product Documentation Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}" = Driver Whiz
"{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}" = OutlookAddinSetup
"{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}" = MediaDirect
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B0E3EEE7-DFB7-4277-9F9B-1CB71CFF3B06}" = The Print Shop 21
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B7F98125-4955-41E3-8A71-4CE11CE9C198}" = KODAK Gallery Upload Software
"{BF53252E-4AB2-4C7F-A0FD-6100755745E3}" = Cisco EAP-FAST Module
"{C4972073-2BFE-475D-8441-564EA97DA161}" = QuickSet
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}" = Apple Mobile Device Support
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D7769185-9A7C-48D4-8874-5388743A1DE2}" = Music, Photos & Videos Launcher
"{DAC27085-280B-46C0-A145-D4C7DB8AC785}" = Driver Inspector
"{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}" = Apple Application Support
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{E80F62FF-5D3C-4A19-8409-9721F2928206}" = LiveUpdate (Symantec Corporation)
"{EDEA8AB7-7683-4ED2-AA19-E6C078064C0D}" = Microsoft WSE 3.0
"{F3AB5277-869F-4CD6-8397-6E7A0B448A28}" = Marketsplash Print Software
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem Diagnostic Tool
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Shortcuts
"{FF1C31AE-0CDC-40CE-AB85-406F8B70D643}" = Bonjour
"Able2Extract v6.0" = Able2Extract v6.0
"Adaptec UDF Reader" = Adaptec UDF Reader
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11
"AOL Emergency Connect Utility 1.0" = Uninstall AOL Emergency Connect Utility 1.0
"AOL Uninstaller" = AOL Uninstaller (Choose which Products to Remove)
"BackUpDutyLite" = BackUpDutyLite
"Broadcom 802.11b Network Adapter" = Dell Wireless WLAN Card
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F" = Conexant HDA D330 MDC V.92 Modem
"Dell AIO Printer A960" = Dell AIO Printer A960
"Family Tree Maker 2012" = Family Tree Maker 2012
"Google Chrome" = Google Chrome
"GoToAssist" = GoToAssist 8.0.0.514
"HDMI" = Intel® Graphics Media Accelerator Driver
"Jetcast" = Jetcast 3.0.2
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"MSC" = McAfee Total Protection
"PsuedoLiveUpdate" = LiveUpdate (Symantec Corporation)
"RadioPI_4ebar Uninstall" = RadioPI
"RegWork" = RegWork
"SelectRebatesUninstall" = ShopAtHome SelectRebates
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebPost" = Microsoft Web Publishing Wizard 1.52
"Windows Media Encoder 9" = Windows Media Encoder 9 Series

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 1/15/2012 1:01:37 PM | Computer Name = Bruce | Source = WinMgmt | ID = 10
Description =

Error - 1/15/2012 1:04:32 PM | Computer Name = Bruce | Source = ESENT | ID = 488
Description = WinMail (4548) WindowsMail0: An attempt to create the file "C:\Users\Bruce\AppData\Local\Microsoft\Windows
Mail\WindowsMail.pat" failed with system error 5 (0x00000005): "Access is denied.
". The create file operation will fail with error -1032 (0xfffffbf8).

Error - 1/15/2012 1:04:32 PM | Computer Name = Bruce | Source = ESENT | ID = 217
Description = WinMail (4548) WindowsMail0: Error (-1032) during backup of a database
(file C:\Users\Bruce\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore).
The database will be unable to restore.

Error - 1/15/2012 1:04:32 PM | Computer Name = Bruce | Source = ESENT | ID = 215
Description = WinMail (4548) WindowsMail0: The backup has been stopped because it
was halted by the client or the connection with the client failed.

Error - 1/15/2012 1:13:21 PM | Computer Name = Bruce | Source = WinMgmt | ID = 10
Description =

Error - 1/15/2012 6:28:18 PM | Computer Name = Bruce | Source = EventSystem | ID = 4609
Description =

Error - 1/15/2012 6:28:40 PM | Computer Name = Bruce | Source = WinMgmt | ID = 10
Description =

Error - 1/15/2012 6:32:38 PM | Computer Name = Bruce | Source = EventSystem | ID = 4609
Description =

Error - 1/15/2012 6:33:20 PM | Computer Name = Bruce | Source = WinMgmt | ID = 10
Description =

Error - 1/16/2012 2:02:51 PM | Computer Name = Bruce | Source = WinMgmt | ID = 10
Description =

[ Broadcom Wireless LAN Events ]
Error - 1/8/2012 3:04:37 AM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 02:04:37, Sun, Jan 08, 12 Error - Unable to gain access to user store


Error - 1/10/2012 1:59:08 AM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 00:59:08, Tue, Jan 10, 12 Error - Unable to gain access to user store


Error - 1/10/2012 2:03:06 AM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 01:03:06, Tue, Jan 10, 12 Error - Unable to gain access to user store


Error - 1/10/2012 6:59:39 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 17:59:39, Tue, Jan 10, 12 Error - Unable to gain access to user store


Error - 1/12/2012 7:22:14 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 18:22:13, Thu, Jan 12, 12 Error - Unable to gain access to user store


Error - 1/12/2012 8:31:11 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 19:31:11, Thu, Jan 12, 12 Error - Unable to gain access to user store


Error - 1/13/2012 6:24:25 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 17:24:24, Fri, Jan 13, 12 Error - Unable to gain access to user store


Error - 1/13/2012 7:55:46 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 18:55:45, Fri, Jan 13, 12 Error - Unable to gain access to user store


Error - 1/13/2012 7:59:43 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 18:59:43, Fri, Jan 13, 12 Error - Unable to gain access to user store


Error - 1/13/2012 9:04:26 PM | Computer Name = Bruce | Source = WLAN-Tray | ID = 0
Description = 20:04:26, Fri, Jan 13, 12 Error - Unable to gain access to user store


[ Media Center Events ]
Error - 1/12/2010 12:46:35 AM | Computer Name = Laptopbr | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ System Events ]
Error - 2/1/2009 5:50:48 PM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/1/2009 5:50:48 PM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:09:34 AM | Computer Name = Home | Source = HTTP | ID = 15016
Description =

Error - 2/2/2009 12:09:48 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:05 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:10 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:13 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:14 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:14 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =

Error - 2/2/2009 12:10:14 AM | Computer Name = Home | Source = Service Control Manager | ID = 7000
Description =


< End of report >



aswMBR version 0.9.9.1120 Copyright© 2011 AVAST Software
Run date: 2012-01-16 18:45:01
-----------------------------
18:45:01.673 OS Version: Windows 6.0.6002 Service Pack 2
18:45:01.674 Number of processors: 2 586 0xF0D
18:45:01.676 ComputerName: BRUCE UserName: Bruce
18:45:02.488 Initialize success
18:45:32.283 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
18:45:32.283 Disk 0 Vendor: ST916082 3.AD Size: 152627MB BusType: 3
18:45:32.346 Disk 0 MBR read successfully
18:45:32.346 Disk 0 MBR scan
18:45:32.346 Disk 0 Windows VISTA default MBR code
18:45:32.361 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
18:45:32.361 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10000 MB offset 81920
18:45:32.392 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 140026 MB offset 20561920
18:45:32.392 Disk 0 Partition - 00 0F Extended LBA 2559 MB offset 307337216
18:45:32.470 Disk 0 Partition 4 00 DD MSDOS5.0 2558 MB offset 307339264
18:45:32.502 Disk 0 scanning sectors +312578048
18:45:32.595 Disk 0 scanning C:\Windows\system32\drivers
18:45:41.784 Service scanning
18:45:43.671 Modules scanning
18:45:54.622 Disk 0 trace - called modules:
18:45:54.669 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
18:45:54.669 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86a6a7e8]
18:45:54.669 3 CLASSPNP.SYS[889a28b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85a06030]
18:45:54.685 Scan finished successfully
18:46:50.855 Disk 0 MBR has been saved successfully to "E:\2012-01-16\MBR.dat"
18:46:50.886 The log file has been saved successfully to "E:\2012-01-16\aswMBR.txt"

[Nedklaw]

Hi.


On your clean computer:


Step 1

Save this file to your flash drive:  fix.txt   9.44KB   150 downloads


On your infected computer:


Step 2

Please uninstall the following programs via Control Panel > Add/Remove Programs (if present):

• Ask Toolbar
• Inbox Toolbar
• LiveUpdate (Symantec Corporation)
• PC SpeedScan Pro
• RadioPI
• ShopAtHome SelectRebates
• Viewpoint Media Player

Viewpoint is considered as foistware instead of malware since it is installed without user's approval but doesn't spy or do anything "bad". I recommend you uninstall your Viewpoint product but it is your choice.
This may change, read Viewpoint to Plunge Into Adware.


Step 3

• Transfer fix.txt to your desktop.
• Run OTL.
• Drag and drop fix.txt into the Custom Scans and Fixes box.
• If you cannot drag and drop for some reason then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your desktop.
• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log that appears upon reboot in your next reply.
• Open OTL again and check the "Scan All Users" box.
• Click the Quick Scan button. Post the log it produces in your next reply.

Things I want to see in your next reply

• OTL Fix Log
• OTL.txt

[mewsick75]

========== OTL ==========
Error: No service named RadioPI_4eService was found to stop!
Service\Driver key RadioPI_4eService not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\4ebarsvc.exe not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\CustomizeSearch| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{54d0da58-64e7-4408-be1f-72659f70fcbe} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54d0da58-64e7-4408-be1f-72659f70fcbe}\ not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{8bc67b0f-a721-45e0-a0b6-db0121b0aade} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8bc67b0f-a721-45e0-a0b6-db0121b0aade}\ not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@RadioPI_4e.com/Plugin\ not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\NP4eStub.dll not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin not found.
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\4effxtbr@RadioPI_4e.com: C:\Program Files\RadioPI_4e\bar\1.bin not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{35fd2bab-ab2b-494f-b5bf-8755ec043784}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35fd2bab-ab2b-494f-b5bf-8755ec043784}\ not found.
C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4adc9c1b-9c50-4c2d-a471-5c06d8de7e80}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4adc9c1b-9c50-4c2d-a471-5c06d8de7e80}\ not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\4eSrcAs.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}\ not found.
File C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{92926b63-5116-4c6f-a33e-378767b8d15f} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92926b63-5116-4c6f-a33e-378767b8d15f}\ not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98279C38-DE4B-4bcf-93C9-8EC26069D6F4} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4bcf-93C9-8EC26069D6F4}\ not found.
File C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}\ not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{54D0DA58-64E7-4408-BE1F-72659F70FCBE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54D0DA58-64E7-4408-BE1F-72659F70FCBE}\ not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{92926B63-5116-4C6F-A33E-378767B8D15F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{92926B63-5116-4C6F-A33E-378767B8D15F}\ not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\4ebar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}\ not found.
File C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Program Files\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater not found.
File C:\Program Files\Ask.com\Updater\Updater.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\PC SpeedScan Pro not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Performance Center deleted successfully.
C:\Program Files\Ascentive\Performance Center\ApcMain.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RadioPI Search Scope Monitor not found.
File C:\Program Files\RadioPI_4e\bar\1.bin\4eSrchMn.exe not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\RadioPI_4e Browser Plugin Loader not found.
C:\Program Files\RadioPI_4e\bar\1.bin\4ebrmon.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SelectRebates not found.
File C:\Program Files\SelectRebates\SelectRebates.exe not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1E9E9511-68EF-2F72-E9BA-CDD6E421389E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E9E9511-68EF-2F72-E9BA-CDD6E421389E}\ not found.
C:\Users\Bruce\AppData\Roaming\Lymeo\ypkaiku.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\38A.exe deleted successfully.
C:\Users\Bruce\AppData\Roaming\Microsoft\0156\38A.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\chknet deleted successfully.
C:\Users\Bruce\AppData\Roaming\chknet.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\dplaysvr deleted successfully.
C:\Users\Bruce\AppData\Local\dplaysvr.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\nlskb deleted successfully.
C:\ProgramData\nlskb.exe moved successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\PopularScreensaversWallpaper deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Shockwave Updater deleted successfully.
File \Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe) -C:\Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe deleted successfully.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\inbox\ not found.
File C:\Program Files\Inbox Toolbar\Inbox.dll not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Bruce\AppData\Roaming\6EDB0\00001.exe deleted successfully.
File \Users\Bruce\AppData\Roaming\6EDB0\00001.exe) -C:\Users\Bruce\AppData\Roaming\6EDB0\00001.exe not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\\WallPaper deleted successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\ScreenSaver\Images\f3wallpp.bmp moved successfully.
C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Ogopve folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Lymeo folder moved successfully.
C:\Program Files\LP\4E76 folder moved successfully.
C:\Program Files\LP\3EB6 folder moved successfully.
C:\Program Files\LP\1EB6 folder moved successfully.
C:\Program Files\LP folder moved successfully.
C:\Users\Bruce\AppData\Roaming\B0B0A folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Ifuqpef folder moved successfully.
C:\Users\Bruce\AppData\Roaming\Aho folder moved successfully.
C:\Users\Bruce\AppData\Roaming\6EDB0 folder moved successfully.
C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\System Check.lnk moved successfully.
C:\Users\Bruce\Desktop\System Check.lnk moved successfully.
C:\Users\Bruce\AppData\Local\dplayx.dll moved successfully.
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\System Check.lnk moved successfully.
C:\Users\Bruce\Desktop\~WRL1956.tmp deleted successfully.
C:\Users\Bruce\Desktop\~WRL2544.tmp deleted successfully.
C:\Users\Bruce\Desktop\~WRL3123.tmp deleted successfully.
C:\Users\Bruce\Desktop\~WRL3399.tmp deleted successfully.
C:\Windows\isRS-000.tmp deleted successfully.
C:\Windows\msdownld.tmp folder deleted successfully.
C:\Users\Bruce\Documents\~WRL0961.tmp deleted successfully.
C:\Users\Bruce\Documents\~WRL1919.tmp deleted successfully.
C:\Users\Bruce\Documents\~WRL3546.tmp deleted successfully.
ADS C:\Users\Bruce\Desktop\Tom.MPG:TOC.WMV deleted successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus\\DisableMonitoring deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall\\DisableMonitoring deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile\\"EnableFirewall"|"1" /E : value set successfully!
========== FILES ==========
File\Folder C:\Program Files\MyWebSearch not found.
C:\Users\Bruce\AppData\Roaming\Microsoft\0156 folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\Shared\Cache folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\Shared folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\ScreenSaver\Images folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\ScreenSaver\Cache folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\ScreenSaver folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\Installr\Cache folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts\Installr folder moved successfully.
C:\Users\Bruce\AppData\LocalLow\FunWebProducts folder moved successfully.
File\Folder C:\ProgramData\jgnIDHkbQg.exe not found.
File\Folder C:\ProgramData\b107jUE5zkj3O4.exe not found.
C:\Users\Bruce\AppData\Local\Temp\6CC2.tmp moved successfully.
< xcopy %Temp%\smtmp\2 "%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch" /H /I /S /Y /C >
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\AOL 9.5.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\desktop.ini
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Google Chrome.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Launch Internet Explorer Browser.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Launch Microsoft Outlook.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Malwarebytes' Anti-Malware.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\McAfee Security Scan.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Shows Desktop.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Smart PDF Creator.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Window Switcher.lnk
C:\Users\Bruce\AppData\Local\Temp\smtmp\2\Windows Media Player.lnk
11 File(s) copied
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
< xcopy %Temp%\smtmp\4 "%AllUsersProfile%\Desktop" /H /I /S /Y /C >
0 File(s) copied
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


OTL by OldTimer - Version 3.2.31.0 log created on 01182012_165114



OTL logfile created on: 1/18/2012 6:25:00 PM - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.96 Gb Available Physical Memory | 48.14% Memory free
4.21 Gb Paging File | 2.81 Gb Available in Paging File | 66.76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 68.09 Gb Free Space | 49.80% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 2.38 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive E: | 29.80 Gb Total Space | 24.62 Gb Free Space | 82.60% Space Free | Partition Type: FAT32

Computer Name: BRUCE | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/03/17 15:38:48 | 000,308,128 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\VirusScan\McVsShld.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/12/15 22:46:06 | 000,151,056 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\Core\mchost.exe
PRC - [2010/10/11 11:00:04 | 000,093,752 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
PRC - [2010/02/10 08:19:09 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/21 10:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 06:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/07 16:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/07 01:50:02 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 01:49:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 01:49:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/07 01:49:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/03/29 07:15:54 | 000,435,696 | ---- | M] (Dell) -- C:\Program Files\Dell AIO Printer A960\dlbfmon.exe
PRC - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbfcoms.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/12 11:58:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 11:58:30 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012/01/08 00:37:56 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/08 00:37:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/08 00:37:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0d34a2f81f5d945e604ff66c1e64fc72\System.Xml.ni.dll
MOD - [2012/01/08 00:37:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/07 10:46:17 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/07 10:46:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010/03/23 09:54:54 | 000,118,784 | ---- | M] () -- c:\Program Files\Common Files\aol\1272388487\ee\services\proxyprovider\ver1_0_0_1\proxyprovider.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/12/12 01:01:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/17 15:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/06/11 07:06:08 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbfcoms.exe -- (dlbf_device)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/03 18:00:34 | 000,079,052 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/07 01:49:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2000/06/15 20:54:02 | 000,206,368 | ---- | M] (Adaptec) [File_System | System | Stopped] -- C:\Windows\System32\drivers\udfreadr.sys -- (UdfReadr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/10 03:00:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/18 16:58:11 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/01/18 16:51:28 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111220093216.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe (Ascentive LLC)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell AIO Printer A960] "C:\Program Files\Dell AIO Printer A960\dlbfbmgr.exe" File not found
O4 - HKLM..\Run: [dlbfmon.exe] C:\Program Files\Dell AIO Printer A960\dlbfmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [{1E9E9511-68EF-2F72-E9BA-CDD6E421389E}] C:\Users\Bruce\AppData\Roaming\Lymeo\ypkaiku.exe File not found
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [confWITray] rundll32.exe "C:\Users\Bruce\AppData\Local\iTunesNetman\confWITray.dll",isaEventnt5 DirectapiPath File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: ancestry.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B4DF2DA-443E-471F-B2CA-AD5ED101BF32}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/01/16 17:16:10 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\install\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\readfile\command - "" = hh.exe readme.htm
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/18 17:00:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/01/18 16:51:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/18 16:48:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2012/01/18 16:43:42 | 000,689,552 | ---- | C] (MindSpark) -- C:\Program Files\4eUninstall RadioPI.dll
[2012/01/16 18:44:24 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2012/01/16 17:23:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\RK_Quarantine
[2012/01/16 17:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/01/16 17:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/01/16 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2012/01/15 17:29:58 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Bruce\Desktop\mbam-setup-1.51.1.1800.exe
[2012/01/06 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2012/01/06 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ancestry.com
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Family Tree Maker 2012
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
[2012/01/06 13:21:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012/01/06 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012/01/06 13:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2012/01/06 13:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
[2012/01/06 12:59:53 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\PackageAware
[2010/02/07 13:54:01 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbfusb1.dll
[2010/02/07 13:54:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbfpmui.dll
[2010/02/07 13:54:01 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbfinpa.dll
[2010/02/07 13:54:01 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbfiesc.dll
[2010/02/07 13:54:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbfserv.dll
[2010/02/07 13:54:00 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbfhbn3.dll
[2010/02/07 13:54:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbfcomc.dll
[2010/02/07 13:54:00 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbflmpm.dll
[2010/02/07 13:54:00 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbfcoms.exe
[2010/02/07 13:54:00 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbfih.exe
[2010/02/07 13:54:00 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbfprox.dll
[2010/02/07 13:54:00 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbfpplc.dll
[2010/02/07 13:53:59 | 000,352,256 | ---- | C] ( ) -- C:\Windows\System32\DLBFUTIL.DLL
[2010/02/07 13:53:59 | 000,069,632 | ---- | C] ( ) -- C:\Windows\System32\DLBFCU.DLL
[2010/02/07 13:53:58 | 000,086,016 | ---- | C] ( ) -- C:\Windows\System32\DLBFCUR.DLL
[2007/03/01 14:52:06 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbcih.exe
[2007/03/01 14:52:04 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbccoms.exe
[2007/03/01 14:52:04 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbccfg.exe
[2007/02/02 05:06:34 | 000,483,328 | ---- | C] ( ) -- C:\Windows\System32\dlbcjswr.dll
[2007/02/02 04:55:30 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbccu.dll
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbcpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbcserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbcpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbcprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbcinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlbcusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbchbn3.dll

========== Files - Modified Within 30 Days ==========

[2012/01/18 18:32:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job
[2012/01/18 18:14:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 17:01:50 | 000,649,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/18 17:01:50 | 000,122,904 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/18 17:00:45 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/18 16:56:02 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/18 16:54:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:54:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 16:53:26 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/18 16:51:28 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/01/18 16:41:21 | 000,771,154 | ---- | M] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2012/01/18 16:39:52 | 000,005,972 | ---- | M] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2012/01/16 17:41:45 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:42:13 | 000,178,012 | ---- | M] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:42:07 | 000,396,541 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:34:32 | 000,124,578 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:32:35 | 000,152,978 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:30:09 | 000,105,497 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:16 | 000,663,069 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:18:10 | 000,681,268 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:15:58 | 000,301,667 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:13:50 | 000,466,938 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:11:36 | 000,367,633 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:09:47 | 000,441,669 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:22:32 | 000,729,860 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:19:42 | 000,677,879 | ---- | M] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:22 | 000,535,074 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:16:43 | 000,861,047 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:14:41 | 001,030,486 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:07:54 | 000,623,469 | ---- | M] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:03:05 | 000,787,387 | ---- | M] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | M] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:54:09 | 000,296,116 | ---- | M] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:26 | 000,656,606 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:36:22 | 000,611,841 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:02 | 000,398,812 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:39 | 000,419,259 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:31:40 | 000,288,070 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:56:14 | 000,229,379 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:55:23 | 000,403,524 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:52:21 | 000,234,021 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:49:25 | 000,444,851 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:44:41 | 000,312,906 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:50:26 | 032,715,779 | ---- | M] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:36 | 052,912,921 | ---- | M] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:53:52 | 000,178,034 | ---- | M] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:48:08 | 000,117,644 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:44:53 | 000,107,016 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:40:05 | 000,153,150 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:39:49 | 000,118,901 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:38:54 | 000,100,433 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:36:35 | 000,433,423 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:35:56 | 000,469,429 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:14 | 000,124,329 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:32:55 | 000,058,997 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:30:14 | 000,145,904 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:23:09 | 000,585,515 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:55 | 000,123,280 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 19:58:01 | 000,145,775 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:42:23 | 000,166,171 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 13:24:12 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/06 11:21:56 | 000,166,621 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:17:28 | 000,248,991 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:34 | 000,375,537 | ---- | M] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:50:19 | 000,428,247 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:38 | 000,630,416 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/30 01:07:44 | 239,774,814 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/28 01:14:53 | 000,015,964 | ---- | M] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:06:00 | 000,549,902 | ---- | M] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:12:31 | 000,161,064 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:08:59 | 000,157,638 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:07:04 | 000,186,291 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:58:59 | 000,376,185 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:52:18 | 000,457,368 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:50:38 | 000,494,112 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:44 | 000,401,831 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:44:23 | 000,846,555 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:42:09 | 000,047,923 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:40:18 | 000,118,451 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:35:45 | 000,060,059 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:59 | 000,123,346 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:25:31 | 000,073,984 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:22:17 | 000,124,929 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:20:00 | 000,396,692 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:13:49 | 000,547,625 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:11:08 | 000,811,326 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:08:38 | 000,271,269 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:02:06 | 000,354,947 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:57:00 | 000,389,024 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:51:01 | 000,275,127 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 22:27:11 | 000,091,006 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Van, Albert, Dorothy Beeching, Hester.jpg
[2011/12/27 22:03:11 | 000,627,300 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Memorial Park.jpg
[2011/12/27 21:56:58 | 000,072,967 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:55:04 | 000,080,123 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:52:23 | 000,377,676 | ---- | M] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:39 | 001,165,547 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:12 | 000,812,934 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:23 | 000,659,609 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:07:00 | 001,009,353 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:01:22 | 000,461,207 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:56 | 000,912,511 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:59 | 000,726,805 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:55:37 | 001,379,479 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:53:02 | 000,733,214 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:23 | 000,911,228 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:45 | 000,919,779 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:07 | 001,074,141 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:08 | 001,111,575 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:46 | 000,900,144 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:41:21 | 000,737,498 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:53 | 000,748,057 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:01 | 000,827,906 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:37:12 | 000,619,966 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:35:31 | 000,497,424 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:30 | 000,783,250 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:38 | 000,940,319 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:51:03 | 000,363,596 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:47:03 | 000,690,620 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:41:25 | 001,322,452 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:32 | 001,254,867 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:37:15 | 000,690,658 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:51 | 001,288,337 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:43 | 001,458,669 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:59 | 000,830,252 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:06:00 | 000,165,320 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 16:00:59 | 000,445,856 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:56:35 | 001,144,390 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:47:07 | 000,734,730 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | M] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:05 | 000,680,132 | ---- | M] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/26 17:16:38 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2011/12/26 17:02:20 | 000,771,072 | ---- | M] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/24 14:48:02 | 000,454,154 | ---- | M] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg

========== Files Created - No Company Name ==========

[2012/01/18 17:00:45 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/18 16:43:43 | 000,165,840 | ---- | C] () -- C:\Program Files\4eres.dll
[2012/01/18 16:40:34 | 000,771,154 | ---- | C] () -- C:\ProgramData\LuUninstall.LiveUpdate
[2012/01/16 17:25:12 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/16 17:25:11 | 000,001,917 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/16 17:25:11 | 000,000,945 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2012/01/16 17:25:11 | 000,000,815 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Security Scan.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart PDF Creator.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2012/01/16 17:25:11 | 000,000,742 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2012/01/16 17:25:11 | 000,000,258 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/16 17:25:11 | 000,000,240 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/16 17:23:39 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/16 17:23:22 | 000,771,072 | ---- | C] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2012/01/16 13:01:06 | 2137,042,944 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:37:15 | 000,396,541 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:33:09 | 000,124,578 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:31:16 | 000,152,978 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:28:17 | 000,105,497 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:57 | 000,178,012 | ---- | C] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:17:46 | 000,681,268 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:16:59 | 000,663,069 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:14:57 | 000,301,667 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:12:23 | 000,466,938 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:10:29 | 000,367,633 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:08:23 | 000,441,669 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:21:49 | 000,729,860 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:18:38 | 000,677,879 | ---- | C] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:21 | 000,535,074 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:15:43 | 000,861,047 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:13:43 | 001,030,486 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:06:27 | 000,623,469 | ---- | C] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:01:43 | 000,787,387 | ---- | C] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | C] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:38:53 | 000,296,116 | ---- | C] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:06 | 000,611,841 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:56 | 000,656,606 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:34:01 | 000,398,812 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:38 | 000,419,259 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:28:10 | 000,288,070 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:54:36 | 000,229,379 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:54:03 | 000,403,524 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:51:20 | 000,234,021 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:47:46 | 000,444,851 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:43:26 | 000,312,906 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:49:47 | 032,715,779 | ---- | C] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:25 | 052,912,921 | ---- | C] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:52:45 | 000,178,034 | ---- | C] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:47:30 | 000,117,644 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:43:11 | 000,107,016 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:39:10 | 000,153,150 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:38:53 | 000,118,901 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:37:22 | 000,100,433 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:34:12 | 000,469,429 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:12 | 000,433,423 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:32:53 | 000,124,329 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:31:34 | 000,058,997 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:23:06 | 000,145,904 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:21:01 | 000,585,515 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 23:16:25 | 000,123,280 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 19:56:35 | 000,145,775 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:40:36 | 000,166,171 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 11:20:17 | 000,166,621 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:16:07 | 000,248,991 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:33 | 000,375,537 | ---- | C] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:48:14 | 000,428,247 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:37 | 000,630,416 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/28 01:14:53 | 000,015,964 | ---- | C] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:05:26 | 000,549,902 | ---- | C] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:09:25 | 000,161,064 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:07:57 | 000,157,638 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:06:19 | 000,186,291 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:55:36 | 000,376,185 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:51:44 | 000,457,368 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:48:49 | 000,494,112 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:14 | 000,401,831 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:43:49 | 000,846,555 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:39:32 | 000,118,451 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:38:20 | 000,047,923 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:35:03 | 000,060,059 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:09 | 000,123,346 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:24:53 | 000,073,984 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:18:54 | 000,396,692 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:18:54 | 000,124,929 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:13:16 | 000,547,625 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:10:31 | 000,811,326 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:07:48 | 000,271,269 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:01:30 | 000,354,947 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:56:06 | 000,389,024 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:50:21 | 000,275,127 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 21:56:19 | 000,072,967 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:54:27 | 000,080,123 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:51:26 | 000,377,676 | ---- | C] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:38 | 001,165,547 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:11 | 000,812,934 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:22 | 000,659,609 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:06:28 | 001,009,353 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:00:39 | 000,461,207 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:55 | 000,912,511 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:58 | 000,726,805 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:54:42 | 001,379,479 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:52:27 | 000,733,214 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:22 | 000,911,228 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:44 | 000,919,779 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:06 | 001,074,141 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:07 | 001,111,575 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:45 | 000,900,144 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:40:45 | 000,737,498 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:52 | 000,748,057 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:00 | 000,827,906 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:36:10 | 000,619,966 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:34:28 | 000,497,424 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:29 | 000,783,250 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:37 | 000,940,319 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:49:45 | 000,363,596 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:42:21 | 000,690,620 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:40:35 | 001,322,452 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:31 | 001,254,867 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:36:37 | 000,690,658 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:21 | 001,288,337 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:14 | 001,458,669 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:25 | 000,830,252 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:04:51 | 000,165,320 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 15:57:55 | 000,445,856 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:53:06 | 001,144,390 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:46:21 | 000,734,730 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | C] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:04 | 000,680,132 | ---- | C] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/24 14:48:02 | 000,454,154 | ---- | C] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg
[2011/10/24 09:37:26 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbfinsb.dll
[2011/08/09 00:25:43 | 000,002,194 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011/08/08 01:19:58 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/07/29 14:09:29 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2010/07/29 14:09:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLBFLCNP.DLL
[2010/04/27 12:12:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/07 13:54:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbfcnv4.dll
[2010/02/07 13:54:01 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbfvs.dll
[2010/02/07 13:53:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dlbfcoin.dll
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/24 10:04:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 10:04:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 23:41:55 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2009/09/11 23:35:36 | 000,223,232 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009/09/11 23:35:35 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SQLiteWrapper.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/07 22:14:21 | 000,001,340 | ---- | C] () -- C:\Users\Bruce\AppData\Roaming\wklnhst.dat
[2008/08/27 08:00:35 | 000,000,801 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/07/26 07:49:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/19 06:59:43 | 000,030,208 | -H-- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/16 08:05:19 | 000,005,972 | ---- | C] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2008/07/14 15:26:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/11 09:32:12 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/06/11 09:32:12 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/06/11 09:32:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/06/11 09:32:12 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/06/11 09:32:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/06/11 09:32:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/06/11 06:53:57 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/06/11 06:53:56 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/02/03 18:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/02/02 05:06:10 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbccur.dll
[2007/02/02 04:55:10 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbcutil.dll
[2007/01/22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbccoin.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,988,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,649,426 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,904 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/05 12:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbcvs.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/09/20 02:32:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dlbfcinf.dll
[2003/09/20 02:32:34 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbfscin.dll
[2003/07/09 12:34:56 | 000,000,177 | ---- | C] () -- C:\Windows\System32\dlbfcoin.ini

========== LOP Check ==========

[2010/03/31 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\DriverCure
[2012/01/06 19:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2010/08/20 20:46:28 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\MyHeritage
[2010/02/26 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Smart PDF Creator
[2010/09/11 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\TeamViewer
[2010/05/06 20:52:15 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Template
[2010/08/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011/11/22 19:21:15 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\BackUpDutyLite.job
[2011/12/11 12:46:15 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job
[2010/10/02 03:45:18 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010/03/03 22:02:01 | 000,000,654 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010/10/26 17:00:01 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/10/27 01:25:18 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/12/07 02:25:01 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2011/11/22 19:21:15 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/01/18 16:52:24 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/18 18:32:22 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job

========== Purity Check ==========



< End of report >

[Nedklaw]

Hi.


On your clean computer:


Step 1

• Save this file to your flash drive:  fix.txt   760bytes   77 downloads

On your infected computer:


Step 2

• Transfer fix.txt to your desktop.
• Run OTL.
• Drag and drop fix.txt into the Custom Scans and Fixes box.
• If you cannot drag and drop for some reason then press the Run Fix button and a dialogue box will pop up asking for the location - select the file on your desktop.
• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log that appears upon reboot in your next reply.
• Open OTL again and check the "Scan All Users" box.
• Click the Quick Scan button. Post the log it produces in your next reply.

Step 3

Can you now connect to the internet on your infected computer?


Things I want to see in your next reply

• OTL Fix Log
• OTL.txt
• Answer to my question

[mewsick75]

========== OTL ==========
File HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin not found.
Registry value HKEY_USERS\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Run\\{1E9E9511-68EF-2F72-E9BA-CDD6E421389E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E9E9511-68EF-2F72-E9BA-CDD6E421389E}\ not found.
File C:\Program Files\4eUninstall RadioPI.dll not found.
C:\ProgramData\LuUninstall.LiveUpdate moved successfully.
File C:\Program Files\4eres.dll not found.
========== FILES ==========
File\Folder C:\Program Files\MyWebSearch not found.
c:\Users\Bruce\AppData\Local\Temp\wuauclt.exe moved successfully.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully


OTL by OldTimer - Version 3.2.31.0 log created on 01192012_181927



OTL logfile created on: 1/19/2012 6:27:00 PM - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.58 Gb Available Physical Memory | 29.01% Memory free
4.21 Gb Paging File | 2.66 Gb Available in Paging File | 63.13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 68.74 Gb Free Space | 50.27% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 2.38 Gb Free Space | 24.39% Space Free | Partition Type: NTFS
Drive E: | 29.80 Gb Total Space | 24.62 Gb Free Space | 82.60% Space Free | Partition Type: FAT32

Computer Name: BRUCE | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/11 11:00:04 | 000,093,752 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
PRC - [2010/02/10 08:19:09 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 01:28:15 | 000,117,248 | ---- | M] () -- \\?\C:\Windows\System32\wbem\WMIADAP.EXE
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/21 10:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 06:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/07 16:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/07 01:50:02 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 01:49:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 01:49:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/07 01:49:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/03/29 07:15:54 | 000,435,696 | ---- | M] (Dell) -- C:\Program Files\Dell AIO Printer A960\dlbfmon.exe
PRC - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbfcoms.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/12 11:58:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 11:58:30 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012/01/08 00:37:56 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/08 00:37:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/08 00:37:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0d34a2f81f5d945e604ff66c1e64fc72\System.Xml.ni.dll
MOD - [2012/01/08 00:37:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/07 10:46:17 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/07 10:46:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/12/12 01:01:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/17 15:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/06/11 07:06:08 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbfcoms.exe -- (dlbf_device)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/03 18:00:34 | 000,079,052 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/07 01:49:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2000/06/15 20:54:02 | 000,206,368 | ---- | M] (Adaptec) [File_System | System | Stopped] -- C:\Windows\System32\drivers\udfreadr.sys -- (UdfReadr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\MyWebSearch\bar\1.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/10 03:00:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/19 18:26:17 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}

O1 HOSTS File: ([2012/01/19 18:19:37 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111220093216.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe (Ascentive LLC)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell AIO Printer A960] "C:\Program Files\Dell AIO Printer A960\dlbfbmgr.exe" File not found
O4 - HKLM..\Run: [dlbfmon.exe] C:\Program Files\Dell AIO Printer A960\dlbfmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [confWITray] rundll32.exe "C:\Users\Bruce\AppData\Local\iTunesNetman\confWITray.dll",isaEventnt5 DirectapiPath File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: ancestry.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B4DF2DA-443E-471F-B2CA-AD5ED101BF32}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2012/01/16 17:16:10 | 000,000,016 | -H-- | M] () - E:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\install\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\readfile\command - "" = hh.exe readme.htm
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/19 18:27:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/01/18 16:51:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/18 16:48:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2012/01/16 18:44:24 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2012/01/16 17:23:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\RK_Quarantine
[2012/01/16 17:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/01/16 17:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/01/16 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2012/01/15 17:29:58 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Bruce\Desktop\mbam-setup-1.51.1.1800.exe
[2012/01/06 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2012/01/06 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ancestry.com
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Family Tree Maker 2012
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
[2012/01/06 13:21:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012/01/06 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012/01/06 13:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2012/01/06 13:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
[2012/01/06 12:59:53 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\PackageAware
[2010/02/07 13:54:01 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbfusb1.dll
[2010/02/07 13:54:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbfpmui.dll
[2010/02/07 13:54:01 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbfinpa.dll
[2010/02/07 13:54:01 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbfiesc.dll
[2010/02/07 13:54:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbfserv.dll
[2010/02/07 13:54:00 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbfhbn3.dll
[2010/02/07 13:54:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbfcomc.dll
[2010/02/07 13:54:00 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbflmpm.dll
[2010/02/07 13:54:00 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbfcoms.exe
[2010/02/07 13:54:00 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbfih.exe
[2010/02/07 13:54:00 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbfprox.dll
[2010/02/07 13:54:00 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbfpplc.dll
[2010/02/07 13:53:59 | 000,352,256 | ---- | C] ( ) -- C:\Windows\System32\DLBFUTIL.DLL
[2010/02/07 13:53:59 | 000,069,632 | ---- | C] ( ) -- C:\Windows\System32\DLBFCU.DLL
[2010/02/07 13:53:58 | 000,086,016 | ---- | C] ( ) -- C:\Windows\System32\DLBFCUR.DLL
[2007/03/01 14:52:06 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbcih.exe
[2007/03/01 14:52:04 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbccoms.exe
[2007/03/01 14:52:04 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbccfg.exe
[2007/02/02 05:06:34 | 000,483,328 | ---- | C] ( ) -- C:\Windows\System32\dlbcjswr.dll
[2007/02/02 04:55:30 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbccu.dll
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbcpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbcserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbcpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbcprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbcinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlbcusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbchbn3.dll

========== Files - Modified Within 30 Days ==========

[2012/01/19 18:33:00 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job
[2012/01/19 18:32:10 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/19 18:32:09 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/19 18:30:16 | 000,649,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/19 18:30:16 | 000,122,904 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/19 18:27:48 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/19 18:22:52 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/19 18:22:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/19 18:21:29 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/19 18:19:37 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/01/18 16:39:52 | 000,005,972 | ---- | M] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2012/01/16 17:41:45 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:42:13 | 000,178,012 | ---- | M] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:42:07 | 000,396,541 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:34:32 | 000,124,578 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:32:35 | 000,152,978 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:30:09 | 000,105,497 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:16 | 000,663,069 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:18:10 | 000,681,268 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:15:58 | 000,301,667 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:13:50 | 000,466,938 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:11:36 | 000,367,633 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:09:47 | 000,441,669 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:22:32 | 000,729,860 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:19:42 | 000,677,879 | ---- | M] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:22 | 000,535,074 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:16:43 | 000,861,047 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:14:41 | 001,030,486 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:07:54 | 000,623,469 | ---- | M] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:03:05 | 000,787,387 | ---- | M] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | M] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:54:09 | 000,296,116 | ---- | M] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:26 | 000,656,606 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:36:22 | 000,611,841 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:02 | 000,398,812 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:39 | 000,419,259 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:31:40 | 000,288,070 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:56:14 | 000,229,379 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:55:23 | 000,403,524 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:52:21 | 000,234,021 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:49:25 | 000,444,851 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:44:41 | 000,312,906 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:50:26 | 032,715,779 | ---- | M] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:36 | 052,912,921 | ---- | M] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:53:52 | 000,178,034 | ---- | M] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:48:08 | 000,117,644 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:44:53 | 000,107,016 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:40:05 | 000,153,150 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:39:49 | 000,118,901 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:38:54 | 000,100,433 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:36:35 | 000,433,423 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:35:56 | 000,469,429 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:14 | 000,124,329 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:32:55 | 000,058,997 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:30:14 | 000,145,904 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:23:09 | 000,585,515 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:55 | 000,123,280 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 19:58:01 | 000,145,775 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:42:23 | 000,166,171 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 13:24:12 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/06 11:21:56 | 000,166,621 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:17:28 | 000,248,991 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:34 | 000,375,537 | ---- | M] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:50:19 | 000,428,247 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:38 | 000,630,416 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/30 01:07:44 | 239,774,814 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/28 01:14:53 | 000,015,964 | ---- | M] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:06:00 | 000,549,902 | ---- | M] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:12:31 | 000,161,064 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:08:59 | 000,157,638 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:07:04 | 000,186,291 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:58:59 | 000,376,185 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:52:18 | 000,457,368 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:50:38 | 000,494,112 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:44 | 000,401,831 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:44:23 | 000,846,555 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:42:09 | 000,047,923 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:40:18 | 000,118,451 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:35:45 | 000,060,059 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:59 | 000,123,346 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:25:31 | 000,073,984 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:22:17 | 000,124,929 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:20:00 | 000,396,692 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:13:49 | 000,547,625 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:11:08 | 000,811,326 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:08:38 | 000,271,269 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:02:06 | 000,354,947 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:57:00 | 000,389,024 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:51:01 | 000,275,127 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 22:27:11 | 000,091,006 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Van, Albert, Dorothy Beeching, Hester.jpg
[2011/12/27 22:03:11 | 000,627,300 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Memorial Park.jpg
[2011/12/27 21:56:58 | 000,072,967 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:55:04 | 000,080,123 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:52:23 | 000,377,676 | ---- | M] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:39 | 001,165,547 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:12 | 000,812,934 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:23 | 000,659,609 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:07:00 | 001,009,353 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:01:22 | 000,461,207 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:56 | 000,912,511 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:59 | 000,726,805 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:55:37 | 001,379,479 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:53:02 | 000,733,214 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:23 | 000,911,228 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:45 | 000,919,779 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:07 | 001,074,141 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:08 | 001,111,575 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:46 | 000,900,144 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:41:21 | 000,737,498 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:53 | 000,748,057 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:01 | 000,827,906 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:37:12 | 000,619,966 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:35:31 | 000,497,424 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:30 | 000,783,250 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:38 | 000,940,319 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:51:03 | 000,363,596 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:47:03 | 000,690,620 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:41:25 | 001,322,452 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:32 | 001,254,867 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:37:15 | 000,690,658 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:51 | 001,288,337 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:43 | 001,458,669 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:59 | 000,830,252 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:06:00 | 000,165,320 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 16:00:59 | 000,445,856 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:56:35 | 001,144,390 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:47:07 | 000,734,730 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | M] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:05 | 000,680,132 | ---- | M] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/26 17:16:38 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2011/12/26 17:02:20 | 000,771,072 | ---- | M] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/24 14:48:02 | 000,454,154 | ---- | M] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg

========== Files Created - No Company Name ==========

[2012/01/18 17:00:45 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/16 17:25:12 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/16 17:25:11 | 000,001,917 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/16 17:25:11 | 000,000,945 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2012/01/16 17:25:11 | 000,000,815 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Security Scan.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart PDF Creator.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2012/01/16 17:25:11 | 000,000,742 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2012/01/16 17:25:11 | 000,000,258 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/16 17:25:11 | 000,000,240 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/16 17:23:39 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/16 17:23:22 | 000,771,072 | ---- | C] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2012/01/16 13:01:06 | 2137,042,944 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:37:15 | 000,396,541 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:33:09 | 000,124,578 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:31:16 | 000,152,978 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:28:17 | 000,105,497 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:57 | 000,178,012 | ---- | C] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:17:46 | 000,681,268 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:16:59 | 000,663,069 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:14:57 | 000,301,667 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:12:23 | 000,466,938 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:10:29 | 000,367,633 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:08:23 | 000,441,669 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:21:49 | 000,729,860 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:18:38 | 000,677,879 | ---- | C] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:21 | 000,535,074 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:15:43 | 000,861,047 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:13:43 | 001,030,486 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:06:27 | 000,623,469 | ---- | C] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:01:43 | 000,787,387 | ---- | C] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | C] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:38:53 | 000,296,116 | ---- | C] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:06 | 000,611,841 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:56 | 000,656,606 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:34:01 | 000,398,812 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:38 | 000,419,259 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:28:10 | 000,288,070 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:54:36 | 000,229,379 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:54:03 | 000,403,524 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:51:20 | 000,234,021 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:47:46 | 000,444,851 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:43:26 | 000,312,906 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:49:47 | 032,715,779 | ---- | C] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:25 | 052,912,921 | ---- | C] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:52:45 | 000,178,034 | ---- | C] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:47:30 | 000,117,644 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:43:11 | 000,107,016 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:39:10 | 000,153,150 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:38:53 | 000,118,901 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:37:22 | 000,100,433 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:34:12 | 000,469,429 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:12 | 000,433,423 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:32:53 | 000,124,329 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:31:34 | 000,058,997 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:23:06 | 000,145,904 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:21:01 | 000,585,515 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 23:16:25 | 000,123,280 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 19:56:35 | 000,145,775 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:40:36 | 000,166,171 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 11:20:17 | 000,166,621 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:16:07 | 000,248,991 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:33 | 000,375,537 | ---- | C] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:48:14 | 000,428,247 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:37 | 000,630,416 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/28 01:14:53 | 000,015,964 | ---- | C] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:05:26 | 000,549,902 | ---- | C] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:09:25 | 000,161,064 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:07:57 | 000,157,638 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:06:19 | 000,186,291 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:55:36 | 000,376,185 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:51:44 | 000,457,368 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:48:49 | 000,494,112 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:14 | 000,401,831 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:43:49 | 000,846,555 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:39:32 | 000,118,451 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:38:20 | 000,047,923 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:35:03 | 000,060,059 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:09 | 000,123,346 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:24:53 | 000,073,984 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:18:54 | 000,396,692 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:18:54 | 000,124,929 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:13:16 | 000,547,625 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:10:31 | 000,811,326 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:07:48 | 000,271,269 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:01:30 | 000,354,947 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:56:06 | 000,389,024 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:50:21 | 000,275,127 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 21:56:19 | 000,072,967 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:54:27 | 000,080,123 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:51:26 | 000,377,676 | ---- | C] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:38 | 001,165,547 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:11 | 000,812,934 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:22 | 000,659,609 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:06:28 | 001,009,353 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:00:39 | 000,461,207 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:55 | 000,912,511 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:58 | 000,726,805 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:54:42 | 001,379,479 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:52:27 | 000,733,214 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:22 | 000,911,228 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:44 | 000,919,779 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:06 | 001,074,141 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:07 | 001,111,575 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:45 | 000,900,144 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:40:45 | 000,737,498 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:52 | 000,748,057 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:00 | 000,827,906 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:36:10 | 000,619,966 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:34:28 | 000,497,424 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:29 | 000,783,250 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:37 | 000,940,319 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:49:45 | 000,363,596 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:42:21 | 000,690,620 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:40:35 | 001,322,452 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:31 | 001,254,867 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:36:37 | 000,690,658 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:21 | 001,288,337 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:14 | 001,458,669 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:25 | 000,830,252 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:04:51 | 000,165,320 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 15:57:55 | 000,445,856 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:53:06 | 001,144,390 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:46:21 | 000,734,730 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | C] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:04 | 000,680,132 | ---- | C] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/24 14:48:02 | 000,454,154 | ---- | C] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg
[2011/10/24 09:37:26 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbfinsb.dll
[2011/08/09 00:25:43 | 000,002,194 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011/08/08 01:19:58 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/07/29 14:09:29 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2010/07/29 14:09:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLBFLCNP.DLL
[2010/04/27 12:12:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/07 13:54:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbfcnv4.dll
[2010/02/07 13:54:01 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbfvs.dll
[2010/02/07 13:53:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dlbfcoin.dll
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/24 10:04:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 10:04:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 23:41:55 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2009/09/11 23:35:36 | 000,223,232 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009/09/11 23:35:35 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SQLiteWrapper.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/07 22:14:21 | 000,001,340 | ---- | C] () -- C:\Users\Bruce\AppData\Roaming\wklnhst.dat
[2008/08/27 08:00:35 | 000,000,801 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/07/26 07:49:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/19 06:59:43 | 000,030,208 | -H-- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/16 08:05:19 | 000,005,972 | ---- | C] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2008/07/14 15:26:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/11 09:32:12 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/06/11 09:32:12 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/06/11 09:32:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/06/11 09:32:12 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/06/11 09:32:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/06/11 09:32:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/06/11 06:53:57 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/06/11 06:53:56 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/02/03 18:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/02/02 05:06:10 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbccur.dll
[2007/02/02 04:55:10 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbcutil.dll
[2007/01/22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbccoin.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,988,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,649,426 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,904 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/05 12:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbcvs.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/09/20 02:32:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dlbfcinf.dll
[2003/09/20 02:32:34 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbfscin.dll
[2003/07/09 12:34:56 | 000,000,177 | ---- | C] () -- C:\Windows\System32\dlbfcoin.ini

========== LOP Check ==========

[2010/03/31 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\DriverCure
[2012/01/06 19:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2010/08/20 20:46:28 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\MyHeritage
[2010/02/26 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Smart PDF Creator
[2010/09/11 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\TeamViewer
[2010/05/06 20:52:15 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Template
[2010/08/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011/11/22 19:21:15 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\BackUpDutyLite.job
[2011/12/11 12:46:15 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job
[2010/10/02 03:45:18 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010/03/03 22:02:01 | 000,000,654 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010/10/26 17:00:01 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/10/27 01:25:18 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/12/07 02:25:01 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2011/11/22 19:21:15 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/01/19 18:20:25 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/19 18:37:00 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job

========== Purity Check ==========



< End of report >

[Nedklaw]

Hi.

Can you now connect to the Internet on the infected computer?

[mewsick75]

Yes I can get on the internet.

[Nedklaw]

Hi.


Step 1

Run OTL.

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Reg
  [HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions]
  "[email protected]"=-
   
  :Files
  ipconfig /flushdns /c
  
  :Commands 
  [purity] 
  [resethosts] 
  [emptytemp]
  [CREATERESTOREPOINT] 
  [Reboot]

  
  
• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.
• Post the log that appears upon reboot in your next reply.
• Open OTL again and select the "Scan All Users" box.
• Click the Quick Scan button. Post the log it produces in your next reply.

Step 2

• Run Malwarebytes' Anti-Malware.
• Update Malwarebytes' Anti-Malware.
• Once the program has updated, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to restart. (See Extra Note).
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.


Step 3

Please run a free online scan with the ESET Online Scanner.
Note: You will need to use Internet Explorer for this scan.

• Tick the box next to YES, I accept the Terms of Use.
• Click Start.
• When asked, allow the ActiveX control to install.
• Click Start.
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked.
• Click Scan. (This scan can take several hours, so please be patient).
• Once the scan is completed, you may close the window.
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Step 4

How is your system running? Are you experiencing any problems?


Things I want to see in your next reply

• OTL Fix Log
• OTL.txt
• MBAM Log
• log.txt
• Answers to my questions

[mewsick75]

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Bruce\Desktop\cmd.bat deleted successfully.
C:\Users\Bruce\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Bruce
->Temp folder emptied: 1920671905 bytes
->Temporary Internet Files folder emptied: 253394318 bytes
->Java cache emptied: 2537419 bytes
->Google Chrome cache emptied: 8363642 bytes
->Flash cache emptied: 42619 bytes

User: DAR
->Temp folder emptied: 2526832 bytes
->Temporary Internet Files folder emptied: 67155693 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 42351 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 314757457 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 2300608657 bytes

Total Files Cleaned = 4,645.00 mb



OTL by OldTimer - Version 3.2.31.0 log created on 01212012_215048

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...



OTL logfile created on: 1/21/2012 10:39:49 PM - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Bruce\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19170)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.88 Gb Available Physical Memory | 44.02% Memory free
4.21 Gb Paging File | 2.53 Gb Available in Paging File | 60.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136.74 Gb Total Space | 72.87 Gb Free Space | 53.29% Space Free | Partition Type: NTFS
Drive D: | 9.77 Gb Total Space | 2.38 Gb Free Space | 24.39% Space Free | Partition Type: NTFS

Computer Name: BRUCE | User Name: Bruce | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/05 04:48:46 | 001,047,024 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/10/11 11:00:04 | 000,093,752 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Marketsplash by HP\HPLocalWebPrintAgent.exe
PRC - [2010/02/10 08:19:09 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe
PRC - [2010/01/15 07:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009/09/23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files\Panda USB Vaccine\USBVaccine.exe
PRC - [2009/04/11 01:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2007/12/21 10:58:06 | 000,184,320 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Dell\MediaDirect\PCMService.exe
PRC - [2007/11/12 06:07:24 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
PRC - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\stacsv.exe
PRC - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\AEstSrv.exe
PRC - [2007/09/07 16:27:08 | 001,180,952 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\quickset.exe
PRC - [2007/09/07 01:50:02 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2007/09/07 01:49:56 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/09/07 01:49:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/09/07 01:49:56 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe
PRC - [2007/03/29 07:15:54 | 000,435,696 | ---- | M] (Dell) -- C:\Program Files\Dell AIO Printer A960\dlbfmon.exe
PRC - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbfcoms.exe
PRC - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2007/03/21 13:00:00 | 000,174,872 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) -- C:\Windows\System32\dlbccoms.exe


========== Modules (No Company Name) ==========

MOD - [2012/01/12 11:58:32 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\311bc26c3ed83409589eb6bae0eeb86e\System.Runtime.Remoting.ni.dll
MOD - [2012/01/12 11:58:30 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\fecd1103dd16dc1192402770caf56575\System.Web.ni.dll
MOD - [2012/01/08 00:37:56 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2012/01/08 00:37:46 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2012/01/08 00:37:33 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\0d34a2f81f5d945e604ff66c1e64fc72\System.Xml.ni.dll
MOD - [2012/01/08 00:37:27 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2012/01/07 10:46:17 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2012/01/07 10:46:09 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2012/01/05 04:48:44 | 000,411,120 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\ppgooglenaclpluginchrome.dll
MOD - [2012/01/05 04:48:43 | 003,767,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
MOD - [2012/01/05 04:47:19 | 000,122,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avutil-51.dll
MOD - [2012/01/05 04:47:18 | 000,222,208 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avformat-53.dll
MOD - [2012/01/05 04:47:17 | 001,746,432 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\avcodec-53.dll
MOD - [2012/01/05 02:06:01 | 008,593,056 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
MOD - [2010/03/23 09:54:54 | 000,118,784 | ---- | M] () -- c:\Program Files\Common Files\aol\1272388487\ee\services\proxyprovider\ver1_0_0_1\proxyprovider.dll
MOD - [2009/09/04 22:15:06 | 000,067,872 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2007/12/12 01:01:24 | 000,054,784 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/17 15:38:42 | 000,361,712 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 17:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/01/15 07:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2008/06/11 07:06:08 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/01/20 21:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/11/12 06:07:20 | 000,102,400 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\stacsv.exe -- (STacSV)
SRV - [2007/11/12 06:07:16 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\AEstSrv.exe -- (AESTFilters)
SRV - [2007/03/29 07:15:24 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbfcoms.exe -- (dlbf_device)
SRV - [2007/03/21 13:00:04 | 000,355,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®
SRV - [2007/03/01 14:52:04 | 000,538,096 | ---- | M] ( ) [Auto | Running] -- C:\Windows\System32\dlbccoms.exe -- (dlbc_device)
SRV - [2006/10/23 07:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)


========== Driver Services (SafeList) ==========

DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2010/03/03 18:00:34 | 000,079,052 | ---- | M] (Oak Technology Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AFS.SYS -- (AFS)
DRV - [2010/01/18 16:39:06 | 000,003,200 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rcmirror.sys -- (rcmirror)
DRV - [2009/09/30 21:22:08 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/03/06 02:58:44 | 000,111,616 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV - [2008/01/20 21:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel®
DRV - [2007/11/12 06:07:28 | 000,330,240 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2007/09/07 01:49:56 | 000,155,136 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/09/06 11:35:16 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/09/06 11:35:14 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/09/06 11:35:12 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/29 17:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006/11/02 02:36:43 | 002,028,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2006/08/04 19:39:10 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2000/06/15 20:54:02 | 000,206,368 | ---- | M] (Adaptec) [File_System | System | Stopped] -- C:\Windows\System32\drivers\udfreadr.sys -- (UdfReadr)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =


IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/10 03:00:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/21 22:33:33 | 000,000,000 | ---D | M]


========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.190.4 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~1\mcafee\msc\npmcsn~1.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

O1 HOSTS File: ([2012/01/21 21:50:56 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll File not found
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111220093216.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: [ActiveSpeed] C:\Program Files\Ascentive\ActiveSpeed\AS.exe (Ascentive LLC)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [Dell AIO Printer A960] "C:\Program Files\Dell AIO Printer A960\dlbfbmgr.exe" File not found
O4 - HKLM..\Run: [dlbfmon.exe] C:\Program Files\Dell AIO Printer A960\dlbfmon.exe (Dell)
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [ECenter] C:\DELL\E-Center\EULALauncher.exe ( )
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\aol\1272388487\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMService] C:\Program Files\Dell\MediaDirect\PCMService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [RegWork] C:\Program Files\RegWork\RegWork.exe (Honlyn (Macao Commercial Offshore) Limited)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" File not found
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000..\Run: [confWITray] rundll32.exe "C:\Users\Bruce\AppData\Local\iTunesNetman\confWITray.dll",isaEventnt5 DirectapiPath File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: ancestry.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.h...DataManager.CAB (Hewlett-Packard Online Support Services)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A3256902-51FA-45A0-8A97-FC1143C169D9} http://support.micro...gWebControl.cab (Diagnostics ActiveX WebControl)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.250.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6B4DF2DA-443E-471F-B2CA-AD5ED101BF32}: DhcpNameServer = 192.168.1.1 71.250.0.12
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-2621676113-492794229-1793946688-1000 Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img24.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 16:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\install\command - "" = E:\Setup.exe
O33 - MountPoints2\{5026ac4f-3780-11dd-bad8-806e6f6e6963}\Shell\readfile\command - "" = hh.exe readme.htm
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\configure\command - "" = E:\SETUP.EXE
O33 - MountPoints2\{97cb7bae-7595-11df-877f-00038a000015}\Shell\install\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/21 22:36:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/01/21 22:32:19 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\2012-01-21
[2012/01/18 16:51:14 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/01/18 16:48:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2012/01/16 18:44:24 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2012/01/16 17:23:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Desktop\RK_Quarantine
[2012/01/16 17:15:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2012/01/16 17:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2012/01/16 17:15:24 | 000,000,000 | ---D | C] -- C:\Program Files\Panda USB Vaccine
[2012/01/15 17:29:58 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Bruce\Desktop\mbam-setup-1.51.1.1800.exe
[2012/01/06 13:46:39 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2012/01/06 13:28:13 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\Ancestry.com
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\Users\Bruce\Family Tree Maker 2012
[2012/01/06 13:22:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Family Tree Maker 2012
[2012/01/06 13:21:48 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2012/01/06 13:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2012/01/06 13:21:43 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2012/01/06 13:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{484395D8-1F9B-4C71-9DA9-A64CBD0E8DE2}
[2012/01/06 12:59:53 | 000,000,000 | ---D | C] -- C:\Users\Bruce\AppData\Local\PackageAware
[2010/02/07 13:54:01 | 000,995,328 | ---- | C] ( ) -- C:\Windows\System32\dlbfusb1.dll
[2010/02/07 13:54:01 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbfpmui.dll
[2010/02/07 13:54:01 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbfinpa.dll
[2010/02/07 13:54:01 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbfiesc.dll
[2010/02/07 13:54:00 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbfserv.dll
[2010/02/07 13:54:00 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbfhbn3.dll
[2010/02/07 13:54:00 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbfcomc.dll
[2010/02/07 13:54:00 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbflmpm.dll
[2010/02/07 13:54:00 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbfcoms.exe
[2010/02/07 13:54:00 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbfih.exe
[2010/02/07 13:54:00 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbfprox.dll
[2010/02/07 13:54:00 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbfpplc.dll
[2010/02/07 13:53:59 | 000,352,256 | ---- | C] ( ) -- C:\Windows\System32\DLBFUTIL.DLL
[2010/02/07 13:53:59 | 000,069,632 | ---- | C] ( ) -- C:\Windows\System32\DLBFCU.DLL
[2010/02/07 13:53:58 | 000,086,016 | ---- | C] ( ) -- C:\Windows\System32\DLBFCUR.DLL
[2007/03/01 14:52:06 | 000,386,544 | ---- | C] ( ) -- C:\Windows\System32\dlbcih.exe
[2007/03/01 14:52:04 | 000,538,096 | ---- | C] ( ) -- C:\Windows\System32\dlbccoms.exe
[2007/03/01 14:52:04 | 000,382,448 | ---- | C] ( ) -- C:\Windows\System32\dlbccfg.exe
[2007/02/02 05:06:34 | 000,483,328 | ---- | C] ( ) -- C:\Windows\System32\dlbcjswr.dll
[2007/02/02 04:55:30 | 000,073,728 | ---- | C] ( ) -- C:\Windows\System32\dlbccu.dll
[2006/12/20 16:08:24 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dlbcpmui.dll
[2006/12/20 16:06:58 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\dlbcserv.dll
[2006/12/20 16:01:04 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\dlbccomm.dll
[2006/12/20 15:59:24 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\dlbclmpm.dll
[2006/12/20 15:58:02 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\dlbciesc.dll
[2006/12/20 15:55:40 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\dlbcpplc.dll
[2006/12/20 15:54:54 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\dlbccomc.dll
[2006/12/20 15:54:20 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\dlbcprox.dll
[2006/12/20 15:47:32 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\dlbcinpa.dll
[2006/12/20 15:46:50 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\dlbcusb1.dll
[2006/12/20 15:42:36 | 000,696,320 | ---- | C] ( ) -- C:\Windows\System32\dlbchbn3.dll

========== Files - Modified Within 30 Days ==========

[2012/01/21 22:47:23 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job
[2012/01/21 22:36:10 | 000,001,697 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/21 22:36:08 | 000,649,426 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/21 22:36:08 | 000,122,904 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/21 22:30:13 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/01/21 22:29:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/21 22:29:32 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/21 22:29:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/21 22:29:21 | 2137,042,944 | -HS- | M] () -- C:\hiberfil.sys
[2012/01/21 21:50:56 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/01/18 16:39:52 | 000,005,972 | ---- | M] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2012/01/16 17:41:45 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | M] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:42:13 | 000,178,012 | ---- | M] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:42:07 | 000,396,541 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:34:32 | 000,124,578 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:32:35 | 000,152,978 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:30:09 | 000,105,497 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:16 | 000,663,069 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:18:10 | 000,681,268 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:15:58 | 000,301,667 | ---- | M] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:13:50 | 000,466,938 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:11:36 | 000,367,633 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:09:47 | 000,441,669 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:22:32 | 000,729,860 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:19:42 | 000,677,879 | ---- | M] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:22 | 000,535,074 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:16:43 | 000,861,047 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:14:41 | 001,030,486 | ---- | M] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:07:54 | 000,623,469 | ---- | M] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:03:05 | 000,787,387 | ---- | M] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | M] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:54:09 | 000,296,116 | ---- | M] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:26 | 000,656,606 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:36:22 | 000,611,841 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:02 | 000,398,812 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:39 | 000,419,259 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:31:40 | 000,288,070 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:56:14 | 000,229,379 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:55:23 | 000,403,524 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:52:21 | 000,234,021 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:49:25 | 000,444,851 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:44:41 | 000,312,906 | ---- | M] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:50:26 | 032,715,779 | ---- | M] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:36 | 052,912,921 | ---- | M] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:53:52 | 000,178,034 | ---- | M] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:48:08 | 000,117,644 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:44:53 | 000,107,016 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:40:05 | 000,153,150 | ---- | M] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:39:49 | 000,118,901 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:38:54 | 000,100,433 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:36:35 | 000,433,423 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:35:56 | 000,469,429 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:14 | 000,124,329 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:32:55 | 000,058,997 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:30:14 | 000,145,904 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:23:09 | 000,585,515 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:55 | 000,123,280 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 19:58:01 | 000,145,775 | ---- | M] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:42:23 | 000,166,171 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 13:24:12 | 000,000,865 | ---- | M] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/06 11:21:56 | 000,166,621 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:17:28 | 000,248,991 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:34 | 000,375,537 | ---- | M] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:50:19 | 000,428,247 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:38 | 000,630,416 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | M] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/30 01:07:44 | 239,774,814 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/12/28 01:14:53 | 000,015,964 | ---- | M] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:06:00 | 000,549,902 | ---- | M] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:12:31 | 000,161,064 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:08:59 | 000,157,638 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:07:04 | 000,186,291 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:58:59 | 000,376,185 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:52:18 | 000,457,368 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:50:38 | 000,494,112 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:44 | 000,401,831 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:44:23 | 000,846,555 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:42:09 | 000,047,923 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:40:18 | 000,118,451 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:35:45 | 000,060,059 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:59 | 000,123,346 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:25:31 | 000,073,984 | ---- | M] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:22:17 | 000,124,929 | ---- | M] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:20:00 | 000,396,692 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:13:49 | 000,547,625 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:11:08 | 000,811,326 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:08:38 | 000,271,269 | ---- | M] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:02:06 | 000,354,947 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:57:00 | 000,389,024 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:51:01 | 000,275,127 | ---- | M] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 22:27:11 | 000,091,006 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Van, Albert, Dorothy Beeching, Hester.jpg
[2011/12/27 22:03:11 | 000,627,300 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Memorial Park.jpg
[2011/12/27 21:56:58 | 000,072,967 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:55:04 | 000,080,123 | ---- | M] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:52:23 | 000,377,676 | ---- | M] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:39 | 001,165,547 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:12 | 000,812,934 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:23 | 000,659,609 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:07:00 | 001,009,353 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:01:22 | 000,461,207 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:56 | 000,912,511 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:59 | 000,726,805 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:55:37 | 001,379,479 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:53:02 | 000,733,214 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:23 | 000,911,228 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:45 | 000,919,779 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:07 | 001,074,141 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:08 | 001,111,575 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:46 | 000,900,144 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:41:21 | 000,737,498 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:53 | 000,748,057 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:01 | 000,827,906 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:37:12 | 000,619,966 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:35:31 | 000,497,424 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:30 | 000,783,250 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:38 | 000,940,319 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:51:03 | 000,363,596 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:47:03 | 000,690,620 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:41:25 | 001,322,452 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:32 | 001,254,867 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:37:15 | 000,690,658 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:51 | 001,288,337 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:43 | 001,458,669 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:59 | 000,830,252 | ---- | M] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:06:00 | 000,165,320 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 16:00:59 | 000,445,856 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:56:35 | 001,144,390 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:47:07 | 000,734,730 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | M] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | M] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | M] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:05 | 000,680,132 | ---- | M] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | M] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/26 17:16:38 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\Bruce\Desktop\aswMBR.exe
[2011/12/26 17:02:20 | 000,771,072 | ---- | M] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2011/12/26 13:35:32 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Bruce\Desktop\OTL.exe
[2011/12/24 14:48:02 | 000,454,154 | ---- | M] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg

========== Files Created - No Company Name ==========

[2012/01/18 17:00:45 | 000,001,697 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk
[2012/01/16 17:25:12 | 000,000,865 | ---- | C] () -- C:\Users\Public\Desktop\Family Tree Maker 2012.lnk
[2012/01/16 17:25:11 | 000,001,917 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/01/16 17:25:11 | 000,000,945 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2012/01/16 17:25:11 | 000,000,940 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Microsoft Outlook.lnk
[2012/01/16 17:25:11 | 000,000,815 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\McAfee Security Scan.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Smart PDF Creator.lnk
[2012/01/16 17:25:11 | 000,000,804 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2012/01/16 17:25:11 | 000,000,742 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\AOL 9.5.lnk
[2012/01/16 17:25:11 | 000,000,258 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/01/16 17:25:11 | 000,000,240 | ---- | C] () -- C:\Users\Bruce\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/01/16 17:23:39 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/16 17:23:22 | 000,771,072 | ---- | C] () -- C:\Users\Bruce\Desktop\RogueKiller.exe
[2012/01/16 13:01:06 | 2137,042,944 | -HS- | C] () -- C:\hiberfil.sys
[2012/01/15 17:30:48 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2012/01/15 11:56:10 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{F21940F0-BB8C-4989-84C5-10048C45F1E0}
[2012/01/15 11:54:30 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{10321870-946A-426A-9998-3176325099F5}
[2012/01/15 10:40:39 | 000,000,000 | ---- | C] () -- C:\Users\Bruce\AppData\Local\{2C39F6FB-1D3C-45A1-865A-A8B65D41764A}
[2012/01/14 12:37:15 | 000,396,541 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm.jpg
[2012/01/14 12:33:09 | 000,124,578 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison and family -.jpg
[2012/01/14 12:31:16 | 000,152,978 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Wm and Daughter.jpg
[2012/01/14 12:28:17 | 000,105,497 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel, Lill, Harry.jpg
[2012/01/14 12:18:57 | 000,178,012 | ---- | C] () -- C:\Users\Bruce\Documents\Stead house, built by Thomas Stead.jpg
[2012/01/14 12:17:46 | 000,681,268 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0039.jpg
[2012/01/14 12:16:59 | 000,663,069 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0036.jpg
[2012/01/14 12:14:57 | 000,301,667 | ---- | C] () -- C:\Users\Bruce\Documents\Morrison, Jean.jpg
[2012/01/14 12:12:23 | 000,466,938 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at Golf club House.jpg
[2012/01/14 12:10:29 | 000,367,633 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington House on Mountain Avenue.jpg
[2012/01/14 12:08:23 | 000,441,669 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison in front of houses.jpg
[2012/01/13 13:21:49 | 000,729,860 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Jacob.jpg
[2012/01/13 13:18:38 | 000,677,879 | ---- | C] () -- C:\Users\Bruce\Documents\Bailey, Dan and Winifred (marriage).jpg
[2012/01/13 13:17:21 | 000,535,074 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0031.jpg
[2012/01/13 13:15:43 | 000,861,047 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Mary H (death).jpg
[2012/01/13 13:13:43 | 001,030,486 | ---- | C] () -- C:\Users\Bruce\Documents\Spackman, Frederick A. (death).jpg
[2012/01/13 13:06:27 | 000,623,469 | ---- | C] () -- C:\Users\Bruce\Documents\Perrine, Alida Christine birth certificate.jpg
[2012/01/13 13:01:43 | 000,787,387 | ---- | C] () -- C:\Users\Bruce\Documents\Census Joke.jpg
[2012/01/12 16:55:29 | 000,523,498 | ---- | C] () -- C:\Users\Bruce\Documents\Keller Kerr Marriage.jpg
[2012/01/11 10:38:53 | 000,296,116 | ---- | C] () -- C:\Users\Bruce\Documents\Coddingtons and Morrisons at the Watchung Lake.jpg
[2012/01/11 10:36:06 | 000,611,841 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0029.jpg
[2012/01/11 10:34:56 | 000,656,606 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0028.jpg
[2012/01/11 10:34:01 | 000,398,812 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0027.jpg
[2012/01/11 10:32:38 | 000,419,259 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0025.jpg
[2012/01/11 10:28:10 | 000,288,070 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison by car wife sitting in car.jpg
[2012/01/11 00:54:36 | 000,229,379 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison obit.jpg
[2012/01/10 10:54:03 | 000,403,524 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with Morrison family.jpg
[2012/01/10 10:51:20 | 000,234,021 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Hazel Allen.jpg
[2012/01/10 10:47:46 | 000,444,851 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington family at 12 Mountain Ave.jpg
[2012/01/10 10:43:26 | 000,312,906 | ---- | C] () -- C:\Users\Bruce\Documents\Coddington, Harrison with horses.jpg
[2012/01/09 10:49:47 | 032,715,779 | ---- | C] () -- C:\Users\Bruce\Documents\genealogyofcushi00cush.pdf
[2012/01/08 14:56:25 | 052,912,921 | ---- | C] () -- C:\Users\Bruce\Documents\historyoffitzwil00nort.pdf
[2012/01/07 00:52:45 | 000,178,034 | ---- | C] () -- C:\Users\Bruce\Documents\Stead property, Somerset Street.jpg
[2012/01/07 00:47:30 | 000,117,644 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Libbie (Beeching).jpg
[2012/01/07 00:43:11 | 000,107,016 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0024.jpg
[2012/01/07 00:39:10 | 000,153,150 | ---- | C] () -- C:\Users\Bruce\Documents\Allen, Elias (2).jpg
[2012/01/07 00:30:24 | 000,118,839 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy 1943.jpg
[2012/01/06 23:38:53 | 000,118,901 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Lillian (Beeching).jpg
[2012/01/06 23:37:22 | 000,100,433 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Morton with Janet and Dorothy (dark dress).jpg
[2012/01/06 23:34:12 | 000,469,429 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Fred and Sophia S.jpg
[2012/01/06 23:34:12 | 000,433,423 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0015.jpg
[2012/01/06 23:32:53 | 000,124,329 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe brothers, Frederick and Lewis.jpg
[2012/01/06 23:31:34 | 000,058,997 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.jpg
[2012/01/06 23:23:06 | 000,145,904 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0021.jpg
[2012/01/06 23:21:01 | 000,585,515 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Dorothy.jpg
[2012/01/06 23:17:54 | 000,153,590 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia with Fred's brother Lewis and wife Mini.jpg
[2012/01/06 23:16:25 | 000,123,280 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick and Sophia on Somerset Street.jpg
[2012/01/06 19:56:35 | 000,145,775 | ---- | C] () -- C:\Users\Bruce\Documents\Beeching, Lillian, Dorothy, Janet.jpg
[2012/01/06 16:40:36 | 000,166,171 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Margaret.jpg
[2012/01/06 11:20:17 | 000,166,621 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William (young).jpg
[2012/01/06 11:16:07 | 000,248,991 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, William.jpg
[2012/01/06 10:55:33 | 000,375,537 | ---- | C] () -- C:\Users\Bruce\Documents\Stegemann, Henry death certificate.pdf
[2012/01/06 10:48:14 | 000,428,247 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0013.jpg
[2012/01/06 10:31:27 | 000,390,780 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0007.jpg
[2012/01/06 10:28:37 | 000,630,416 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Sophia Stegemann.pdf
[2012/01/06 10:27:26 | 000,690,944 | ---- | C] () -- C:\Users\Bruce\Documents\Bowe, Frederick Death Cert.pdf
[2011/12/28 01:14:53 | 000,015,964 | ---- | C] () -- C:\Users\Bruce\Documents\https___secure.pqarchiver.com_courant_display_pdf.pdf_filename=_share4_pqimage_hnirs102v_201112280057_56149_4683_out.pdf
[2011/12/28 01:05:26 | 000,549,902 | ---- | C] () -- C:\Users\Bruce\Documents\Palmer Herrmann Divorce.jpg
[2011/12/28 00:09:25 | 000,161,064 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, vacation 1953, Van, Hess, Bruce Brenton Woods, NJ.jpg
[2011/12/28 00:07:57 | 000,157,638 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno Vacation 1953, Hess, Bruce, Albert Brenton Woods, NJ.jpg
[2011/12/28 00:06:19 | 000,186,291 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno vacation 1953,Van, Hess, Bruce,Albert.jpg
[2011/12/27 23:55:36 | 000,376,185 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0012.jpg
[2011/12/27 23:51:44 | 000,457,368 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Darby House 1894.jpg
[2011/12/27 23:48:49 | 000,494,112 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, McCutchens.jpg
[2011/12/27 23:45:14 | 000,401,831 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service - South Ave 1925.jpg
[2011/12/27 23:43:49 | 000,846,555 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield, Public Service laying pipeline on South Avenue.jpg
[2011/12/27 23:39:32 | 000,118,451 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching 1920's.jpg
[2011/12/27 23:38:20 | 000,047,923 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0006.jpg
[2011/12/27 23:35:03 | 000,060,059 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0003.jpg
[2011/12/27 23:27:09 | 000,123,346 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching sitting on Bench.jpg
[2011/12/27 23:24:53 | 000,073,984 | ---- | C] () -- C:\Users\Bruce\Documents\Scan0002.jpg
[2011/12/27 23:18:54 | 000,396,692 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield House cut in half by Lisle Beeching.jpg
[2011/12/27 23:18:54 | 000,124,929 | ---- | C] () -- C:\Users\Bruce\Documents\NP House cut by Lisle Beeching.jpg
[2011/12/27 23:13:16 | 000,547,625 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house.jpg
[2011/12/27 23:10:31 | 000,811,326 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house on circle in watchung.jpg
[2011/12/27 23:07:48 | 000,271,269 | ---- | C] () -- C:\Users\Bruce\Documents\Spencer house, Watch.jpg
[2011/12/27 23:01:30 | 000,354,947 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House Watchung 1726.jpg
[2011/12/27 22:56:06 | 000,389,024 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House built 1726 pic taken 1940.jpg
[2011/12/27 22:50:21 | 000,275,127 | ---- | C] () -- C:\Users\Bruce\Documents\Allen House , 1940.jpg
[2011/12/27 21:56:19 | 000,072,967 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - Santa.jpg
[2011/12/27 21:54:27 | 000,080,123 | ---- | C] () -- C:\Users\Bruce\Documents\Ryno, Nancy - she ra.jpg
[2011/12/27 21:51:26 | 000,377,676 | ---- | C] () -- C:\Users\Bruce\Documents\Hand, Capt William.jpg
[2011/12/27 21:37:38 | 001,165,547 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Disappearance of Structures.jpg
[2011/12/27 21:36:50 | 000,455,041 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield City Stores.jpg
[2011/12/27 21:35:49 | 000,783,590 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Jewish families.jpg
[2011/12/27 21:33:33 | 000,921,266 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 4th of July.jpg
[2011/12/27 21:29:11 | 000,812,934 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse Racing.jpg
[2011/12/27 21:26:57 | 000,811,257 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Country Club.jpg
[2011/12/27 21:24:59 | 001,047,721 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 3.jpg
[2011/12/27 19:12:39 | 000,838,733 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Kings Daughter.jpg
[2011/12/27 19:11:22 | 000,659,609 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Arthur Smith.jpg
[2011/12/27 19:10:28 | 000,838,108 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War stuff.jpg
[2011/12/27 19:06:28 | 001,009,353 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 1.jpg
[2011/12/27 19:05:17 | 001,296,588 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield class of 1886.jpg
[2011/12/27 19:04:18 | 000,712,563 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Odds and Ends.jpg
[2011/12/27 19:03:20 | 000,978,066 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Slavery.jpg
[2011/12/27 19:00:39 | 000,461,207 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Peanut John.jpg
[2011/12/27 18:59:55 | 000,912,511 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Trolleys.jpg
[2011/12/27 18:58:58 | 000,726,805 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Van Wyck Brooks.jpg
[2011/12/27 18:57:46 | 001,057,291 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Rosenbaums before and after.jpg
[2011/12/27 18:54:42 | 001,379,479 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield before after north ave.jpg
[2011/12/27 18:53:44 | 000,952,512 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Farmers paradise.jpg
[2011/12/27 18:52:27 | 000,733,214 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Horse and buggy days.jpg
[2011/12/27 18:51:22 | 000,911,228 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Street maps.jpg
[2011/12/27 18:50:34 | 000,831,509 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Hartridge School.jpg
[2011/12/27 18:49:44 | 000,919,779 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Old Cemetery.jpg
[2011/12/27 18:48:50 | 001,115,503 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield John Taylor Johnson.jpg
[2011/12/27 18:48:06 | 001,074,141 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield French's Mill.jpg
[2011/12/27 18:47:07 | 001,111,575 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Muhlenberg Hospital.jpg
[2011/12/27 18:46:29 | 000,959,197 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Indians and streets.jpg
[2011/12/27 18:45:40 | 000,905,130 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Netherwood Hotel.jpg
[2011/12/27 18:44:45 | 000,900,144 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Babcock millionairs.jpg
[2011/12/27 18:43:39 | 000,917,965 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers Pond 2.jpg
[2011/12/27 18:40:45 | 000,737,498 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Civil War Parade.jpg
[2011/12/27 18:39:52 | 000,748,057 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Tiers pond.jpg
[2011/12/27 18:39:06 | 000,650,104 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield private schools.jpg
[2011/12/27 18:38:00 | 000,827,906 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield first house 1735.jpg
[2011/12/27 18:36:10 | 000,619,966 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield wonderful years.jpg
[2011/12/27 18:34:28 | 000,497,424 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1909 parade.jpg
[2011/12/27 18:33:18 | 000,682,950 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Public Schools.jpg
[2011/12/27 18:32:29 | 000,783,250 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Clock Tower.jpg
[2011/12/27 18:31:37 | 001,024,038 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 2.jpg
[2011/12/27 18:30:37 | 000,940,319 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield 1.jpg
[2011/12/27 16:53:03 | 000,988,439 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Laings Hotel.jpg
[2011/12/27 16:49:45 | 000,363,596 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department 2.jpg
[2011/12/27 16:42:21 | 000,690,620 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Fire department.jpg
[2011/12/27 16:40:35 | 001,322,452 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Doctors and Ministers.jpg
[2011/12/27 16:39:31 | 001,254,867 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Griffin Building.jpg
[2011/12/27 16:38:04 | 000,630,907 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Townsend marble and granite works.jpg
[2011/12/27 16:36:37 | 000,690,658 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Montgomery Wards.jpg
[2011/12/27 16:31:21 | 001,288,337 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House 2.jpg
[2011/12/27 16:30:14 | 001,458,669 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield Martine House.jpg
[2011/12/27 16:28:25 | 000,830,252 | ---- | C] () -- C:\Users\Bruce\Documents\Plainfield map 1972.jpg
[2011/12/27 16:04:51 | 000,165,320 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, Blatz Hotel.jpg
[2011/12/27 15:57:55 | 000,445,856 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Washington House.jpg
[2011/12/27 15:53:06 | 001,144,390 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield cemetery, Brook Avenue.jpg
[2011/12/27 15:46:21 | 000,734,730 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung, Milligan sisters in carriage.jpg
[2011/12/27 15:36:10 | 000,360,809 | ---- | C] () -- C:\Users\Bruce\Documents\Watchung Washington House.pdf
[2011/12/27 15:31:40 | 000,602,356 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Watchung Wetumpka Falls.pdf
[2011/12/27 15:30:11 | 000,427,976 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield Somerset Street near bridge.pdf
[2011/12/27 15:27:42 | 000,482,382 | ---- | C] () -- C:\Users\Bruce\Documents\North Plainfield, first Oldsmobile.pdf
[2011/12/27 15:25:32 | 000,586,398 | ---- | C] () -- C:\Users\Bruce\Documents\Brook Avenue Cemetery, North Plainfield.pdf
[2011/12/27 15:16:04 | 000,680,132 | ---- | C] () -- C:\Users\Bruce\Documents\Drake House article.pdf
[2011/12/27 15:00:34 | 000,381,955 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 4.pdf
[2011/12/27 14:58:54 | 000,699,300 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 3.pdf
[2011/12/27 14:57:46 | 000,988,809 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House page 2.pdf
[2011/12/27 14:56:47 | 000,887,222 | ---- | C] () -- C:\Users\Bruce\Documents\Talmage House Belvidere Ave, Plainfield 1969.pdf
[2011/12/24 14:48:02 | 000,454,154 | ---- | C] () -- C:\Users\Bruce\Documents\Poinsettia tree.jpg
[2011/10/24 09:37:26 | 000,155,648 | ---- | C] () -- C:\Windows\System32\dlbfinsb.dll
[2011/08/09 00:25:43 | 000,002,194 | ---- | C] () -- C:\ProgramData\QuickSet.xml
[2011/08/08 01:19:58 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2010/07/29 14:09:29 | 000,040,960 | ---- | C] () -- C:\Windows\System32\INSTMON.EXE
[2010/07/29 14:09:28 | 000,077,824 | ---- | C] () -- C:\Windows\System32\DLBFLCNP.DLL
[2010/04/27 12:12:48 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/02/07 13:54:02 | 000,061,440 | ---- | C] () -- C:\Windows\System32\dlbfcnv4.dll
[2010/02/07 13:54:01 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbfvs.dll
[2010/02/07 13:53:59 | 000,049,152 | ---- | C] () -- C:\Windows\System32\dlbfcoin.dll
[2010/01/18 16:38:46 | 000,010,496 | ---- | C] () -- C:\Windows\System32\rcmirror.dll
[2009/09/24 10:04:33 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/09/24 10:04:33 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/09/11 23:41:55 | 000,307,200 | ---- | C] () -- C:\Windows\System32\AscSQLite.dll
[2009/09/11 23:35:36 | 000,223,232 | ---- | C] () -- C:\Windows\System32\sqlite3.dll
[2009/09/11 23:35:35 | 000,086,016 | ---- | C] () -- C:\Windows\System32\SQLiteWrapper.dll
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2008/11/07 22:14:21 | 000,001,340 | ---- | C] () -- C:\Users\Bruce\AppData\Roaming\wklnhst.dat
[2008/08/27 08:00:35 | 000,000,801 | ---- | C] () -- C:\Windows\dellstat.ini
[2008/07/26 07:49:50 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/07/19 06:59:43 | 000,030,208 | -H-- | C] () -- C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/07/16 08:05:19 | 000,005,972 | ---- | C] () -- C:\Users\Bruce\AppData\Local\d3d9caps.dat
[2008/07/14 15:26:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/06/11 09:32:12 | 001,953,696 | ---- | C] () -- C:\Windows\System32\igklg400.dll
[2008/06/11 09:32:12 | 001,533,360 | ---- | C] () -- C:\Windows\System32\igklg450.dll
[2008/06/11 09:32:12 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1409.dll
[2008/06/11 09:32:12 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igmedcompkrn.dll
[2008/06/11 09:32:12 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008/06/11 09:32:08 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2008/06/11 06:53:57 | 000,054,784 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2008/06/11 06:53:56 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2008/02/03 18:11:25 | 000,000,000 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008/01/14 17:47:06 | 000,099,712 | ---- | C] () -- C:\Windows\HPBroker.dll
[2007/02/02 05:06:10 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dlbccur.dll
[2007/02/02 04:55:10 | 000,413,696 | ---- | C] () -- C:\Windows\System32\dlbcutil.dll
[2007/01/22 07:49:34 | 000,344,064 | ---- | C] () -- C:\Windows\System32\dlbccoin.dll
[2006/11/02 07:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 07:47:37 | 000,988,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 07:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 05:33:01 | 000,649,426 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 05:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 05:33:01 | 000,122,904 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 05:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 05:25:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2006/11/02 05:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 03:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 03:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 02:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 02:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2005/10/05 12:19:32 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dlbcvs.dll
[2005/08/26 15:28:34 | 000,143,360 | ---- | C] () -- C:\Windows\unzip.exe
[2005/08/26 15:28:20 | 000,024,576 | ---- | C] () -- C:\Windows\shortcut.exe
[2005/08/26 15:27:58 | 000,045,056 | ---- | C] () -- C:\Windows\devenum.exe
[2003/09/20 02:32:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dlbfcinf.dll
[2003/09/20 02:32:34 | 000,069,632 | ---- | C] () -- C:\Windows\System32\dlbfscin.dll
[2003/07/09 12:34:56 | 000,000,177 | ---- | C] () -- C:\Windows\System32\dlbfcoin.ini

========== LOP Check ==========

[2010/03/31 21:36:32 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\DriverCure
[2012/01/06 19:09:43 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\FamilyTreeMaker
[2010/08/20 20:46:28 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\MyHeritage
[2010/02/26 23:07:57 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Smart PDF Creator
[2010/09/11 15:59:54 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\TeamViewer
[2010/05/06 20:52:15 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\Template
[2010/08/20 20:45:07 | 000,000,000 | ---D | M] -- C:\Users\Bruce\AppData\Roaming\The Complete Genealogy Reporter - FTB
[2011/11/22 19:21:15 | 000,000,406 | ---- | M] () -- C:\Windows\Tasks\BackUpDutyLite.job
[2011/12/11 12:46:15 | 000,000,354 | ---- | M] () -- C:\Windows\Tasks\Driver Fetch.job
[2010/10/02 03:45:18 | 000,000,380 | ---- | M] () -- C:\Windows\Tasks\DriverCure.job
[2010/03/03 22:02:01 | 000,000,654 | -H-- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010/10/26 17:00:01 | 000,000,442 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration.job
[2010/10/27 01:25:18 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Registration3.job
[2011/12/07 02:25:01 | 000,000,416 | ---- | M] () -- C:\Windows\Tasks\ParetoLogic Update Version2.job
[2011/11/22 19:21:15 | 000,000,314 | ---- | M] () -- C:\Windows\Tasks\Regwork.job
[2012/01/21 22:28:28 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/21 22:47:23 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{336B4FEB-67DD-47F6-AECD-AA5624307E1C}.job

========== Purity Check ==========



< End of report >



Malwarebytes Anti-Malware (Trial) 1.60.0.1800
www.malwarebytes.org

Database version: v2012.01.22.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.19170
Bruce :: BRUCE [administrator]

Protection: Enabled

1/21/2012 11:04:07 PM
mbam-log-2012-01-21 (23-04-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 191828
Time elapsed: 12 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



C:\Program Files\Common Files\supportsoft\bin\ssmail.dll probably unknown NewHeur_PE virus deleted - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\chknet.exe a variant of Win32/Kryptik.ZCK trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\6EDB0\00001.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\6EDB0\6311E.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\6EDB0\7174E.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\6EDB0\B0F3E.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\Aho\cyunsuf.exe a variant of Win32/Injector.NGQ trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\B0B0A\lvvm.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\Lymeo\ypkaiku.exe a variant of Win32/Injector.NGQ trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\Microsoft\0156\15D7.tmp a variant of Win32/Kryptik.YXP trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\Microsoft\0156\38A.exe Win32/Cycbot.AK trojan cleaned by deleting - quarantined
C:\_OTL\MovedFiles\01182012_165114\C_Users\Bruce\AppData\Roaming\Microsoft\0156\7261.exe a variant of Win32/Kryptik.ZAF trojan cleaned by deleting - quarantined




Computer is running better.

[Nedklaw]

Hello!
Congratultions your logs look clean!
Please follow the steps below to make your computer more secure.


First, re-enable any anti-virus/anti-malware programs we have disabled during the removal process!


Cleanup

Run OTL.

• Under the Custom Scans/Fixes box at the bottom, paste in the following:
  
  

  :Commands 
  [purity] 
  [resethosts] 
  [emptytemp] 
  [EMPTYFLASH]
  [CLEARALLRESTOREPOINTS] 
  [Reboot]

• Then click the Run Fix button at the top.
• Let the program run unhindered, reboot the PC when it is done.

• Open OTL to run it. (Vista users, right click on OTL and "Run as administrator").
• Close all other programs apart from OTL as this step will require a reboot.
• On the OTL main screen, press the CLEANUP button.
• Say Yes to the prompt and then allow the program to reboot your computer.

Note: If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.


Updates

Windows Update - This site is a Microsoft site that will scan your computer for any patches or updates that are missing from your computer. You should check this website regularly to keep windows up to date. This will ensure your computer has all of the latest security updates installed on your computer and is secure from any known security holes. Windows Updates are constantly being revised to combat the newest hacks and threats.
It is best if you have these set to download automatically.

How to turn on Automatic Updates:

• Click on Start.
• Right-click My Computer.
• Select Properties.
• Click on the Automatic Updates Tab.
• Place a checkmark in the circle next to Automatic (recommended) near the green shield.
• Click Apply > OK.

Adobe Reader - Your version of Adobe Reader is outdated. It's important to keep Adobe Reader updated because many security problems are fixed with updates.

How to check for Adobe Reader updates:

• Open Adobe Reader.
• On the menu bar click on Help then Check For Updates.
• The program will then tell you if updates are available.

Make sure you have the latest Adobe Flash Player (11.1.102.55) and Adobe Shockwave Player (11.6.3.633) so you can view all of the latest content on websites.


Make Internet Explorer more secure

• Click Start > Run.
• Type Inetcpl.cpl & click OK.
• Click on the Security tab.
• Click Reset all zones to default level.
• Make sure the Internet Zone is selected & Click Custom level.
• In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
• Next Click OK, then Apply button and then OK to exit the Internet Properties page.

Recommended Programs

Make sure you update your security programs regularly so they know about new infections so they can protect your computer against them.
Here are a list of programs/tools that I like to recommend to users to reduce the risk of infection in the future:


Anti-Spyware Programs

MBAM - MalwareBytes Anti Malware is an excellent tool program to detect and get rid of malware. This program should be updated and run often.

SpywareBlaster - Prevents spyware from installing on your system and stops you from getting infected. It protects against bad ActiveX and immunizes your PC against them.

SpywareGuard - Works as a Spyware "Shield" to protect your computer from getting malware in the first place. It offers realtime protection from spyware installation attempts.
Note: Make sure you are only running one real-time anti-spyware protection program (eg: TeaTimer, Windows Defender) or there will be a conflict.


Alternate Browsers

Please consider using an alternate browser. Mozilla's Firefox browser is fantastic; it is much more secure than Internet Explorer, immune to almost all known browser hijackers, and also has the best built-in pop up blocker (as an added benefit!) that I have ever seen. Hijackers like to attack Internet Explorer more than FireFox. If you are interested, Firefox may be downloaded from here.

Add-ons

NoScript - Blocks ads and other potential website attacks.

AdBlockPlus - Adblock Plus gets rid of ads and banners on the internet.

DrWeb Anti-Virus Link Checker - Allows you to check any file you are about to download, any page you are about to visit with online version of Dr.Web anti-virus.

Other browsers include:

Google Chrome
Safari
Opera


Other Programs

WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
Green to go.
Yellow for caution.
Red to stop.
WOT has an addon available for both Firefox and IE.


ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.


IE-SpyAd - Puts over 5000 sites in your restricted zone so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. It prevents Cookies etc from downloading, from these websites, onto your computer.


MVPS Hosts File replaces your current HOSTS file with one containing well known ad sites and other bad sites. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer, meaning it will be difficult to infect yourself in the future.


FileHippo Update Checker is an extremely helpful program that will tell you which of your programs need to be updated. Its important to keep programs up to date so that malware doesn't exploit any old security flaws.


Google Toolbar - Get the free google toolbar to help stop pop ups.


Finally...

Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

To learn more about how to protect yourself while on the internet read this article by Tony Klein: So how did I get infected in the first place?

Please respond one last time so we can consider the thread resolved and close it, thank-you.
Good luck and stay safe!!!

[mewsick75]

All is well. Thank you for all your help!!!!