Page 1 of 11 123 ... LastLast
Results 1 to 10 of 102
  1. #1
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default hijacked by malware

    I am operating my computer in safe mode in order to access the internet. I have virus scanned and cleaned with Avast and Microsoft as well as Malwarebytes and still cannot get rid of it.

    Logs:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 06/17/2013 at 12:30 PM

    Application Version : 5.6.1012

    Core Rules Database Version : 10541
    Trace Rules Database Version: 8353

    Scan type : Complete Scan
    Total Scan Time : 00:08:31

    Operating System Information
    Windows 7 Starter 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 470
    Memory threats detected : 0
    Registry items scanned : 33314
    Registry threats detected : 0
    File items scanned : 4803
    File threats detected : 2

    Adware.Tracking Cookie
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\GU7GY65B.txt [ /liveperson.net ]
    C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Cookies\03OXW420.txt [ /liveperson.net ]


    malware:

    Malwarebytes Anti-Malware 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.06.17.03

    Windows 7 Service Pack 1 x86 NTFS (Safe Mode/Networking)
    Internet Explorer 10.0.9200.16618
    kmailler :: KMAILLER-PC [limited]

    6/19/2013 1:16:24 AM
    mbam-log-2013-06-19 (01-16-24).txt

    Scan type: Full scan (C:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 436903
    Time elapsed: 1 hour(s), 59 minute(s), 55 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)


    hijack this:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 6:25:55 PM, on 6/19/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16611)
    Boot mode: Safe mode with network support

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\ctfmon.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
    C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\kmailler\Desktop\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
    O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kmailler\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (file missing)
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe
    O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [CaddieSyncConduit] C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe
    O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN285BR0F805KF:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
    O4 - HKCU\..\Run: [gwqvuiku] "C:\Users\kmailler\AppData\Local\orivgaoh.exe"
    O4 - HKCU\..\Run: [tgqpjiuk] "C:\Users\kmailler\AppData\Local\fssjnfrg.exe"
    O4 - HKCU\..\Run: [WebCake Desktop] "C:\Users\kmailler\AppData\Roaming\WebCake\WebCakeDesktop.exe"
    O4 - HKCU\..\Run: [SearchProtect] C:\Users\kmailler\AppData\Roaming\SearchProtect\bin\cltmng.exe
    O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = ?
    O4 - Startup: MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
    O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
    O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - http://h20364.www2.hp.com/CSMWeb/Cus...ataManager.CAB
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
    O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} (Verizon Wireless Media Upload) - Cell Phones - Smartphones: Cell Phone Service, Accessories - Verizon Wireless
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\aestsrv.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
    O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe
    O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files\SearchProtect\bin\CltMngSvc.exe
    O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\kmailler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    O23 - Service: DeviceVM Meta Data Export Service (DvmMDES) - DeviceVM, Inc. - C:\SPLASH.SYS\config\DVMExportService.exe
    O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files\WildTangent Games\App\GamesAppService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\Windows\system32\spool\DRIVERS\W32X86\3\HPBPRO.EXE
    O23 - Service: HP Status Server - Hewlett-Packard Company - C:\Windows\system32\spool\DRIVERS\W32X86\3\HPBOID.EXE
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: IHA_MessageCenter - Verizon - C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe
    O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\STacSV.exe
    O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
    O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 10504 bytes


    Avast does not give me a log to copy and paste.

    Thanks

  2. #2
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi kmailler,

    We apologize for the delay in responding to your request for help. Here at Help2Go we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

    My name is Donna and I'll be helping you to clean up your computer.

    Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. This may cause a delay between posts so your patience will be appreciated, though do keep in mind that you have the advantage, as you have 2 people examining your issue.

    Please read this post completely before beginning the fix. If there's anything that you do not understand, please don't hesitate to ask before proceeding.

    Please take note of the guidelines for this fix:
    • Please note that we are all volunteers. We do have families, careers, and other endeavors just as you do that may prevent immediate responses that meet your schedule. Your patience and understanding will be greatly appreciated.
    • First of all, the procedures we are about to perform are specific to your problem and should only be used on this specific computer.
    • Do not make any changes to your computer that include installing/uninstalling programs, deleting files, modifying the registry, nor running scanners or tools of any kind unless specifically requested by me.
    • Please read ALL instructions carefully and perform the steps fully and in the order they are written.
    • If things appear to be better, let me know. Just because the symptoms no longer exist as before, does not mean that you are clean.
    • Continue to read and follow my instructions until I tell you that your machine is clean.
    • If you have any questions at all, please do not hesitate to ask before performing the task that I ask of you.
    • Scanning with programs and reading the logs do take a fair amount of time, your patience will be necessary.


    Let's begin:


    Please download OTL to your Desktop
    • Right-click on and select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Please check the box next to Scan All Users.
    • Make sure Use SafeList is selected under Extra Registry.
    • Under the Custom Scans/Fixes box at the bottom, paste in the following:
      Code:
       
      netsvcs
      BASESERVICES
      %SYSTEMDRIVE%\*.exe
      /md5start
      services.*
      explorer.exe
      winlogon.exe
      Userinit.exe
      svchost.exe
      /md5stop
      dir C:\ /S /A:L /C
      CREATERESTOREPOINT
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your reply. If both log won't fit in the same post, you may post them in two separate posts.



    Next:

    Download AdwCleaner
    • Double click on AdwCleaner.exe to run the tool.
      ***Note: Windows Vista/Windows 7 users please right click and select Run as administrator
    • Click the Search button.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your next reply.
    • Or you can find the logfile at C:\AdwCleaner[xx].txt where xx denotes the number of times the application has been run




    Logs needed in your next reply:
    OTL.txt
    Extras.txt
    C:\AdwCleaner[xx].txt



    Thank you,

    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  3. #3
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default

    OTL Extras logfile created on: 6/21/2013 8:58:48 AM - Run 9
    OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\kmailler\Desktop
    Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16614)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.30 Mb Total Physical Memory | 317.35 Mb Available Physical Memory | 31.26% Memory free
    1.99 Gb Paging File | 1.37 Gb Available in Paging File | 68.54% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 137.47 Gb Total Space | 71.20 Gb Free Space | 51.79% Space Free | Partition Type: NTFS
    Drive D: | 11.38 Gb Total Space | 1.91 Gb Free Space | 16.75% Space Free | Partition Type: NTFS
    Drive E: | 976.13 Mb Total Space | 396.38 Mb Free Space | 40.61% Space Free | Partition Type: FAT

    Computer Name: KMAILLER-PC | User Name: kmailler | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_USERS\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Unable to open value key
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- "%1" %*
    htmlfile [edit] -- Reg Error: Unable to open value key
    https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Unable to open value key
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Unable to open value key
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 0
    "FirewallDisableNotify" = 0
    "AntiVirusDisableNotify" = 0
    "UpdatesDisableNotify" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    ========== System Restore Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
    "DisableSR" = 0

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 1

    ========== Authorized Applications List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{20492CA7-BA71-4F3C-9308-AC0433150AB2}" = lport=139 | protocol=6 | dir=in | app=system |
    "{3294F1B1-0E56-4763-9280-155AC062131F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
    "{329EEE6E-3625-4066-84B9-1B11F38FE16C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{52A0D343-50F1-4F43-B0C3-760172B5458C}" = rport=138 | protocol=17 | dir=out | app=system |
    "{6313C6E5-6EC1-415D-8F82-8588749BFF9E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{71CF6251-4464-4FE7-AA1C-5C9F42681835}" = lport=137 | protocol=17 | dir=in | app=system |
    "{79C37D41-88A0-4B4C-AA34-790756C124E4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{881F53CD-4788-4435-9572-881F945AD9DB}" = rport=139 | protocol=6 | dir=out | app=system |
    "{90CFC801-EBD6-46DF-82F7-5AE9E0A24A4B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
    "{97F7BE64-AA8D-405B-9FA8-93CC0C8F3498}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
    "{9C91D8F6-AF5B-4604-987A-B9B52DD67BA8}" = lport=445 | protocol=6 | dir=in | app=system |
    "{B5796328-7F67-4D61-A065-24889E3B7EB0}" = lport=138 | protocol=17 | dir=in | app=system |
    "{BB748BD9-3EFC-4765-9C75-19F9214801D3}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{C54F8055-112D-45BB-B8D6-5EC6016F4CFD}" = rport=445 | protocol=6 | dir=out | app=system |
    "{C80D1EE3-B75B-45A1-A06C-A5B6EF570225}" = lport=50001 | protocol=17 | dir=in | name=iha_messagecenter |
    "{CBC0C0A9-8D6A-4C10-A102-D092C8189682}" = rport=137 | protocol=17 | dir=out | app=system |
    "{D95343FA-3605-4AF8-8291-7BD511EA18EE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
    "{E4CEDF83-70CA-4B3E-9253-A607EF34CA8B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
    "{FEAB6994-07E2-4663-9DD8-3F908CC2ABE1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
    "{FFA2E784-C514-4471-8B8C-FBD41500E558}" = lport=2869 | protocol=6 | dir=in | app=system |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{04336787-739F-4E3B-9648-CC523CD08999}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
    "{06E43E3A-D4AF-4268-B6C1-02E312927040}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
    "{09778FBE-4B68-4EEE-B86D-47FD0B489807}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
    "{098706E9-9314-4F12-9C25-8F5D5B1AC0E4}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{0AE6D845-A2B1-4C5C-84C7-144D38CCDC64}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
    "{0BF693F4-0764-423C-88BE-528E89B87564}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe |
    "{0E283D94-721D-4E6F-A077-D1F7FD58DC59}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe |
    "{10F413E7-E8E9-473D-838B-80F40B442E48}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
    "{12FD3126-B565-49B8-B406-995C636BF1CC}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe |
    "{1B69C63D-0CF1-4FE9-9FC6-0B8F9FCE7934}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
    "{1BF531A5-5D3C-4370-8B8A-9F75D525E8E1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{231CCB09-137A-42ED-B264-77C964C34C08}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
    "{284D143B-5633-43E5-8041-AC1D79F30B27}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
    "{2AA04537-AC62-4910-A7BC-A22BB0BA118A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
    "{348EC58E-CF4C-4A0E-BDC5-D5569221DF2A}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
    "{3584B368-6613-4494-AF18-C09FE40CC43A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
    "{3673B216-37D0-42F5-ADF2-AD3A67FEC4FD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
    "{3E06BE2D-B1B7-47ED-B1DF-43B5163DCA33}" = protocol=17 | dir=in | app=c:\program files\skygolf\caddiesync express\caddiesyncexpress.exe |
    "{46803DFA-CA2A-4403-A200-CD8EDEC7EB73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
    "{4EB993F7-9828-4F2F-9CD3-204B5FE376C7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
    "{563F4564-B8A9-4948-8A41-8F905832E878}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
    "{568BD964-76D4-4B94-8109-C1DB19B3D68C}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
    "{58521F1A-C21C-4FA3-8E63-1208194DE59C}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{5A634D86-0EA2-4298-BA5B-3EEC13C6B214}" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
    "{5B37BACA-043A-44B8-B579-5C78BC028390}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{5B64F95C-347B-4D11-9BE8-207C4EB33993}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
    "{64BDFC52-8A9D-4B0F-A565-FA0BC477F838}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
    "{6F07E945-B7FD-4332-AE8E-52CACE4386DF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
    "{6F9B8683-3D6E-434D-806A-97A438A6BE8A}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{74B550A9-A5D1-4E90-A0B9-F37843632D9F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{7859D768-A6C2-4133-A751-5AF11FBFBF06}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "{7CAC42F1-AF26-43F2-88D6-4230BE86206C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
    "{83765751-BB0F-4DE7-AAD7-D7F4A707DE82}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe |
    "{8414583E-FF1C-44F6-99B4-0312FE1D2157}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{8FA888CD-CFFE-4321-AC6A-4ABA50F19C27}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
    "{923F63E1-6720-40BB-A3BA-C582D247DF0C}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe |
    "{92407F60-B3F5-444E-BA82-252D47E84930}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{9C86377E-D3A8-462E-9BD5-8EE736534630}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
    "{A0C1B438-509A-474A-AF09-236D90783AF4}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
    "{A2269974-285F-4409-899D-C6A4A7395213}" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
    "{A4DA23D4-983A-4472-A754-9E51B3FF7555}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
    "{A6690AC8-C5C3-44FF-93CA-A029AF259B49}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
    "{A9591DEE-DDE5-4603-81F8-B202B314EF25}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
    "{AAE6D2EB-40E0-43EE-8DEA-94895869E20A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
    "{AD305BCF-B67C-4102-B5BC-E65B639F6A9C}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
    "{B2112734-2AA7-4C1E-98FA-E40525FA53ED}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
    "{BB0E203E-CD98-4178-85A5-85065410D3E0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
    "{BE102BA3-6109-41F3-A964-4DAE498A1311}" = dir=in | app=c:\program files\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
    "{C504DAC4-2512-4264-AAB6-770B031E1F7A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
    "{C81B4A83-06EB-4CD1-B5D7-0F0CE540CB9C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
    "{CB04E35E-6FA2-4A9C-849A-CEF69B98A2E5}" = protocol=6 | dir=in | app=c:\program files\skygolf\caddiesync express\caddiesyncexpress.exe |
    "{CBADA3FE-9241-4AFC-BD97-7BDFD686FBBF}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
    "{CEA8EC18-6263-47D7-91F2-0511D2DEF378}" = protocol=6 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
    "{D9FA53D9-5FD4-4D54-9B0A-3B8877E64668}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
    "{E8250418-4C6B-4B87-9810-463B21542675}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
    "{E8539DC1-B357-4351-9CC6-526A82E8AA8D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{EA0D524B-00CD-422E-AD9E-B458F53C9CE6}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
    "{F3DF7F17-7A08-4D5B-A3A1-F6AFE903D1BB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\live meeting 8\console\pwconsole.exe |
    "TCP Query User{00937FBC-BCE3-4577-99CC-22EF5CD8D27C}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe |
    "TCP Query User{1A49BE8A-03FC-4E7C-8DBE-1FFC12245D7F}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "TCP Query User{1BE24BDB-B108-49D8-A833-F33B15C695BB}C:\users\kmailler\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe" = protocol=6 | dir=in | app=c:\users\kmailler\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe |
    "TCP Query User{2A3AAA83-A5F7-4C1C-A653-0C0B8115EF94}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "TCP Query User{6105C2E0-19A9-47CC-A9B0-045629E5C4A0}C:\program files\verizon\verizon media manager\release\verizon media manager.exe" = protocol=6 | dir=in | app=c:\program files\verizon\verizon media manager\release\verizon media manager.exe |
    "TCP Query User{7C6030E1-F4E0-45CF-8D05-F495BFA38A08}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe |
    "TCP Query User{9D4A6FB5-8E2C-4B69-863D-2CC3A983CE4D}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "TCP Query User{A47128FC-166A-4F6D-83ED-9FCAFE6A044D}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
    "TCP Query User{A7709568-3CA2-4DC0-BA0F-635BC22F6C05}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "TCP Query User{E4DBB3D5-3359-4BCB-91F3-AB0E077E214F}C:\program files\skygolf\caddiesync express\caddiesyncexpress.exe" = protocol=6 | dir=in | app=c:\program files\skygolf\caddiesync express\caddiesyncexpress.exe |
    "TCP Query User{F1F57665-C745-4C3D-AB5C-0497068A2963}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
    "TCP Query User{F3BF7AB2-698A-4B5A-AD9B-B47B0A7F5C04}C:\program files\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |
    "TCP Query User{FADEC3A4-B741-4E9E-9D12-ECD9E0A1DE1B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{1E82A527-92C3-41DC-A1A0-03E6713F2B99}C:\program files\verizon\verizon media manager\release\verizon media manager.exe" = protocol=17 | dir=in | app=c:\program files\verizon\verizon media manager\release\verizon media manager.exe |
    "UDP Query User{25AC9FD2-B1B2-4897-A906-F6FF2B373A58}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
    "UDP Query User{4405CC8D-C587-4561-87AC-DDA774A77403}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
    "UDP Query User{4DA19783-D4EE-47DC-A096-F5372AD4B9B3}C:\program files\skygolf\caddiesync express\caddiesyncexpress.exe" = protocol=17 | dir=in | app=c:\program files\skygolf\caddiesync express\caddiesyncexpress.exe |
    "UDP Query User{5028FB3F-3C99-440F-B833-72F6CE9248AB}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
    "UDP Query User{603F4810-D517-46B7-B019-150AB98D5F81}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe |
    "UDP Query User{71312F49-E994-4245-9F66-96420ECDF4F9}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe |
    "UDP Query User{817E3353-2984-4FA8-9A2E-4DF2421B1EA3}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
    "UDP Query User{949D5FCC-53F6-47E2-A20E-CCAA97FB77E3}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
    "UDP Query User{AFC791A4-DF05-4987-A475-3BDCCAD0D381}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |
    "UDP Query User{B7F77A1F-0351-4E60-A970-2B673C6794BA}C:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\hewlett-packard\hp quicksync\jre\bin\javaw.exe |
    "UDP Query User{BDC7602F-501E-4552-AD01-275EC873DC9A}C:\users\kmailler\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe" = protocol=17 | dir=in | app=c:\users\kmailler\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe |
    "UDP Query User{C1CB22F1-630D-4A85-AAF3-4C81A2339277}C:\program files\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{07FF08D2-C0CD-4B02-B9A6-E2E7E5762AA9}" = Vz In Home Agent
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
    "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
    "{0F052922-4BCE-4763-A540-00857554336D}" = Redist
    "{11B7161D-3461-40CD-B31F-84065AC84A4E}" = HP User Guides 0166
    "{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
    "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
    "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
    "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
    "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
    "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
    "{26A24AE4-039D-4CA4-87B4-2F83216024FF}" = Java(TM) 6 Update 26
    "{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
    "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
    "{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
    "{34985F59-8F6F-46F4-9AD5-53E2714294D2}" = ArcSoft WebCam Companion 3
    "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{3C52E7DA-C431-4239-B66B-1BF703D5B194}" = Windows Live Photo Gallery
    "{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
    "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
    "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
    "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
    "{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
    "{46235FF7-2CBE-4A84-BEDA-87348D1F7850}" = HP Officejet Pro 8600 Help
    "{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{53F08287-443D-4FC0-B74D-1169B6B9A71C}" = HP Instant Web
    "{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
    "{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR
    "{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
    "{5EFA68C8-CFFD-407F-8B17-7D7C61D2F93A}" = InstallIQ Updater
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6ED53E0C-EAC0-4F0F-947D-6BA817E4C8C3}" = HostsMan 3.2.73
    "{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
    "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
    "{710BF966-43C8-4216-A8EC-BC4E169FF7C1}" = MobileMe Control Panel
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79ACC31A-87EA-472A-853E-5AC6A97CE569}" = HP Officejet Pro 8600 Product Improvement Study
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{859963C1-E908-49E8-9FA3-9E833D717563}" = IHA_MessageCenter
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{879A1469-2B5E-4FC5-BFF6-7CD737DF58E1}" = Customer Support Tool A206
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8EAB4100-B343-41AE-A880-418746998209}" = HP Officejet Pro 8600 Basic Device Software
    "{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
    "{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-00D1-0409-0000-0000000FF1CE}" = Microsoft Access database engine 2010 (English)
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
    "{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
    "{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
    "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9FA23C53-D512-488C-BD99-4124F6DD2087}" = VersaCheck 2005 Gold
    "{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
    "{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}" = Adobe Shockwave Player
    "{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
    "{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
    "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = WebCake 3.00
    "{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
    "{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
    "{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
    "{D5899C41-AFD8-4129-8CA2-1FCEB89B1217}" = Microsoft Lync Web App Plug-in
    "{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
    "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
    "{E30E7561-A466-4393-B8BF-FD93E733EF3C}" = Microsoft Office Live Meeting 2007
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{E89498D8-1430-4A2B-A76A-4A71326981E9}" = SpyHunter
    "{EEA95E6C-6847-49BE-83C9-ED92D8E18983}" = HP QuickSync
    "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
    "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
    "{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
    "{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "AIM_7" = AIM 7
    "avast" = avast! Internet Security
    "AVG SafeGuard toolbar" = AVG SafeGuard toolbar
    "Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
    "CaddieSync Express" = CaddieSync Express 1.5.8
    "CCleaner" = CCleaner
    "CopyTrans Suite" = CopyTrans Suite Remove Only
    "Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
    "ESET Online Scanner" = ESET Online Scanner v3
    "Google Chrome" = Google Chrome
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Smart Web Printing" = HP Smart Web Printing 4.51
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPOCR" = OCR Software by I.R.I.S. 13.0
    "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
    "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 21.0 (x86 en-US)" = Mozilla Firefox 21.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "MWSnap 3" = MWSnap 3
    "MyPC Backup" = MyPC Backup
    "NSS" = Norton Security Scan
    "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
    "OpenIt Open It!" = Open It!
    "SearchProtect" = Search Protect by conduit
    "Secunia PSI" = Secunia PSI (2.0.0.3001)
    "SkyCaddieDesktop" = SkyCaddie Desktop
    "SLABCOMM&10C4&EA60" = Silicon Laboratories CP210x USB to UART Bridge (Driver Removal)
    "Startup Optimizer_is1" = Startup Optimizer 1.6
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
    "Verizon FiOS Activation_is1" = Verizon FiOS Activation
    "Verizon Media Manager" = Verizon Media Manager
    "WildTangent hp Master Uninstall" = HP Games
    "WinLiveSuite_Wave3" = Windows Live Essentials
    "WinX DVD Ripper Platinum_is1" = WinX DVD Ripper Platinum 6.0.1
    "WTA-9632ebea-07f0-49b4-a25e-02ba22f08add" = 4 Elements II
    "WTA-c60a6225-a58f-4f7f-b60c-795d9c0f438c" = Reel Deal Slots: American Adventure
    "WTA-eb50806f-20db-4212-b301-bba352b4c573" = Magic Academy 2
    "Yahoo! Companion" = Yahoo! Toolbar
    "Yahoo! Messenger" = Yahoo! Messenger
    "Yahoo! Search Defender" = Yahoo! Search Protection
    "Yahoo! Software Update" = Yahoo! Software Update

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Amazon Kindle For PC" = Amazon Kindle For PC
    "DSite" = Update for Zip Opener
    "Yahoo! BrowserPlus" = Yahoo! BrowserPlus 2.9.8

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/17/2013 7:19:26 PM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/18/2013 5:02:51 AM | Computer Name = kmailler-PC | Source = SideBySide | ID = 16842785
    Description = Activation context generation failed for "C:\Program Files\HP\HP Officejet
    Pro 8600\DriverStore\Pipeline\amd64\hpinkins5912.exe". Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"
    could not be found. Please use sxstrace.exe for detailed diagnosis.

    Error - 6/18/2013 6:21:27 AM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/18/2013 6:47:32 AM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/18/2013 8:08:38 PM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/18/2013 8:13:42 PM | Computer Name = kmailler-PC | Source = System Restore | ID = 8193
    Description =

    Error - 6/18/2013 8:13:51 PM | Computer Name = kmailler-PC | Source = System Restore | ID = 8193
    Description =

    Error - 6/19/2013 6:10:53 PM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/20/2013 7:47:18 PM | Computer Name = kmailler-PC | Source = MsiInstaller | ID = 11706
    Description =

    Error - 6/21/2013 8:42:02 AM | Computer Name = kmailler-PC | Source = System Restore | ID = 8193
    Description =

    [ Hewlett-Packard Events ]
    Error - 10/2/2012 8:12:48 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 10/16/2012 5:42:02 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 10/30/2012 2:59:26 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 2000
    Description = HP Error ID: -2146233088 at HPSFConfigReader.ConfigHelper.loadXML()

    at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace:
    at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

    at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
    Files\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 1015 Ram Utilization:
    80 TargetSite: Void loadXML()

    Error - 11/14/2012 8:14:20 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 12/4/2012 7:39:13 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 2000
    Description = HP Error ID: -2146233088 at HPSFConfigReader.ConfigHelper.loadXML()

    at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace:
    at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

    at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
    Files\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 1015 Ram Utilization:
    80 TargetSite: Void loadXML()

    Error - 12/20/2012 7:05:25 AM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 2000
    Description = HP Error ID: -2146233088 at HPSFConfigReader.ConfigHelper.loadXML()

    at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Message: Exception of type 'System.Exception' was thrown. StackTrace:
    at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

    at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
    isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
    Files\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 1015 Ram Utilization:
    80 TargetSite: Void loadXML()

    Error - 12/25/2012 3:14:56 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 2/12/2013 7:18:30 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 2/26/2013 6:58:10 PM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    Error - 3/25/2013 7:24:19 AM | Computer Name = kmailler-PC | Source = HPSF.exe | ID = 4000
    Description =

    [ System Events ]
    Error - 6/21/2013 9:15:55 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:16:25 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:16:25 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:16:25 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:17:53 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:17:53 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:17:53 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:18:31 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:18:31 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 6/21/2013 9:18:31 AM | Computer Name = kmailler-PC | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068


    < End of report >

  4. #4
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi kmailler,

    Thank you for the Extras.txt log. Could you also post the 2 following log as well?

    OTL.txt <-- found on desktop and dated for 6/21/2013 8:58:48 AM
    C:\AdwCleaner[xx].txt <-- found in Start > Computer > C:\ and dated for when you ran the program. If you have not ran the scan yet, please do and post the log.

    Thanks!
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  5. #5
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default

    Please bear with me as I am having difficulties responding on the affected computer. I copy and paste the logs and the
    Computer goes into la la land

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    If your USB ports work on the infected computer, the following might be easier:

    Do you have a USB flash drive? You could transfer the files to the USB, then to the good computer and post from there if you like. The safest way to do so without infecting the clean computer is as follows:

    First, on the infected computer you will need to get the AdwCleaner.txt to the desktop for easy access. Navigate to the file on C: then Right click and choose Send to... then choose desktop from the list and a shortcut to the file will appear on the desktop.

    • Press the Shift key on the infected computer and insert the USB Flash drive into the computer. (This will stop the autorun function)
    • Go to Start > Computer and look for Devices with Removable Storage > USB Flash drive.
    • Minimize that screen so you can see the files on your desktop.
    • Drag and drop the files from the desktop onto the USB Flash drive.


    To transfer files:

    • Press the Shift key on the clean computer and insert the USB Flash drive into the computer. (This will stop the autorun function)
    • Go to Start > Computer and look for Devices with Removable Storage > USB Flash drive.
    • Minimize that screen so you can now open the USB Flash drive to drag and drop the files onto the desktop of the clean computer.


    Keep me posted to your progress.....
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default

    Fri, Jun 21, 2013 at 7:50 PM
    Fri, 7:50 PM
    Message starred
    FROM Kathy Mailler TO You
    file
    Show Details

    From

    Kathy Mailler

    To

    OTL logfile created on: 6/21/2013 1:12:06 PM - Run 9
    OTL by OldTimer - Version 3.2.70.2 Folder = C:\Users\kmailler\Desktop
    Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16614)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.30 Mb Total Physical Memory | 282.50 Mb Available Physical Memory | 27.82% Memory free
    1.99 Gb Paging File | 1.25 Gb Available in Paging File | 62.67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 137.47 Gb Total Space | 71.07 Gb Free Space | 51.70% Space Free | Partition Type: NTFS
    Drive D: | 11.38 Gb Total Space | 1.91 Gb Free Space | 16.75% Space Free | Partition Type: NTFS
    Drive E: | 976.13 Mb Total Space | 396.38 Mb Free Space | 40.61% Space Free | Partition Type: FAT

    Computer Name: KMAILLER-PC | User Name: kmailler | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\kmailler\Desktop\OTL(1).exe (OldTimer Tools)
    PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe (Adobe Systems, Inc.)
    PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
    MOD - C:\Program Files\Mozilla Firefox\mozjs.dll ()
    MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
    MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()


    ========== Services (SafeList) ==========

    SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\kmailler\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found
    SRV - (vToolbarUpdater15.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
    SRV - (DefaultTabUpdate) -- C:\Users\kmailler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (BackupStack) -- C:\Program Files\MyPC Backup\BackupStack.exe (Just Develop It)
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
    SRV - (CltMngSvc) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe (Conduit)
    SRV - (SpyHunter 4 Service) -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Enigma Software Group USA, LLC.)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
    SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
    SRV - (TomTomHOMEService) -- C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
    SRV - (IHA_MessageCenter) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe (Verizon)
    SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\psia.exe (Secunia)
    SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)
    SRV - (GamesAppService) -- C:\Program Files\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
    SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\stacsv.exe (IDT, Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV - (DvmMDES) -- C:\SPLASH.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
    SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_fa0513b7754bf240\AEstSrv.exe (Andrea Electronics Corporation)
    SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
    SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
    SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (USBCCID) -- system32\DRIVERS\RtsUCcid.sys File not found
    DRV - (RtsUIR) -- system32\DRIVERS\Rts516xIR.sys File not found
    DRV - (catchme) -- C:\Users\kmailler\AppData\Local\Temp\catchme.sys File not found
    DRV - (avgtp) -- C:\Windows\System32\drivers\avgtpx86.sys (AVG Technologies)
    DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswVmm) -- C:\Windows\System32\drivers\aswVmm.sys ()
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
    DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
    DRV - (aswRvrt) -- C:\Windows\System32\drivers\aswRvrt.sys ()
    DRV - (aswNdis2) -- C:\Windows\System32\drivers\aswNdis2.sys (AVAST Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
    DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
    DRV - (aswFW) -- C:\Windows\System32\drivers\aswFW.sys (AVAST Software)
    DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
    DRV - (aswNdis) -- C:\Windows\System32\drivers\aswNdis.sys (ALWIL Software)
    DRV - (EsgScanner) -- C:\Windows\System32\drivers\EsgScanner.sys ()
    DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
    DRV - (SkyhawkeUSBLan) -- C:\Windows\System32\drivers\btblan.sys (Belcarra Technologies)
    DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
    DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
    DRV - (DVMIO) -- C:\SPLASH.SYS\config\dvmio.sys (DeviceVM, Inc.)
    DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
    DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
    DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
    DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
    DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
    DRV - (rcmirror) -- C:\Windows\System32\drivers\rcmirror.sys (Windows (R) Codename Longhorn DDK provider)
    DRV - (SWNC5E00) -- C:\Windows\System32\drivers\SWNC5E00.sys (Sierra Wireless Inc.)
    DRV - (SWMX00) -- C:\Windows\System32\drivers\swmx00.sys (Sierra Wireless Inc.)


    ========== Standard Registry (All) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Bing
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
    IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {89022F4C-44A1-4FDE-A12D-C4835266CC16}
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{09E6A7B0-CB00-8526-E31E-47FE636E4D6A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=HPNTDF&pc=HPNTDF&src=IE-SearchBox


    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Sign In
    IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    IE - HKU\.DEFAULT\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll (Yahoo! Inc.)
    IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Sign In
    IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    IE - HKU\S-1-5-18\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTNavAssist.dll (Yahoo! Inc.)
    IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-19\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-20\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = Yahoo!
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Sign In
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\SearchScopes,Backup.Old.DefaultScope = {8B31050B-FBEC-48A3-A4A2-383DD49998BB}
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\SearchScopes,DefaultScope = {09E6A7B0-CB00-8526-E31E-47FE636E4D6A}
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\SearchScopes\{09E6A7B0-CB00-8526-E31E-47FE636E4D6A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR&pc=HPNTDF
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\SearchScopes\{336312A6-2667-4FBB-B919-A44B12A48C0C}: "URL" = http://search.conduit.com/Results.aspx?ctid=CT3300023&SearchSource=45&UM=2&q={searchTerms}
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
    IE - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Yahoo"
    FF - prefs.js..browser.search.defaulturl: "http://search.yahoo.com/search?fr=mkg030&p="
    FF - prefs.js..browser.search.param.yahoo-fr: "moz2-ytff-hotj"
    FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-hotj"
    FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT3289847&octid=CT3289847&SearchSource=61&CUI=UN22400806832344419&UM=2&UP=SPDB378CA7-90AC-47FD-A20E-111320196388&SSPV=TB_CT3"
    FF - prefs.js..extensions.enabledAddons: plugin%40getwebcake.com:1.00.01
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKLM\Software\MozillaPlugins\npDisplayEngine: C:\Program Files\LivingPlay Games\nplplaypop.dll ( )
    FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.8: C:\Users\kmailler\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
    FF - HKCU\Software\MozillaPlugins\LWAPlugin15.8: C:\Users\kmailler\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll (Microsoft Corporation)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/07/18 20:47:48 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/06/17 12:46:12 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/05/25 14:57:55 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/05/25 14:55:03 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/07/18 20:47:48 | 000,000,000 | ---D | M]

    [2011/05/21 08:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Extensions
    [2012/02/14 12:46:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
    [2011/05/21 08:43:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
    [2013/06/18 06:47:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions
    [2013/05/10 21:23:40 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
    [2013/05/15 20:24:20 | 000,000,000 | ---D | M] (WOT) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
    [2011/08/02 06:29:25 | 000,000,000 | ---D | M] (IE Tab +) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\coralietab@mozdev.org
    [2013/06/17 13:18:34 | 000,000,000 | ---D | M] (WebCake) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\plugin@getwebcake.com
    [2010/03/23 11:52:02 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\support@ancestry.com
    [2013/03/23 12:07:28 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\adblockpopups@jessehakanen.net.xpi
    [2012/06/21 17:06:10 | 000,319,802 | ---- | M] () (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\firefox@facebook.com.xpi
    [2013/06/06 17:19:10 | 000,216,628 | ---- | M] () (No name found) -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
    [2013/06/17 13:19:29 | 000,001,134 | ---- | M] () -- C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\searchplugins\whitesmoke-new-customized-web-search.xml
    [2013/05/25 14:57:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2013/05/25 14:57:53 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2007/04/10 18:21:08 | 000,163,256 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\np-mswmp.dll
    [2011/03/17 18:29:27 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
    [2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
    [2011/03/17 18:29:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
    [2013/05/10 03:57:26 | 000,187,456 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
    [2012/12/31 11:36:50 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin.dll
    [2012/12/31 11:36:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll
    [2012/12/31 11:36:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll
    [2012/12/31 11:36:51 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll
    [2012/12/31 11:36:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll
    [2012/12/31 11:36:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll
    [2012/12/31 11:36:52 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll
    [2011/10/12 09:32:26 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
    [2012/03/01 07:36:17 | 000,002,131 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\blekkotb.xml

    ========== Chrome ==========

    CHR - homepage: Google
    CHR - default_search_provider: Web Search ()
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
    CHR - homepage: Google
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
    CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    CHR - plugin: downloadUpdater (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
    CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: Display Engine v2 (Enabled) = C:\Program Files\LivingPlay Games\nplplaypop.dll
    CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
    CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: BrowserPlus (from Yahoo!) v2.9.8 (Enabled) = C:\Users\kmailler\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin
    CHR - Extension: YouTube = C:\Users\kmailler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Google Search = C:\Users\kmailler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: avast! WebRep = C:\Users\kmailler\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
    CHR - Extension: Gmail = C:\Users\kmailler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    Hosts file not found
    O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (DefaultTab Browser Helper) - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\kmailler\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll File not found
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
    O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
    O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\YTSingleInstance.dll (Yahoo! Inc)
    O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O3 - HKLM\..\Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
    O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O3 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [CaddieSyncConduit] C:\Program Files\SkyGolf\CaddieSync Express\CaddieSyncExpress.exe (SkyHawke)
    O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
    O4 - HKLM..\Run: [SearchProtectAll] C:\Program Files\SearchProtect\bin\cltmng.exe (Conduit)
    O4 - HKLM..\Run: [vProt] C:\Program Files\AVG SafeGuard toolbar\vprot.exe (AVG Secure Search)
    O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [gwqvuiku] "C:\Users\kmailler\AppData\Local\orivgaoh.exe" File not found
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [HP Officejet Pro 8600 (NET)] C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [SearchProtect] C:\Users\kmailler\AppData\Roaming\SearchProtect\bin\cltmng.exe (Conduit)
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [tgqpjiuk] "C:\Users\kmailler\AppData\Local\fssjnfrg.exe" File not found
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\Run: [WebCake Desktop] C:\Users\kmailler\AppData\Roaming\WebCake\WebCakeDesktop.exe (WebCake LLC)
    O4 - HKLM..\RunOnce: [Del966238] C:\Windows\System32\cmd.exe (Microsoft Corporation)
    O4 - HKLM..\RunOnce: [SymInstallStub] C:\Users\kmailler\AppData\Local\temp\is357113909\SymInstallStub.exe (Symantec Corporation)
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\RunOnce: [Application Restart #0] C:\Windows\System32\ctfmon.exe ctfmon.exe File not found
    O4 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000..\RunOnce: [Del966238] C:\Windows\System32\cmd.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk = C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    O4 - Startup: C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
    O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
    O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 149
    O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
    O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
    O7 - HKU\S-1-5-21-3786592325-3441976838-1017872943-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
    O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard)
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\wshbth.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
    O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.hp.com/CSMWeb/Cus...ataManager.CAB (Reg Error: Unable to open value key)
    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
    O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} Cell Phones - Smartphones: Cell Phone Service, Accessories - Verizon Wireless (Verizon Wireless Media Upload)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_26)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D1FD69A4-5E71-4A67-AAB3-A3E4A0118D19}: DhcpNameServer = 192.168.1.1
    O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\g7ps {9EACF0FB-4FC7-436E-989B-3197142AD979} - C:\Program Files\Common Files\G7PS\Shared Files\G7PSDLL\G7PS.dll (G7 Productivity Systems, Inc.)
    O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
    O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
    O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
    O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll (Microsoft Corporation)
    O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
    O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
    O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
    O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
    O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\System32\igfxdev.dll (Intel Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll (Microsoft Corporation)
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
    O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
    O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
    O31 - SafeBoot: AlternateShell - cmd.exe
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (aswBoot.exe /M:8a7cc490)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/06/21 08:58:21 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\kmailler\Desktop\OTL(1).exe
    [2013/06/21 08:46:22 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG SafeGuard toolbar
    [2013/06/21 08:46:16 | 000,037,664 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
    [2013/06/21 08:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
    [2013/06/21 08:46:11 | 000,000,000 | ---D | C] -- C:\Program Files\AVG SafeGuard toolbar
    [2013/06/21 08:46:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS
    [2013/06/21 08:46:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
    [2013/06/21 08:46:08 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
    [2013/06/21 08:46:08 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\NSS\0400010.010
    [2013/06/21 08:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
    [2013/06/21 08:45:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open It!
    [2013/06/21 08:45:54 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
    [2013/06/21 08:45:48 | 000,000,000 | ---D | C] -- C:\Program Files\OpenIt
    [2013/06/21 08:45:48 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\DSite
    [2013/06/19 01:40:01 | 020,034,184 | ---- | C] (Microsoft Corporation) -- C:\Users\kmailler\Desktop\Windows-KB890830-V5.1.exe
    [2013/06/18 20:13:55 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    [2013/06/18 20:13:53 | 000,000,000 | ---D | C] -- C:\sh4ldr
    [2013/06/18 20:13:53 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
    [2013/06/18 20:13:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
    [2013/06/17 18:14:11 | 001,814,144 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\kmailler\Desktop\iExplore.exe
    [2013/06/17 13:20:24 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller
    [2013/06/17 13:19:06 | 000,000,000 | ---D | C] -- C:\Program Files\SearchProtect
    [2013/06/17 13:18:57 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\SearchProtect
    [2013/06/17 13:18:33 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\WebCake
    [2013/06/17 13:18:33 | 000,000,000 | ---D | C] -- C:\Program Files\WebCake
    [2013/06/17 13:18:21 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    [2013/06/17 13:18:17 | 000,000,000 | ---D | C] -- C:\Program Files\MyPC Backup
    [2013/06/17 13:18:04 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\DefaultTab
    [2013/06/17 12:47:19 | 000,204,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswNdis2.sys
    [2013/06/17 12:47:18 | 000,104,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFW.sys
    [2013/06/17 12:45:47 | 000,012,112 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswNdis.sys
    [2013/06/17 12:39:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
    [2013/06/17 12:19:41 | 000,000,000 | ---D | C] -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Care Antivirus
    [2013/06/17 12:16:43 | 000,000,000 | ---D | C] -- C:\ProgramData\6822E4ED1D4856B8000068227CD25E76
    [2013/06/16 19:50:51 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/06/16 19:50:48 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/06/16 19:42:11 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/06/16 19:42:10 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/06/16 19:42:09 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2013/06/16 19:42:05 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/06/16 19:42:04 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2013/06/16 19:42:04 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2013/06/16 19:42:03 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2013/06/16 19:42:03 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2013/06/16 17:29:48 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
    [2013/06/16 17:29:37 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
    [2013/06/16 17:29:09 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
    [2013/06/16 17:29:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
    [2013/06/16 17:28:23 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
    [2013/06/16 17:28:21 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
    [2013/05/25 14:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Users\kmailler\AppData\Local\*.tmp files -> C:\Users\kmailler\AppData\Local\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/06/21 08:58:24 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\kmailler\Desktop\OTL(1).exe
    [2013/06/21 08:47:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/06/21 08:47:10 | 798,466,048 | -HS- | M] () -- C:\hiberfil.sys
    [2013/06/21 08:46:22 | 000,003,731 | ---- | M] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/06/21 08:46:21 | 000,000,446 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for kmailler.job
    [2013/06/21 08:46:16 | 000,001,375 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
    [2013/06/21 08:46:04 | 000,037,664 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
    [2013/06/21 08:45:57 | 000,001,032 | ---- | M] () -- C:\Users\Public\Desktop\Open It!.lnk
    [2013/06/21 08:45:09 | 000,793,536 | ---- | M] () -- C:\Users\kmailler\Desktop\ZipOpenerSetup(1).exe
    [2013/06/21 08:26:38 | 000,000,330 | -H-- | M] () -- C:\dvmexp.idx
    [2013/06/21 08:25:54 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/06/21 08:13:09 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/06/21 08:13:09 | 000,014,128 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/06/21 08:06:24 | 000,001,930 | ---- | M] () -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600 (Network).lnk
    [2013/06/21 08:05:46 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/06/20 20:44:03 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/06/19 01:40:35 | 020,034,184 | ---- | M] (Microsoft Corporation) -- C:\Users\kmailler\Desktop\Windows-KB890830-V5.1.exe
    [2013/06/18 20:13:56 | 000,002,212 | ---- | M] () -- C:\Users\kmailler\Desktop\SpyHunter.lnk
    [2013/06/17 18:14:11 | 001,814,144 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\kmailler\Desktop\iExplore.exe
    [2013/06/17 18:12:35 | 000,793,536 | ---- | M] () -- C:\Users\kmailler\Desktop\ZipOpenerSetup.exe
    [2013/06/17 13:37:38 | 000,000,258 | RHS- | M] () -- C:\Users\kmailler\ntuser.pol
    [2013/06/17 13:18:24 | 000,001,019 | ---- | M] () -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    [2013/06/17 13:18:24 | 000,001,009 | ---- | M] () -- C:\Users\kmailler\Desktop\MyPC Backup.lnk
    [2013/06/17 13:11:32 | 000,192,512 | ---- | M] () -- C:\Users\kmailler\AppData\Local\spictrkk.exe
    [2013/06/17 13:07:23 | 000,000,095 | ---- | M] () -- C:\Users\kmailler\AppData\Roaming\mbam.context.scan
    [2013/06/17 12:56:08 | 000,045,960 | ---- | M] () -- C:\Users\kmailler\AppData\Local\nenwjrfs
    [2013/06/17 12:47:15 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
    [2013/06/17 12:39:53 | 000,001,882 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
    [2013/06/17 09:46:53 | 000,045,960 | ---- | M] () -- C:\Users\kmailler\AppData\Local\pgsvhlot
    [2013/06/17 08:41:45 | 000,001,031 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/06/17 08:19:31 | 000,045,960 | ---- | M] () -- C:\Users\kmailler\AppData\Local\fuwgjbuh
    [2013/06/17 08:19:13 | 000,018,880 | ---- | M] () -- C:\Users\kmailler\AppData\Roaming\wklnhst.dat
    [2013/06/17 08:10:52 | 000,045,960 | ---- | M] () -- C:\Users\kmailler\AppData\Local\viwvfqpx
    [2013/06/16 18:44:21 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/06/16 18:44:21 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/06/08 07:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/06/08 07:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/06/07 08:38:29 | 000,873,334 | ---- | M] () -- C:\Users\kmailler\Documents\authorizationletter.pdf
    [2013/06/07 07:16:05 | 000,879,914 | ---- | M] () -- C:\Users\kmailler\Documents\Scan0002.pdf
    [2013/06/06 22:12:50 | 000,010,752 | ---- | M] () -- C:\Users\kmailler\Documents\june3timesheet.xlr
    [2013/06/03 18:40:39 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForkmailler.job
    [2013/06/02 19:41:31 | 000,010,752 | ---- | M] () -- C:\Users\kmailler\Documents\may27timesheet.xlr
    [2013/05/26 21:24:06 | 000,167,333 | ---- | M] () -- C:\Users\kmailler\Documents\horseshoebaybeach2.jpg
    [2013/05/26 21:23:51 | 000,125,305 | ---- | M] () -- C:\Users\kmailler\Documents\horshoebaybeach.jpg
    [2013/05/26 20:31:31 | 000,001,994 | ---- | M] () -- C:\Users\kmailler\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
    [2013/05/26 20:25:45 | 002,027,520 | ---- | M] () -- C:\Users\kmailler\mailler.paf
    [2013/05/22 20:02:00 | 000,010,752 | ---- | M] () -- C:\Users\kmailler\Documents\may20timesheet.xlr
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
    [1 C:\Users\kmailler\AppData\Local\*.tmp files -> C:\Users\kmailler\AppData\Local\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/06/21 08:46:21 | 000,000,446 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for kmailler.job
    [2013/06/21 08:46:16 | 000,001,375 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.LNK
    [2013/06/21 08:46:10 | 000,003,731 | ---- | C] () -- C:\Program Files\Mozilla Firefoxsafeguard-secure-search.xml
    [2013/06/21 08:46:08 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\NSS\0400010.010\isolate.ini
    [2013/06/21 08:45:57 | 000,001,032 | ---- | C] () -- C:\Users\Public\Desktop\Open It!.lnk
    [2013/06/21 08:45:06 | 000,793,536 | ---- | C] () -- C:\Users\kmailler\Desktop\ZipOpenerSetup(1).exe
    [2013/06/18 20:13:56 | 000,002,212 | ---- | C] () -- C:\Users\kmailler\Desktop\SpyHunter.lnk
    [2013/06/17 18:12:29 | 000,793,536 | ---- | C] () -- C:\Users\kmailler\Desktop\ZipOpenerSetup.exe
    [2013/06/17 13:37:37 | 000,000,258 | RHS- | C] () -- C:\Users\kmailler\ntuser.pol
    [2013/06/17 13:18:24 | 000,001,019 | ---- | C] () -- C:\Users\kmailler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    [2013/06/17 13:18:24 | 000,001,009 | ---- | C] () -- C:\Users\kmailler\Desktop\MyPC Backup.lnk
    [2013/06/17 13:11:31 | 000,192,512 | ---- | C] () -- C:\Users\kmailler\AppData\Local\spictrkk.exe
    [2013/06/17 13:07:23 | 000,000,095 | ---- | C] () -- C:\Users\kmailler\AppData\Roaming\mbam.context.scan
    [2013/06/17 12:56:08 | 000,045,960 | ---- | C] () -- C:\Users\kmailler\AppData\Local\nenwjrfs
    [2013/06/17 12:39:53 | 000,001,882 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
    [2013/06/17 09:46:53 | 000,045,960 | ---- | C] () -- C:\Users\kmailler\AppData\Local\pgsvhlot
    [2013/06/17 08:19:31 | 000,045,960 | ---- | C] () -- C:\Users\kmailler\AppData\Local\fuwgjbuh
    [2013/06/17 08:10:52 | 000,045,960 | ---- | C] () -- C:\Users\kmailler\AppData\Local\viwvfqpx
    [2013/06/08 07:50:40 | 000,012,422 | ---- | C] () -- C:\Users\kmailler\Documents\MVI_1541.THM
    [2013/06/08 07:50:37 | 029,548,260 | ---- | C] () -- C:\Users\kmailler\Documents\MVI_1541.AVI
    [2013/06/08 07:50:37 | 001,177,259 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1980.JPG
    [2013/06/08 07:50:37 | 001,172,469 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1977.JPG
    [2013/06/08 07:50:37 | 001,170,771 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1976.JPG
    [2013/06/08 07:50:37 | 001,156,370 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1975.JPG
    [2013/06/08 07:50:37 | 001,155,185 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1979.JPG
    [2013/06/08 07:50:37 | 001,140,974 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1969.JPG
    [2013/06/08 07:50:37 | 001,122,777 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1983.JPG
    [2013/06/08 07:50:37 | 001,121,688 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1973.JPG
    [2013/06/08 07:50:37 | 001,118,181 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1967.JPG
    [2013/06/08 07:50:37 | 001,067,324 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1972.JPG
    [2013/06/08 07:50:37 | 001,050,779 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1968.JPG
    [2013/06/08 07:50:37 | 001,045,069 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1970.JPG
    [2013/06/08 07:50:37 | 001,034,969 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1978.JPG
    [2013/06/08 07:50:37 | 001,006,682 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1971.JPG
    [2013/06/08 07:50:37 | 000,965,614 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1974.JPG
    [2013/06/08 07:50:36 | 001,201,502 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1966.JPG
    [2013/06/08 07:50:36 | 001,185,342 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1965.JPG
    [2013/06/08 07:50:36 | 001,146,627 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1961.JPG
    [2013/06/08 07:50:36 | 001,142,287 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1964.JPG
    [2013/06/08 07:50:36 | 001,071,700 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1963.JPG
    [2013/06/08 07:50:36 | 001,035,024 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1962.JPG
    [2013/06/08 07:50:35 | 001,161,252 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1950.JPG
    [2013/06/08 07:50:35 | 001,144,285 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1951.JPG
    [2013/06/08 07:50:35 | 001,143,208 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1960.JPG
    [2013/06/08 07:50:35 | 001,055,481 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1954.JPG
    [2013/06/08 07:50:35 | 001,052,171 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1953.JPG
    [2013/06/08 07:50:35 | 001,050,060 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1958.JPG
    [2013/06/08 07:50:35 | 001,029,888 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1952.JPG
    [2013/06/08 07:50:35 | 001,009,799 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1955.JPG
    [2013/06/08 07:50:35 | 000,980,421 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1956.JPG
    [2013/06/08 07:50:35 | 000,958,794 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1959.JPG
    [2013/06/08 07:50:35 | 000,943,207 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1957.JPG
    [2013/06/08 07:50:34 | 001,210,686 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1945.JPG
    [2013/06/08 07:50:34 | 001,173,963 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1946.JPG
    [2013/06/08 07:50:34 | 001,165,559 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1948.JPG
    [2013/06/08 07:50:34 | 001,127,133 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1947.JPG
    [2013/06/08 07:50:34 | 001,102,215 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1943.JPG
    [2013/06/08 07:50:34 | 001,077,289 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1949.JPG
    [2013/06/08 07:50:34 | 000,847,456 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1944.JPG
    [2013/06/08 07:50:33 | 001,275,503 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1939.JPG
    [2013/06/08 07:50:33 | 001,241,581 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1936.JPG
    [2013/06/08 07:50:33 | 001,214,966 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1940.JPG
    [2013/06/08 07:50:33 | 001,187,482 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1934.JPG
    [2013/06/08 07:50:33 | 001,176,834 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1937.JPG
    [2013/06/08 07:50:33 | 001,070,918 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1938.JPG
    [2013/06/08 07:50:33 | 001,057,707 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1933.JPG
    [2013/06/08 07:50:33 | 001,011,383 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1935.JPG
    [2013/06/08 07:50:33 | 001,010,863 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1942.JPG
    [2013/06/08 07:50:33 | 000,954,456 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1941.JPG
    [2013/06/08 07:50:32 | 001,314,218 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1928.JPG
    [2013/06/08 07:50:32 | 001,264,244 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1931.JPG
    [2013/06/08 07:50:32 | 001,252,374 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1929.JPG
    [2013/06/08 07:50:32 | 001,225,972 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1930.JPG
    [2013/06/08 07:50:32 | 001,206,813 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1932.JPG
    [2013/06/08 07:50:31 | 001,370,783 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1922.JPG
    [2013/06/08 07:50:31 | 001,364,472 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1927.JPG
    [2013/06/08 07:50:31 | 001,362,182 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1921.JPG
    [2013/06/08 07:50:31 | 001,361,732 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1926.JPG
    [2013/06/08 07:50:31 | 001,351,843 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1919.JPG
    [2013/06/08 07:50:31 | 001,345,673 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1920.JPG
    [2013/06/08 07:50:31 | 001,114,631 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1923.JPG
    [2013/06/08 07:50:31 | 001,087,741 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1925.JPG
    [2013/06/08 07:50:31 | 001,036,942 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1924.JPG
    [2013/06/08 07:50:30 | 001,327,497 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1918.JPG
    [2013/06/08 07:50:30 | 001,139,361 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1917.JPG
    [2013/06/08 07:50:30 | 001,096,283 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1916.JPG
    [2013/06/08 07:50:30 | 001,087,257 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1914.JPG
    [2013/06/08 07:50:30 | 001,061,920 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1915.JPG
    [2013/06/08 07:50:30 | 001,045,319 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1913.JPG
    [2013/06/08 07:50:29 | 001,241,314 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1909.JPG
    [2013/06/08 07:50:29 | 001,164,371 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1907.JPG
    [2013/06/08 07:50:29 | 001,143,960 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1908.JPG
    [2013/06/08 07:50:29 | 001,129,326 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1906.JPG
    [2013/06/08 07:50:29 | 001,062,393 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1912.JPG
    [2013/06/08 07:50:29 | 001,053,142 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1911.JPG
    [2013/06/08 07:50:29 | 000,990,980 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1910.JPG
    [2013/06/08 07:50:28 | 001,231,078 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1900.JPG
    [2013/06/08 07:50:28 | 001,224,386 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1901.JPG
    [2013/06/08 07:50:28 | 001,202,493 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1904.JPG
    [2013/06/08 07:50:28 | 001,165,901 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1903.JPG
    [2013/06/08 07:50:28 | 001,136,653 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1902.JPG
    [2013/06/08 07:50:28 | 001,107,878 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1905.JPG
    [2013/06/08 07:50:27 | 001,203,359 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1895.JPG
    [2013/06/08 07:50:27 | 001,191,271 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1896.JPG
    [2013/06/08 07:50:27 | 001,184,592 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1894.JPG
    [2013/06/08 07:50:27 | 001,147,789 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1897.JPG
    [2013/06/08 07:50:27 | 001,141,232 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1893.JPG
    [2013/06/08 07:50:27 | 001,097,137 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1892.JPG
    [2013/06/08 07:50:27 | 001,084,859 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1898.JPG
    [2013/06/08 07:50:27 | 001,078,302 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1899.JPG
    [2013/06/08 07:50:26 | 001,186,926 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1890.JPG
    [2013/06/08 07:50:26 | 001,180,496 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1887.JPG
    [2013/06/08 07:50:26 | 001,161,499 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1888.JPG
    [2013/06/08 07:50:26 | 001,157,310 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1891.JPG
    [2013/06/08 07:50:26 | 001,156,304 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1889.JPG
    [2013/06/08 07:50:25 | 001,200,713 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1881.JPG
    [2013/06/08 07:50:25 | 001,175,988 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1885.JPG
    [2013/06/08 07:50:25 | 001,175,921 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1880.JPG
    [2013/06/08 07:50:25 | 001,151,430 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1882.JPG
    [2013/06/08 07:50:25 | 001,150,141 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1886.JPG
    [2013/06/08 07:50:25 | 001,142,651 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1884.JPG
    [2013/06/08 07:50:25 | 001,085,263 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1883.JPG
    [2013/06/08 07:50:25 | 001,047,485 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1879.JPG
    [2013/06/08 07:50:24 | 001,093,060 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1875.JPG
    [2013/06/08 07:50:24 | 001,080,128 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1876.JPG
    [2013/06/08 07:50:24 | 001,042,614 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1878.JPG
    [2013/06/08 07:50:24 | 001,019,595 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1877.JPG
    [2013/06/08 07:50:24 | 000,990,808 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1874.JPG
    [2013/06/08 07:50:23 | 001,198,625 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1868.JPG
    [2013/06/08 07:50:23 | 001,170,969 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1872.JPG
    [2013/06/08 07:50:23 | 001,163,654 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1870.JPG
    [2013/06/08 07:50:23 | 001,098,114 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1871.JPG
    [2013/06/08 07:50:23 | 001,076,959 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1866.JPG
    [2013/06/08 07:50:23 | 001,074,483 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1873.JPG
    [2013/06/08 07:50:23 | 001,037,178 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1867.JPG
    [2013/06/08 07:50:23 | 000,954,900 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1869.JPG
    [2013/06/08 07:50:22 | 001,235,717 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1863.JPG
    [2013/06/08 07:50:22 | 001,161,769 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1864.JPG
    [2013/06/08 07:50:22 | 001,152,695 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1865.JPG
    [2013/06/08 07:50:22 | 001,070,499 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1862.JPG
    [2013/06/08 07:50:21 | 001,118,523 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1859.JPG
    [2013/06/08 07:50:21 | 001,092,743 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1860.JPG
    [2013/06/08 07:50:21 | 001,067,334 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1855.JPG
    [2013/06/08 07:50:21 | 001,029,782 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1858.JPG
    [2013/06/08 07:50:21 | 001,026,984 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1861.JPG
    [2013/06/08 07:50:21 | 000,961,903 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1856.JPG
    [2013/06/08 07:50:21 | 000,942,107 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1857.JPG
    [2013/06/08 07:50:20 | 001,037,294 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1854.JPG
    [2013/06/08 07:50:20 | 001,026,330 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1853.JPG
    [2013/06/08 07:50:20 | 000,987,128 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1851.JPG
    [2013/06/08 07:50:20 | 000,956,098 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1850.JPG
    [2013/06/08 07:50:20 | 000,838,410 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1852.JPG
    [2013/06/08 07:50:19 | 001,117,592 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1847.JPG
    [2013/06/08 07:50:19 | 001,028,356 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1843.JPG
    [2013/06/08 07:50:19 | 001,011,911 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1849.JPG
    [2013/06/08 07:50:19 | 001,005,136 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1846.JPG
    [2013/06/08 07:50:19 | 000,987,802 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1848.JPG
    [2013/06/08 07:50:19 | 000,892,154 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1845.JPG
    [2013/06/08 07:50:19 | 000,738,757 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1844.JPG
    [2013/06/08 07:50:18 | 001,157,931 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1840.JPG
    [2013/06/08 07:50:18 | 001,157,248 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1839.JPG
    [2013/06/08 07:50:18 | 001,113,187 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1841.JPG
    [2013/06/08 07:50:18 | 001,072,497 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1838.JPG
    [2013/06/08 07:50:18 | 001,061,549 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1837.JPG
    [2013/06/08 07:50:18 | 000,947,335 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1842.JPG
    [2013/06/08 07:50:17 | 001,196,904 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1833.JPG
    [2013/06/08 07:50:17 | 001,123,280 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1835.JPG
    [2013/06/08 07:50:17 | 001,117,727 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1836.JPG
    [2013/06/08 07:50:17 | 001,100,371 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1834.JPG
    [2013/06/08 07:50:17 | 001,071,570 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1831.JPG
    [2013/06/08 07:50:17 | 001,054,738 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1829.JPG
    [2013/06/08 07:50:17 | 001,004,589 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1830.JPG
    [2013/06/08 07:50:17 | 000,948,649 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1832.JPG
    [2013/06/08 07:50:16 | 001,154,322 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1824.JPG
    [2013/06/08 07:50:16 | 001,060,680 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1823.JPG
    [2013/06/08 07:50:16 | 001,048,807 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1825.JPG
    [2013/06/08 07:50:16 | 001,031,303 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1822.JPG
    [2013/06/08 07:50:16 | 001,009,012 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1828.JPG
    [2013/06/08 07:50:16 | 000,981,993 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1826.JPG
    [2013/06/08 07:50:16 | 000,975,900 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1827.JPG
    [2013/06/08 07:50:15 | 001,222,883 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1816.JPG
    [2013/06/08 07:50:15 | 001,189,253 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1818.JPG
    [2013/06/08 07:50:15 | 001,182,324 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1815.JPG
    [2013/06/08 07:50:15 | 001,129,206 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1814.JPG
    [2013/06/08 07:50:15 | 001,122,221 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1819.JPG
    [2013/06/08 07:50:15 | 001,107,969 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1817.JPG
    [2013/06/08 07:50:15 | 001,099,304 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1821.JPG
    [2013/06/08 07:50:15 | 001,011,141 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1820.JPG
    [2013/06/08 07:50:14 | 001,255,026 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1813.JPG
    [2013/06/08 07:50:14 | 001,244,528 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1811.JPG
    [2013/06/08 07:50:14 | 001,156,331 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1810.JPG
    [2013/06/08 07:50:14 | 001,146,889 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1812.JPG
    [2013/06/08 07:50:14 | 001,079,468 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1808.JPG
    [2013/06/08 07:50:14 | 000,965,679 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1809.JPG
    [2013/06/08 07:50:13 | 001,245,312 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1804.JPG
    [2013/06/08 07:50:13 | 001,186,224 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1805.JPG
    [2013/06/08 07:50:13 | 001,111,379 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1806.JPG
    [2013/06/08 07:50:13 | 001,104,449 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1799.JPG
    [2013/06/08 07:50:13 | 001,096,028 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1800.JPG
    [2013/06/08 07:50:13 | 001,077,036 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1801.JPG
    [2013/06/08 07:50:13 | 001,027,538 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1802.JPG
    [2013/06/08 07:50:13 | 001,008,767 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1807.JPG
    [2013/06/08 07:50:13 | 000,874,132 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1803.JPG
    [2013/06/08 07:50:12 | 001,249,660 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1797.JPG
    [2013/06/08 07:50:12 | 001,202,760 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1798.JPG
    [2013/06/08 07:50:12 | 001,006,141 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1795.JPG
    [2013/06/08 07:50:12 | 001,001,965 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1796.JPG
    [2013/06/08 07:50:11 | 001,111,750 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1787.JPG
    [2013/06/08 07:50:11 | 001,103,865 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1788.JPG
    [2013/06/08 07:50:11 | 001,060,783 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1793.JPG
    [2013/06/08 07:50:11 | 001,027,610 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1789.JPG
    [2013/06/08 07:50:11 | 000,992,930 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1794.JPG
    [2013/06/08 07:50:11 | 000,758,000 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1791.JPG
    [2013/06/08 07:50:11 | 000,700,508 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1792.JPG
    [2013/06/08 07:50:11 | 000,690,785 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1790.JPG
    [2013/06/08 07:50:10 | 001,287,509 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1783.JPG
    [2013/06/08 07:50:10 | 001,234,781 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1785.JPG
    [2013/06/08 07:50:10 | 001,079,635 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1782.JPG
    [2013/06/08 07:50:10 | 001,043,425 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1786.JPG
    [2013/06/08 07:50:10 | 001,033,333 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1784.JPG
    [2013/06/08 07:50:10 | 000,560,513 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1781.JPG
    [2013/06/08 07:50:09 | 001,140,058 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1777.JPG
    [2013/06/08 07:50:09 | 001,090,443 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1778.JPG
    [2013/06/08 07:50:09 | 001,075,521 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1779.JPG
    [2013/06/08 07:50:09 | 001,023,831 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1780.JPG
    [2013/06/08 07:50:09 | 000,940,810 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1776.JPG
    [2013/06/08 07:50:09 | 000,935,693 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1773.JPG
    [2013/06/08 07:50:09 | 000,912,612 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1775.JPG
    [2013/06/08 07:50:09 | 000,905,694 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1774.JPG
    [2013/06/08 07:50:08 | 001,157,738 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1772.JPG
    [2013/06/08 07:50:08 | 001,133,187 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1768.JPG
    [2013/06/08 07:50:08 | 001,116,367 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1771.JPG
    [2013/06/08 07:50:08 | 001,033,601 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1765.JPG
    [2013/06/08 07:50:08 | 001,030,765 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1770.JPG
    [2013/06/08 07:50:08 | 001,020,926 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1767.JPG
    [2013/06/08 07:50:08 | 000,984,291 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1769.JPG
    [2013/06/08 07:50:08 | 000,976,066 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1766.JPG
    [2013/06/08 07:50:07 | 001,167,562 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1755.JPG
    [2013/06/08 07:50:07 | 001,146,415 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1756.JPG
    [2013/06/08 07:50:07 | 001,114,880 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1760.JPG
    [2013/06/08 07:50:07 | 001,056,874 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1761.JPG
    [2013/06/08 07:50:07 | 001,048,654 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1758.JPG
    [2013/06/08 07:50:07 | 001,029,590 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1757.JPG
    [2013/06/08 07:50:07 | 000,985,180 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1759.JPG
    [2013/06/08 07:50:07 | 000,985,026 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1763.JPG
    [2013/06/08 07:50:07 | 000,950,214 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1762.JPG
    [2013/06/08 07:50:07 | 000,936,929 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1764.JPG
    [2013/06/08 07:50:06 | 001,209,383 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1754.JPG
    [2013/06/08 07:50:06 | 001,164,999 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1750.JPG
    [2013/06/08 07:50:06 | 001,114,299 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1748.JPG
    [2013/06/08 07:50:06 | 001,069,328 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1753.JPG
    [2013/06/08 07:50:06 | 001,033,960 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1751.JPG
    [2013/06/08 07:50:06 | 001,020,585 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1752.JPG
    [2013/06/08 07:50:06 | 001,002,329 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1749.JPG
    [2013/06/08 07:50:05 | 001,092,415 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1740.JPG
    [2013/06/08 07:50:05 | 001,074,015 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1745.JPG
    [2013/06/08 07:50:05 | 001,066,695 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1738.JPG
    [2013/06/08 07:50:05 | 001,051,293 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1747.JPG
    [2013/06/08 07:50:05 | 001,014,824 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1742.JPG
    [2013/06/08 07:50:05 | 001,007,023 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1744.JPG
    [2013/06/08 07:50:05 | 000,997,095 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1739.JPG
    [2013/06/08 07:50:05 | 000,992,345 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1746.JPG
    [2013/06/08 07:50:05 | 000,976,027 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1743.JPG
    [2013/06/08 07:50:05 | 000,899,391 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1737.JPG
    [2013/06/08 07:50:05 | 000,879,553 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1741.JPG
    [2013/06/08 07:50:04 | 001,155,882 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1732.JPG
    [2013/06/08 07:50:04 | 001,143,343 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1730.JPG
    [2013/06/08 07:50:04 | 001,127,083 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1729.JPG
    [2013/06/08 07:50:04 | 001,069,552 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1735.JPG
    [2013/06/08 07:50:04 | 001,031,457 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1733.JPG
    [2013/06/08 07:50:04 | 001,030,081 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1736.JPG
    [2013/06/08 07:50:04 | 000,962,573 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1734.JPG
    [2013/06/08 07:50:04 | 000,942,079 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1731.JPG
    [2013/06/08 07:50:03 | 001,153,167 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1723.JPG
    [2013/06/08 07:50:03 | 001,026,161 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1724.JPG
    [2013/06/08 07:50:03 | 000,987,735 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1728.JPG
    [2013/06/08 07:50:03 | 000,981,311 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1722.JPG
    [2013/06/08 07:50:03 | 000,980,454 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1721.JPG
    [2013/06/08 07:50:03 | 000,956,362 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1720.JPG
    [2013/06/08 07:50:03 | 000,934,818 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1727.JPG
    [2013/06/08 07:50:03 | 000,918,965 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1725.JPG
    [2013/06/08 07:50:03 | 000,888,443 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1726.JPG
    [2013/06/08 07:50:02 | 001,103,949 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1716.JPG
    [2013/06/08 07:50:02 | 001,099,836 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1718.JPG
    [2013/06/08 07:50:02 | 001,050,983 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1713.JPG
    [2013/06/08 07:50:02 | 001,018,898 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1719.JPG
    [2013/06/08 07:50:02 | 001,014,905 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1714.JPG
    [2013/06/08 07:50:02 | 000,995,804 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1717.JPG
    [2013/06/08 07:50:02 | 000,987,987 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1715.JPG
    [2013/06/08 07:50:02 | 000,975,035 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1712.JPG
    [2013/06/08 07:50:01 | 001,104,228 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1708.JPG
    [2013/06/08 07:50:01 | 001,098,554 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1711.JPG
    [2013/06/08 07:50:01 | 001,015,765 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1709.JPG
    [2013/06/08 07:50:01 | 000,986,328 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1703.JPG
    [2013/06/08 07:50:01 | 000,978,061 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1710.JPG
    [2013/06/08 07:50:01 | 000,969,224 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1705.JPG
    [2013/06/08 07:50:01 | 000,950,917 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1706.JPG
    [2013/06/08 07:50:01 | 000,940,063 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1704.JPG
    [2013/06/08 07:50:01 | 000,861,341 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1707.JPG
    [2013/06/08 07:50:00 | 001,172,930 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1702.JPG
    [2013/06/08 07:50:00 | 001,149,540 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1698.JPG
    [2013/06/08 07:50:00 | 000,982,944 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1700.JPG
    [2013/06/08 07:50:00 | 000,962,249 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1701.JPG
    [2013/06/08 07:50:00 | 000,948,681 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1699.JPG
    [2013/06/08 07:49:59 | 001,119,483 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1689.JPG
    [2013/06/08 07:49:59 | 001,104,044 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1693.JPG
    [2013/06/08 07:49:59 | 001,070,522 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1696.JPG
    [2013/06/08 07:49:59 | 001,007,914 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1690.JPG
    [2013/06/08 07:49:59 | 001,004,462 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1697.JPG
    [2013/06/08 07:49:59 | 000,999,351 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1695.JPG
    [2013/06/08 07:49:59 | 000,972,543 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1694.JPG
    [2013/06/08 07:49:59 | 000,958,855 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1688.JPG
    [2013/06/08 07:49:59 | 000,916,458 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1692.JPG
    [2013/06/08 07:49:59 | 000,911,972 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1691.JPG
    [2013/06/08 07:49:58 | 001,232,468 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1683.JPG
    [2013/06/08 07:49:58 | 001,164,101 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1680.JPG
    [2013/06/08 07:49:58 | 001,131,308 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1682.JPG
    [2013/06/08 07:49:58 | 001,122,607 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1687.JPG
    [2013/06/08 07:49:58 | 001,096,297 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1679.JPG
    [2013/06/08 07:49:58 | 001,085,699 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1685.JPG
    [2013/06/08 07:49:58 | 001,057,512 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1686.JPG
    [2013/06/08 07:49:58 | 001,016,753 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1684.JPG
    [2013/06/08 07:49:58 | 000,826,967 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1681.JPG
    [2013/06/08 07:49:57 | 001,159,835 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1671.JPG
    [2013/06/08 07:49:57 | 001,097,664 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1670.JPG
    [2013/06/08 07:49:57 | 001,053,784 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1678.JPG
    [2013/06/08 07:49:57 | 001,046,139 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1672.JPG
    [2013/06/08 07:49:57 | 001,034,860 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1675.JPG
    [2013/06/08 07:49:57 | 000,990,903 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1676.JPG
    [2013/06/08 07:49:57 | 000,986,384 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1673.JPG
    [2013/06/08 07:49:57 | 000,964,881 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1677.JPG
    [2013/06/08 07:49:57 | 000,928,431 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1674.JPG
    [2013/06/08 07:49:56 | 001,137,847 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1668.JPG
    [2013/06/08 07:49:56 | 001,135,239 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1669.JPG
    [2013/06/08 07:49:56 | 001,082,926 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1665.JPG
    [2013/06/08 07:49:56 | 001,060,225 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1664.JPG
    [2013/06/08 07:49:56 | 001,053,938 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1666.JPG
    [2013/06/08 07:49:56 | 000,985,880 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1667.JPG
    [2013/06/08 07:49:55 | 001,222,436 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1658.JPG
    [2013/06/08 07:49:55 | 001,142,405 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1660.JPG
    [2013/06/08 07:49:55 | 001,121,503 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1661.JPG
    [2013/06/08 07:49:55 | 001,071,631 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1663.JPG
    [2013/06/08 07:49:55 | 001,051,152 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1659.JPG
    [2013/06/08 07:49:55 | 001,050,046 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1656.JPG
    [2013/06/08 07:49:55 | 001,039,399 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1657.JPG
    [2013/06/08 07:49:55 | 001,015,545 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1662.JPG
    [2013/06/08 07:49:55 | 000,995,059 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1655.JPG
    [2013/06/08 07:49:54 | 001,199,663 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1650.JPG
    [2013/06/08 07:49:54 | 001,141,560 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1649.JPG
    [2013/06/08 07:49:54 | 001,121,485 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1652.JPG
    [2013/06/08 07:49:54 | 001,090,390 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1648.JPG
    [2013/06/08 07:49:54 | 001,005,187 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1654.JPG
    [2013/06/08 07:49:54 | 000,934,608 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1651.JPG
    [2013/06/08 07:49:54 | 000,882,447 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1653.JPG
    [2013/06/08 07:49:54 | 000,851,458 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1647.JPG
    [2013/06/08 07:49:53 | 001,231,972 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1639.JPG
    [2013/06/08 07:49:53 | 001,190,868 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1638.JPG
    [2013/06/08 07:49:53 | 001,092,880 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1643.JPG
    [2013/06/08 07:49:53 | 001,066,489 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1641.JPG
    [2013/06/08 07:49:53 | 001,005,066 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1645.JPG
    [2013/06/08 07:49:53 | 000,989,128 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1646.JPG
    [2013/06/08 07:49:53 | 000,972,572 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1644.JPG
    [2013/06/08 07:49:53 | 000,959,089 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1640.JPG
    [2013/06/08 07:49:53 | 000,949,245 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1642.JPG
    [2013/06/08 07:49:52 | 001,178,040 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1636.JPG
    [2013/06/08 07:49:52 | 001,144,849 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1635.JPG
    [2013/06/08 07:49:52 | 001,144,683 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1631.JPG
    [2013/06/08 07:49:52 | 001,134,963 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1630.JPG
    [2013/06/08 07:49:52 | 001,092,176 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1637.JPG
    [2013/06/08 07:49:52 | 000,966,926 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1632.JPG
    [2013/06/08 07:49:52 | 000,965,575 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1633.JPG
    [2013/06/08 07:49:52 | 000,948,724 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1634.JPG
    [2013/06/08 07:49:51 | 001,167,712 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1628.JPG
    [2013/06/08 07:49:51 | 001,159,403 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1626.JPG
    [2013/06/08 07:49:51 | 001,153,709 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1623.JPG
    [2013/06/08 07:49:51 | 001,093,477 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1627.JPG
    [2013/06/08 07:49:51 | 001,064,864 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1622.JPG
    [2013/06/08 07:49:51 | 001,064,067 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1625.JPG
    [2013/06/08 07:49:51 | 001,042,683 | ---- | C] () -- C:\Users\kmailler\Documents\IMG_1621.JPG
    [2013/06/08 07:49:51 | 000,982,528 | ---- | C] () -- C:\Users\kmailler\Docum
    This message has been truncated
    Show Full Message
    Last edited by Canuck; 06-23-2013 at 08:26 PM. Reason: delete address

  8. #8
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default

    Fri, Jun 21, 2013 at 7:55 PM
    Fri, 7:55 PM
    Message starred
    FROM Kathy Mailler TO You
    adware log
    Show Details

    From

    Kathy Mailler

    To



    A# AdwCleaner v2.005 - Logfile created 06/21/2013 at 19:52:52
    # Updated 14/10/2012 by Xplode
    # Operating system : Windows 7 Starter Service Pack 1 (32 bits)
    # User : kmailler - KMAILLER-PC
    # Boot Mode : Safe mode with networking
    # Running from : C:\Users\kmailler\Desktop\adwcleaner.exe
    # Option [Search]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Found : C:\Program Files\Common Files\AVG Secure Search
    Folder Found : C:\Users\kmailler\AppData\Roaming\DefaultTab

    ***** [Registry] *****

    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Found : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Found : HKLM\Software\Default Tab
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.10.9200.16614

    [OK] Registry is clean.

    -\\ Mozilla Firefox v21.0 (en-US)

    Profile name : default
    File : C:\Users\kmailler\AppData\Roaming\Mozilla\Firefox\Profiles\0jsovf5m.default\prefs.js

    Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3289847&octid=CT328984[...]
    Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
    Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847&Sea[...]
    Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3289847&octid=CT3289847[...]

    -\\ Google Chrome v [Unable to get version]

    File : C:\Users\kmailler\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[R1].txt - [20780 octets] - [21/10/2012 13:13:51]
    AdwCleaner[R2].txt - [20841 octets] - [21/10/2012 14:01:42]
    AdwCleaner[S2].txt - [21527 octets] - [21/10/2012 14:05:09]
    AdwCleaner[R3].txt - [1482 octets] - [17/03/2013 19:19:11]
    AdwCleaner[S3].txt - [1548 octets] - [17/03/2013 19:20:14]
    AdwCleaner[R4].txt - [13164 octets] - [18/06/2013 06:38:31]
    AdwCleaner[S4].txt - [13633 octets] - [18/06/2013 06:41:39]
    AdwCleaner[R5].txt - [4165 octets] - [21/06/2013 19:52:52]

    ########## EOF - C:\AdwCleaner[R5].txt - [4225 octets] ##########
    Last edited by Canuck; 06-23-2013 at 08:28 PM.

  9. #9
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi kmailler,

    The full OTL log did not post.

    Do you have a USB flash drive to transfer the file to your good computer so you can post the full log?

    If not, scroll down to the bottom of the email and click on Show Full Message before you copy the log to paste.

    Also, please make sure to not include your email address in your post before submitting as a reply.

    Thank you,

    Donna
    Last edited by DonnaB; 06-23-2013 at 08:47 PM.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  10. #10
    Member
    Join Date
    Dec 2008
    Location
    cornwall, new york
    Posts
    176
    Points
    0

    Default

    OTL logfile created on: 6/24/2013 6:47:18 PM - Run 10
    OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\kmailler\Desktop
    Starter Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16614)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1015.30 Mb Total Physical Memory | 688.46 Mb Available Physical Memory | 67.81% Memory free
    1.99 Gb Paging File | 1.70 Gb Available in Paging File | 85.27% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 137.47 Gb Total Space | 71.05 Gb Free Space | 51.69% Space Free | Partition Type: NTFS
    Drive D: | 11.38 Gb Total Space | 1.91 Gb Free Space | 16.75% Space Free | Partition Type: NTFS

    Computer Name: KMAILLER-PC | User Name: kmailler | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)
    PRC - C:\Users\kmailler\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
    MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (WebCake Desktop Updater) -- C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Users\kmailler\AppData\Roaming\WebCake\WebCakeDesktop.exe File not found
    SRV - (vToolbarUpdater15.2.0) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
    SRV - (DefaultTabUpdate) -- C:\Users\kmailler\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe ()
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (BackupStack) Computer Backup (MyPC Backup) -- C:\Program Files\MyPC Backup\BackupStack.exe (Just Develop It)
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (AVAST Software)
    SRV - (CltMngSvc) -- C:\Program Files\SearchProtect\bin\CltMngSvc.exe (Conduit)
    SRV -

Page 1 of 11 123 ... LastLast