1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

win32/small.ca

Discussion in 'Virus & Other Malware Removal' started by ksiq, Dec 11, 2011.

Thread Status:
Not open for further replies.
  1. ksiq

    ksiq Thread Starter

    Joined:
    Dec 11, 2011
    Messages:
    1
    Having the same issues as jcmarvell in another thread
    Followed the same instructions and here is the results of the "OTL text" scan:

    OTL logfile created on: 12/11/2011 9:29:49 AM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\KS\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 7.09 Gb Available Physical Memory | 88.64% Memory free
    16.00 Gb Paging File | 15.14 Gb Available in Paging File | 94.67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931.41 Gb Total Space | 285.95 Gb Free Space | 30.70% Space Free | Partition Type: NTFS
    Drive L: | 1397.26 Gb Total Space | 979.24 Gb Free Space | 70.08% Space Free | Partition Type: NTFS

    Computer Name: KS-AMD434 | User Name: KS | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2011/12/11 09:28:59 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\KS\Downloads\OTL.exe
    PRC - [2011/11/08 21:55:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


    ========== Modules (No Company Name) ==========

    MOD - [2011/11/16 18:21:36 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    MOD - [2011/11/08 21:55:24 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    MOD - [2011/11/08 06:53:58 | 000,076,800 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\eefqrnsm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko8.dll


    ========== Win32 Services (SafeList) ==========

    SRV:64bit: - [2011/10/25 05:14:36 | 000,015,360 | ---- | M] (Silicondust USA Inc) [Auto | Stopped] -- C:\Program Files\Silicondust\HDHomeRun\hdhomerun_service.exe -- (HDHomeRun Service)
    SRV:64bit: - [2011/01/26 18:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
    SRV:64bit: - [2010/10/27 02:51:38 | 000,203,776 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2010/06/17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
    SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2011/09/16 20:19:27 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Stopped] -- C:\Users\KS\AppData\Local\Temp\7zS6013\HPSLPSVC64.DLL -- (HPSLPSVC)
    SRV - [2011/06/06 11:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
    SRV - [2011/04/16 16:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Stopped] -- C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ccSvcHst.exe -- (N360)
    SRV - [2011/01/13 18:23:02 | 000,129,440 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - [2011/10/07 17:49:35 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
    DRV:64bit: - [2011/07/08 16:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symnets.sys -- (SymNetS)
    DRV:64bit: - [2011/07/06 11:44:00 | 000,034,288 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
    DRV:64bit: - [2011/07/02 23:30:50 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2011/05/10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
    DRV:64bit: - [2011/03/30 19:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2011/03/30 19:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
    DRV:64bit: - [2011/03/14 18:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symefa64.sys -- (SymEFA)
    DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2011/01/26 22:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\symds64.sys -- (SymDS)
    DRV:64bit: - [2011/01/21 06:36:02 | 000,413,800 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2010/11/17 04:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
    DRV:64bit: - [2010/11/15 17:45:33 | 000,171,128 | R--- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\N360x64\0501000.01D\ironx64.sys -- (SymIRON)
    DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
    DRV:64bit: - [2010/10/27 04:00:16 | 008,012,288 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2010/10/27 02:14:24 | 000,287,232 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2010/05/15 03:11:48 | 001,327,520 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
    DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
    DRV:64bit: - [2009/08/23 14:55:32 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
    DRV:64bit: - [2009/07/15 19:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
    DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV:64bit: - [2009/05/11 14:49:10 | 000,178,728 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv61xx.sys -- (mv61xx)
    DRV:64bit: - [2007/05/14 15:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
    DRV:64bit: - [2007/05/09 21:50:48 | 000,050,208 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
    DRV:64bit: - [2007/05/09 21:46:48 | 001,127,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LV302V64.SYS -- (PID_PEPI) Logitech QuickCam IM(PID_PEPI)
    DRV:64bit: - [2007/05/09 21:46:36 | 000,016,032 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lv302a64.sys -- (lvpepf64)
    DRV - [2011/12/10 19:13:14 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111210.007\ex64.sys -- (NAVEX15)
    DRV - [2011/12/10 19:13:14 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20111210.007\eng64.sys -- (NAVENG)
    DRV - [2011/12/09 16:53:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20111209.002_b77\IDSviA64.sys -- (IDSVia64)
    DRV - [2011/11/14 11:28:01 | 001,156,216 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20111123.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2011/11/09 00:06:29 | 000,482,936 | ---- | M] (Symantec Corporation) [Kernel | System | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2011/11/09 00:06:29 | 000,138,360 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 78 46 C2 2F 62 89 CC 01 [binary data]
    IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
    FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
    FF - prefs.js..network.proxy.type: 0

    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
    FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@vizzed.com/VizzedRGR: C:\Program Files (x86)\Vizzed\Vizzed Retro Game Room\NpVizzedRgr.dll (Vizzed)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\IPSFFPlgn\ [2011/10/09 02:00:33 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_3_6 [2011/12/11 07:59:56 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/15 17:21:48 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/08 21:55:25 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/10/29 09:36:00 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/08/15 17:21:48 | 000,000,000 | ---D | M]

    [2011/02/21 22:24:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Extensions
    [2011/12/10 16:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\eefqrnsm.default\extensions
    [2011/12/10 16:08:35 | 000,000,000 | ---D | M] (uTorrentBar Community Toolbar) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\eefqrnsm.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    [2011/05/27 15:43:56 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\eefqrnsm.default\extensions\[email protected]
    [2011/07/26 21:33:06 | 000,002,468 | ---- | M] () -- C:\Users\KS\AppData\Roaming\Mozilla\Firefox\Profiles\eefqrnsm.default\searchplugins\safesearch.xml
    [2011/11/12 07:45:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2011/04/13 17:33:09 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
    [2011/11/12 07:45:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
    [2011/11/08 21:55:24 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
    [2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
    [2011/10/16 09:13:16 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
    [2011/11/08 21:55:24 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\gcswf32.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
    CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
    CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
    CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
    CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFFICE.DLL
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\15.0.874.121\pdf.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: Default Plug-in (Enabled) = default_plugin

    O1 HOSTS File: ([2009/06/10 13:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\5.1.0.29\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\tbuTor.dll (Conduit Ltd.)
    O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [UMonit] C:\Windows\SysWOW64\UMonit.exe ()
    O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
    O4 - Startup: C:\Users\KS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Memento.lnk = C:\Program Files (x86)\Memento\Memento.exe (Guys With Towels)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7D263C8-5823-4106-A225-09696A96EF97}: DhcpNameServer = 192.168.0.1
    O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
    O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
    O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
    O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
    O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2010/01/20 18:40:18 | 000,000,000 | RH-D | M] - L:\autorun -- [ NTFS ]
    O32 - AutoRun File - [2002/10/16 18:56:50 | 000,000,036 | RH-- | M] () - L:\autorun.inf -- [ NTFS ]
    O33 - MountPoints2\{12a7fc52-f0c3-11e0-9225-bcaec5b31f84}\Shell - "" = AutoRun
    O33 - MountPoints2\{12a7fc52-f0c3-11e0-9225-bcaec5b31f84}\Shell\AutoRun\command - "" = J:\ck.exe
    O33 - MountPoints2\{188f99e5-4b08-11e0-8c5f-bcaec5b31f84}\Shell - "" = AutoRun
    O33 - MountPoints2\{188f99e5-4b08-11e0-8c5f-bcaec5b31f84}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*

    ========== Files/Folders - Created Within 30 Days ==========

    [2011/12/11 09:21:10 | 000,000,000 | ---D | C] -- C:\Users\KS\AppData\Roaming\TestApp
    [2011/12/11 09:21:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
    [2011/12/11 07:52:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2011/12/10 16:10:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\%LOCALAPPDATA%
    [2011/12/07 22:08:56 | 000,000,000 | ---D | C] -- C:\Users\KS\Desktop\Mary Alices Total Stuff
    [2011/11/28 06:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    [2011/11/28 06:53:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
    [2011/11/28 06:53:59 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
    [2011/11/24 09:37:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vizzed Retro Game Room
    [2011/11/24 09:37:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vizzed
    [2011/11/20 01:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
    [2011/11/17 20:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDHomeRun
    [2011/11/12 07:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java

    ========== Files - Modified Within 30 Days ==========

    [2011/12/11 09:21:10 | 000,001,515 | ---- | M] () -- C:\Users\KS\Desktop\sdsetup_aff.exe.lnk
    [2011/12/11 09:06:21 | 000,726,316 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2011/12/11 09:06:21 | 000,623,940 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2011/12/11 09:06:21 | 000,106,316 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2011/12/11 08:59:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2011/12/11 08:59:39 | 2146,832,383 | -HS- | M] () -- C:\hiberfil.sys
    [2011/12/11 08:59:38 | 668,991,484 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2011/12/11 08:07:19 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2011/12/11 08:07:19 | 000,015,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2011/12/11 07:59:51 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2011/12/11 01:42:00 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2011/12/10 16:07:16 | 000,000,016 | ---- | M] () -- C:\Users\KS\Documents\Memento.notes
    [2011/12/01 18:45:38 | 000,005,922 | ---- | M] () -- C:\Users\KS\Desktop\2010 Taxes Information - Shortcut.lnk
    [2011/12/01 18:44:46 | 076,182,292 | ---- | M] () -- C:\Users\KS\Desktop\scan0001.tif
    [2011/11/28 06:54:11 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/11/22 09:06:08 | 000,046,603 | ---- | M] () -- C:\Users\KS\Desktop\philcharlotte.jpg
    [2011/11/20 01:43:26 | 000,002,212 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

    ========== Files Created - No Company Name ==========

    [2011/12/11 09:21:10 | 000,001,515 | ---- | C] () -- C:\Users\KS\Desktop\sdsetup_aff.exe.lnk
    [2011/12/11 07:51:59 | 668,991,484 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2011/12/01 18:45:12 | 076,182,292 | ---- | C] () -- C:\Users\KS\Desktop\scan0001.tif
    [2011/11/28 06:54:11 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
    [2011/11/22 09:06:07 | 000,046,603 | ---- | C] () -- C:\Users\KS\Desktop\philcharlotte.jpg
    [2011/11/20 01:43:25 | 000,002,212 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
    [2011/10/09 22:42:16 | 000,000,230 | ---- | C] () -- C:\Windows\QTW.ini
    [2011/09/03 14:08:05 | 000,172,097 | ---- | C] () -- C:\Windows\SysWow64\NoMSGuninstall.exe
    [2011/09/03 14:08:05 | 000,147,456 | ---- | C] () -- C:\Windows\SysWow64\ustor.dll
    [2011/09/03 14:08:05 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\UMonit.exe
    [2011/09/03 14:08:05 | 000,000,719 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini
    [2011/09/03 14:08:04 | 000,001,391 | ---- | C] () -- C:\Windows\SysWow64\IconCfg4.ini
    [2011/09/03 14:08:04 | 000,001,391 | ---- | C] () -- C:\Windows\SysWow64\IconCfg3.ini
    [2011/09/03 14:08:04 | 000,001,391 | ---- | C] () -- C:\Windows\SysWow64\IconCfg2.ini
    [2011/09/03 14:08:04 | 000,001,391 | ---- | C] () -- C:\Windows\SysWow64\IconCfg1.ini
    [2011/09/03 14:08:04 | 000,001,391 | ---- | C] () -- C:\Windows\SysWow64\IconCfg0.ini
    [2011/08/15 17:17:15 | 000,163,862 | ---- | C] () -- C:\Windows\hpwins19.dat
    [2011/08/15 17:17:15 | 000,000,253 | ---- | C] () -- C:\Windows\hpwmdl19.dat
    [2011/06/19 18:57:01 | 000,077,698 | ---- | C] () -- C:\Windows\hpqins05.dat
    [2011/06/19 18:55:40 | 000,059,740 | ---- | C] () -- C:\Windows\hpqins11.dat
    [2011/06/19 18:54:12 | 000,062,231 | ---- | C] () -- C:\Windows\hpqins01.dat
    [2011/06/19 18:50:09 | 000,163,862 | ---- | C] () -- C:\Windows\hpwins19.dat.temp
    [2011/06/19 18:50:08 | 000,000,253 | ---- | C] () -- C:\Windows\hpwmdl19.dat.temp
    [2011/05/18 13:12:00 | 000,001,940 | ---- | C] () -- C:\Users\KS\AppData\Local\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
    [2011/02/24 11:39:07 | 000,007,612 | ---- | C] () -- C:\Users\KS\AppData\Local\Resmon.ResmonCfg
    [2011/02/23 18:00:53 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
    [2011/02/23 18:00:53 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
    [2011/02/23 18:00:44 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
    [2011/02/23 18:00:44 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
    [2011/02/23 17:55:55 | 000,041,354 | ---- | C] () -- C:\Windows\Ascd_log.ini
    [2011/02/23 17:50:25 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
    [2011/02/23 17:50:18 | 000,033,630 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
    [2011/02/22 23:27:08 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
    [2011/02/22 19:44:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2011/02/21 22:15:25 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
    [2010/09/17 18:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
    [2009/07/13 21:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
    [2009/07/13 18:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
    [2009/07/13 18:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
    [2009/07/13 16:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
    [2009/07/13 15:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
    [2009/07/13 13:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
    [2009/06/10 13:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
    [2009/04/02 04:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
    [2009/02/18 19:35:10 | 000,049,152 | R--- | C] () -- C:\Windows\DAOD.exe
    [2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
    [2002/02/22 14:39:28 | 000,135,168 | ---- | C] () -- C:\Windows\MSPUNIN.EXE

    ========== LOP Check ==========

    [2011/10/07 17:51:30 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\DAEMON Tools Lite
    [2011/06/25 07:24:10 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Memento
    [2011/07/23 06:49:38 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\mimio
    [2011/03/09 21:32:16 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Publish Providers
    [2011/02/27 09:04:32 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Silicondust
    [2011/06/25 07:16:42 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Softland
    [2011/09/05 16:49:07 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Sony
    [2011/12/11 09:21:10 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\TestApp
    [2011/04/04 18:06:00 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\Tific
    [2011/11/09 03:16:18 | 000,000,000 | ---D | M] -- C:\Users\KS\AppData\Roaming\uTorrent
    [2011/12/10 16:11:03 | 000,018,888 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    ========== Alternate Data Streams ==========

    @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:D1B5B4F1

    < End of report >


    Here are the results of the "Extras.Txt":

    OTL Extras logfile created on: 12/11/2011 9:29:50 AM - Run 1
    OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\KS\Downloads
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 8.0.7601.17514)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    8.00 Gb Total Physical Memory | 7.09 Gb Available Physical Memory | 88.64% Memory free
    16.00 Gb Paging File | 15.14 Gb Available in Paging File | 94.67% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 931.41 Gb Total Space | 285.95 Gb Free Space | 30.70% Space Free | Partition Type: NTFS
    Drive L: | 1397.26 Gb Total Space | 979.24 Gb Free Space | 70.08% Space Free | Partition Type: NTFS

    Computer Name: KS-AMD434 | User Name: KS | Logged in as Administrator.
    Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "DisableNotifications" = 0
    "EnableFirewall" = 0

    ========== Authorized Applications List ==========


    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)
    "{07ECF9FC-BB47-4325-8345-7BFEC708DDD7}" = Digital Cable Advisor
    "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    "{5E2BDF97-E0C7-75AE-29E1-5EA9DA262F2F}" = WMV9/VC-1 Video Playback
    "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    "{6A9B5F9E-CAF3-2264-9DA0-E374F9A34279}" = AMD Drag and Drop Transcoding
    "{6CFB1B20-ECAE-488F-9FFB-6AD420882E71}" = iTunes
    "{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
    "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
    "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
    "{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
    "{AE57C044-8912-A181-A0E4-BC2DAB3A092A}" = ATI Catalyst Install Manager
    "{B0F73914-8782-4E27-94F4-ED746659C92E}" = HDHomeRun
    "{B2C5B378-546F-75A7-7757-C1EAAFAF9E33}" = ccc-utility64
    "{BBA7005D-8C56-FFD3-81AE-D0481829BC70}" = AMD Fuel
    "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
    "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
    "{E11448F2-0B44-4239-B04E-D88FE743E929}" = Officejet J4500 Series
    "{EC8A40B2-096A-4EA4-B11A-167F87F293A7}" = iCloud
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
    "376CE0557162AC1F5761974A89A98C28B707E008" = Windows Driver Package - Virtual Ink (WinUSB) IWB (03/12/2007 2.0.0.1)
    "CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
    "doPDF 7 printer_is1" = doPDF 7.2 printer
    "HP Document Manager" = HP Document Manager 2.0
    "HP Imaging Device Functions" = HP Imaging Device Functions 13.0
    "HP Photosmart Essential" = HP Photosmart Essential 3.5
    "HP Smart Web Printing" = HP Smart Web Printing 4.51
    "HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
    "HPExtendedCapabilities" = HP Customer Participation Program 13.0
    "HPOCR" = OCR Software by I.R.I.S. 13.0
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "PerformanceTest 7_is1" = PerformanceTest v7.0 (64-bit)
    "Shop for HP Supplies" = Shop for HP Supplies

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
    "{0A5825FD-0FB7-4e45-9037-858D463F2943}" = BPDSoftware
    "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
    "{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
    "{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
    "{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
    "{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
    "{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 29
    "{2951A232-69BA-4925-BB9A-CEEB72B18B4F}" = BPDSoftware_Ini
    "{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
    "{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
    "{325A946E-AF95-42A2-ABD4-4F432E970736}" = MimioStudio
    "{40AE01BE-A290-4FFB-8DAB-C624C17DC87E}" = Vegas Movie Studio HD Platinum 10.0
    "{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
    "{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
    "{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
    "{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
    "{572F2A62-70CD-4429-8758-6D4D6DC696E1}" = 4500_Help
    "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
    "{5BB4D7C1-52F2-4BFD-9E40-0D419E2E3021}" = bpd_scan
    "{5E453519-60F6-4A4D-A0BF-16663F9B3536}" = Safari
    "{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
    "{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
    "{6473C0E9-9763-4D94-808A-B250540AA750}" = Sound Forge Audio Studio 10.0
    "{664D6E1D-2A6C-D54D-31A5-B6BC30CEB0C6}" = CCC Help English
    "{6697D99E-E550-4498-B793-4A8DD8A1821F}" = ProductContext
    "{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
    "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
    "{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
    "{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
    "{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{7B9F5775-8C8C-2A4E-0CAB-74EA7AF5CB09}" = ccc-core-static
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{7D1CE80E-3EAE-441E-BE97-625F9ABD07D9}" = Myst Masterpiece Edition
    "{8292F88E-2DB7-456B-A8F1-9079B7432A1E}" = DVD Architect Studio 5.0
    "{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
    "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
    "{8F66047B-1AF3-40D9-80D7-106E2EDC2C2A}" = EPU-4 Engine
    "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
    "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
    "{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
    "{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
    "{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Atech Flash Card Reader Driver Ver.4009
    "{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet TV for Windows Media Center
    "{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AA945C94-285E-DE48-A30F-70105C6580DE}" = Catalyst Control Center Graphics Previews Common
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
    "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
    "{B7B3E9B3-FB14-4927-894B-E9124509AF5A}" = Adobe Flash Player 10 ActiveX
    "{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
    "{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
    "{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
    "{CC29B835-95A5-3CD9-087B-F94D7B9ECC9B}" = Catalyst Control Center InstallProxy
    "{CD95F661-A5C4-44F5-A6AA-ECDD91C240C2}" = WinZip 15.5
    "{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
    "{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
    "{DE19F3DA-1A2C-4D93-B017-2820597430D7}" = Vizzed Retro Game Room
    "{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}" = Windows Media Center Add-in for Flash
    "{FDEC11CC-4BD6-4a8c-A398-3CCD8E43EACA}" = J4500
    "AC3Filter" = AC3Filter (remove only)
    "Adobe AIR" = Adobe AIR
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "Adobe Shockwave Player" = Adobe Shockwave Player 11.5
    "CanonMyPrinter" = Canon My Printer
    "conduitEngine" = Conduit Engine
    "DAEMON Tools Lite" = DAEMON Tools Lite
    "Google Chrome" = Google Chrome
    "InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
    "LookInMyPC" = LookInMyPC
    "Memento_is1" = Memento 1.12
    "Mozilla Firefox 8.0 (x86 en-US)" = Mozilla Firefox 8.0 (x86 en-US)
    "mv61xxDriver" = marvell 61xx
    "N360" = Norton Security Suite
    "NewBlue Cartoonr for Vegas" = NewBlue Cartoonr for Vegas
    "NewBlue VideoFX for Sony Vegas MSPS" = NewBlue VideoFX for Sony Vegas MSPS
    "realMYST Interactive 3D Edition" = realMYST Interactive 3D Edition
    "Riven The sequel to Myst_is1" = Riven The sequel to Myst
    "Sony Vocal Eraser_is1" = Sony Vocal Eraser
    "uTorrent" = µTorrent
    "uTorrentBar Toolbar" = uTorrentBar Toolbar

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Octoshape add-in for Adobe Flash Player" = Octoshape add-in for Adobe Flash Player

    ========== Last 10 Event Log Errors ==========

    [ Application Events ]
    Error - 12/10/2011 12:21:58 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: Explorer.EXE, version: 6.1.7601.17567,
    time stamp: 0x4d672ee4 Faulting module name: Wpc.dll, version: 1.0.0.1, time stamp:
    0x4a5be128 Exception code: 0xc0000005 Fault offset: 0x00000000000027c2 Faulting process
    id: 0x6c4 Faulting application start time: 0x01ccb6cce261a939 Faulting application
    path: C:\Windows\Explorer.EXE Faulting module path: C:\Windows\System32\Wpc.dll Report
    Id: 14f773bf-234b-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 12:22:04 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: WerFault.exe, version: 6.1.7600.16385,
    time stamp: 0x4a5bc607 Faulting module name: apphelp.dll, version: 6.1.7601.17514,
    time stamp: 0x4ce7c496 Exception code: 0xc0000005 Fault offset: 0x000000000000bd3f
    Faulting
    process id: 0x143c Faulting application start time: 0x01ccb757d7455ae1 Faulting application
    path: C:\Windows\system32\WerFault.exe Faulting module path: C:\Windows\system32\apphelp.dll
    Report
    Id: 1873fd61-234b-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 12:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0xe14 Faulting
    application start time: 0x01ccb75aa335677e Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: e164de0d-234d-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 1:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0x368 Faulting
    application start time: 0x01ccb76304faf750 Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: 432f30a0-2356-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 2:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0x14fc Faulting
    application start time: 0x01ccb76b66beb6db Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: a4ef9d51-235e-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 3:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0x1560 Faulting
    application start time: 0x01ccb773c8837606 Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: 06b0d952-2367-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 4:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0xc94 Faulting
    application start time: 0x01ccb77c2a48d96f Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: 687962cc-236f-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 5:42:00 PM | Computer Name = KS-AMD434 | Source = Application Error | ID = 1000
    Description = Faulting application name: taskeng.exe, version: 6.1.7601.17514, time
    stamp: 0x4ce79d2c Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
    Exception
    code: 0xc0000005 Fault offset: 0x000007fe0002e580 Faulting process id: 0x710 Faulting
    application start time: 0x01ccb7848c0b504f Faulting application path: C:\Windows\system32\taskeng.exe
    Faulting
    module path: unknown Report Id: ca436403-2377-11e1-a2fb-bcaec5b31f84

    Error - 12/10/2011 8:13:21 PM | Computer Name = KS-AMD434 | Source = ESENT | ID = 215
    Description = WinMail (2332) WindowsMail0: The backup has been stopped because it
    was halted by the client or the connection with the client failed.

    Error - 12/10/2011 8:13:24 PM | Computer Name = KS-AMD434 | Source = ESENT | ID = 215
    Description = WinMail (2596) WindowsMail0: The backup has been stopped because it
    was halted by the client or the connection with the client failed.

    [ Media Center Events ]
    Error - 2/27/2011 4:50:24 PM | Computer Name = KS-AMD434 | Source = ehRecvr | ID = 3
    Description = TV tuner encountered an error. (0xc0040524) Silicondust HDHomeRun
    Tuner 101C215E-1

    Error - 3/9/2011 7:15:33 AM | Computer Name = KS-AMD434 | Source = MCUpdate | ID = 0
    Description = 3:15:29 AM - Error connecting to the internet. 3:15:29 AM - Unable
    to contact server..

    Error - 11/18/2011 12:39:09 AM | Computer Name = KS-AMD434 | Source = ehRecvr | ID = 3
    Description = TV tuner encountered an error. (0xc0040524) Silicondust HDHomeRun
    Tuner 101C215E-0

    [ System Events ]
    Error - 12/11/2011 1:00:06 PM | Computer Name = KS-AMD434 | Source = DCOM | ID = 10005
    Description =

    Error - 12/11/2011 1:00:06 PM | Computer Name = KS-AMD434 | Source = DCOM | ID = 10005
    Description =

    Error - 12/11/2011 1:00:06 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:00:06 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:00:06 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:00:07 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The HomeGroup Provider service depends on the Function Discovery Provider
    Host service which failed to start because of the following error: %%1068

    Error - 12/11/2011 1:00:08 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:00:08 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:00:08 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The Computer Browser service depends on the Server service which failed
    to start because of the following error: %%1068

    Error - 12/11/2011 1:01:52 PM | Computer Name = KS-AMD434 | Source = Service Control Manager | ID = 7001
    Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
    Provider Host service which failed to start because of the following error: %%1068


    < End of report >

    Any help is greatly appreciated.
     
As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - win32 small
  1. Olddog20
    Replies:
    0
    Views:
    366
  2. Sumfeg
    Replies:
    0
    Views:
    1,232
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1030761

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice