This topic is locked
I ran a Malwarebytes scan tonight and the scan detected a few trojans, which were quarantined (see attached PNG's for details of the trojans). I also keep getting Funmoods malware (a few instances included in the PNG's), which I can't seem to eradicate and wondered if the two problems were linked.
Ihaven't experienced further issues than those noted above.
Any help would be greatly appreciated:
OTL sccan results:
OTL Extras logfile created on: 24/10/2012 00:14:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\James'\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
7.96 Gb Total Physical Memory | 5.83 Gb Available Physical Memory | 73.24% Memory free
15.92 Gb Paging File | 13.55 Gb Available in Paging File | 85.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 17.46 Gb Free Space | 15.64% Space Free | Partition Type: NTFS
Drive E: | 931.51 Gb Total Space | 717.63 Gb Free Space | 77.04% Space Free | Partition Type: NTFS
Drive G: | 7.51 Gb Total Space | 1.89 Gb Free Space | 25.14% Space Free | Partition Type: FAT32
Computer Name: JAMES-PC | User Name: James' | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "E:\Program Files (x86)\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03836013-FC25-427A-9D6C-F25C29FBCF82}" = lport=445 | protocol=6 | dir=in | app=system |
"{133FCD5A-EC8E-43D7-8EB6-D4743DF6C97F}" = rport=137 | protocol=17 | dir=out | app=system |
"{164B256D-AD98-427E-B3CD-E054160A5FB0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{1F51A3FD-187D-4530-A390-6B5E9BDB45B4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{228066FB-53D8-4616-8160-1B1229D08DCC}" = lport=139 | protocol=6 | dir=in | app=system |
"{27EE5739-8E34-4CF4-A9B1-5EC2D6E531F2}" = rport=139 | protocol=6 | dir=out | app=system |
"{2CBF901E-D5F2-45AE-9059-D5D899CF2C71}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36E2154F-8E59-458C-822B-F5C1A60EDD67}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3F1BF110-659A-4052-83C0-2A512D599C54}" = lport=137 | protocol=17 | dir=in | app=system |
"{4372067C-6D9D-4855-BADB-7B85E42CE4AB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4E4832EA-0107-45C7-8151-9402AF2DB0A5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{50947AF8-C18B-4AA5-8ACB-BABC795C555E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{75AD0CAF-4D64-4265-8BFB-50781C61880F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{75EFD372-6365-436D-B072-891AAAB8EC67}" = lport=138 | protocol=17 | dir=in | app=system |
"{7CEA5092-7AFE-4974-B555-2A4820351BCD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7DBEDBF8-2F7C-4DA2-819E-B2821CE37211}" = rport=445 | protocol=6 | dir=out | app=system |
"{98C2D686-1C0E-4870-A04F-A1760FAFBA27}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A6A00083-8193-4646-A5F7-909924BFC908}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE240EE0-1CEC-4517-B2FB-BB559F4D3A6A}" = rport=138 | protocol=17 | dir=out | app=system |
"{D083ED4C-9A35-491A-91F3-CF40F0C1C382}" = rport=10243 | protocol=6 | dir=out | app=system |
"{DAEF7DDD-841E-4ACC-BEEF-B03BCD963C02}" = lport=10243 | protocol=6 | dir=in | app=system |
"{F2C2E402-19A9-464E-9A89-91E8285BBB94}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F86BF966-2878-405C-806D-EBCEB331279A}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03988DD2-D1F6-4B16-8B1D-A0F2EA26BF7B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0EAD09CD-7926-4491-9D67-84F3B4CC135C}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud windows companion\wysebrowser.exe |
"{12FB822B-5AE1-48C5-9459-27E028A1D6D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{1360E2E7-0696-46C1-B525-3F0A1964810E}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud windows companion\pocketcloudinstallwizard.exe |
"{136BAD79-6AEE-4167-B553-E148E2343E50}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii public test.exe |
"{175AE606-10B1-4470-9D2A-DA7D5DE59965}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{1CB97D21-B1A2-40DA-8D1B-03B171A34112}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3485E417-CB7A-49A4-B825-408074AEABB4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{34B88C39-7A98-4F40-80C0-65FE09257FDB}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{3D352B8C-7F15-47D1-9437-668C9D28C9CA}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{3E79357C-C4BB-4F85-B1AA-30EE46D41727}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_current_settings.bat |
"{49EFCEF5-14B4-4C81-A7B0-28F2B7E2BCEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5ED48540-5EE1-4DB9-BB3A-DF04347F8B31}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii.exe |
"{60A03CAB-259C-428F-AC12-C55B2534AD89}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{61A1AE1A-C637-4CA8-9EF1-971D8CE8F91C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B037890-4BBE-49B4-8D1B-7B49B580B785}" = protocol=1 | dir=in | [email protected],-28543 |
"{7B917401-1808-46ED-AEF2-3FE174EDD124}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{7D996E85-0F47-4A77-8CC8-6F332088C54D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{82E520A6-5FB2-4C9E-9350-FAC037135EF2}" = protocol=17 | dir=in | app=c:\program files (x86)\tightvnc\vncviewer.exe |
"{8FAD7979-9AE4-44F2-8410-3E1EBDA11FB5}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{90811637-C3A1-40F1-951D-C51A39AC79A1}" = protocol=17 | dir=in | app=e:\program files (x86)\microsoft office\office14\onenote.exe |
"{9387B460-E497-4A26-BFEC-4131E832B593}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9AB74178-AF9E-4519-AE3D-A100E051A78F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{9B7A8936-786E-46D2-8115-109436665780}" = protocol=58 | dir=in | [email protected],-28545 |
"{9EC464DB-FE5A-48ED-891F-D400755FEA7A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A1818AE9-C917-431E-AA4A-7EEB2BD9884F}" = protocol=58 | dir=out | [email protected],-28546 |
"{AA4E2983-0E44-4181-9489-CE0FD6D0A67E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{AC061378-CF09-457B-95A0-F12F7FED5AE3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"{B235408A-EFAF-441B-9191-6E7C061D2E09}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8A817BF-0BDF-476E-9A56-42908335660D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{C1746C6E-723B-40CE-B944-CC8F266AF85B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe |
"{C431D7EB-D86E-4FC2-97D4-E77AF6EC48E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C46E7AEB-7F87-4652-8311-49559BBCA829}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\data\encyclopedia\how_to_play.html |
"{C5DAFCD6-9D0F-4CF9-9123-AB655888AA9F}" = protocol=6 | dir=out | app=system |
"{C7A307D3-2CB7-4E47-9DEE-90299E8413A7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C9367B92-A82E-4D92-8EB1-8527C951B4EC}" = protocol=17 | dir=in | app=c:\users\james'\appdata\roaming\dropbox\bin\dropbox.exe |
"{CD0CB72E-0D5D-4FDE-860A-22E897C9BF2A}" = protocol=1 | dir=out | [email protected],-28544 |
"{CF78D0A6-8F52-40B2-99CE-DD6A163B42F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\benchmarks\benchmark_specify_properties.bat |
"{D10E2A6F-2A97-4B8C-A906-4D63AD378CB8}" = protocol=6 | dir=in | app=c:\users\james'\appdata\roaming\dropbox\bin\dropbox.exe |
"{D2C22850-713C-40CC-BD75-7300C4F196D5}" = protocol=17 | dir=in | app=e:\starcraft ii\starcraft ii public test.exe |
"{D31AC84E-A757-43BE-BCD9-42629F98F9B5}" = protocol=6 | dir=in | app=c:\program files (x86)\tightvnc\tvnserver.exe |
"{D3D99A18-EFD9-496A-8A4C-0C8C640E8E4F}" = protocol=6 | dir=in | app=e:\starcraft ii\starcraft ii.exe |
"{D4AC259B-8E69-4780-A33C-3B4C065B1901}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5BA8633-CA0F-4A2E-9DCB-91070AADA9B3}" = protocol=6 | dir=in | app=e:\program files (x86)\microsoft office\office14\onenote.exe |
"{D964F152-794D-4A87-A61F-571EE5C502FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E5ABD834-0060-4DC5-A030-D5AA6831FFA4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{E7B023AA-4C75-4292-A17A-52222B5AD334}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{EE801CE9-7A6F-4FB0-805A-FD3DE6568904}" = dir=in | app=c:\program files (x86)\wyse\pocketcloud windows companion\pocketcloudservice.exe |
"{F1CF8D87-2612-4996-B027-8C32CC1938AF}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{F380BED5-AF39-40B4-9A0C-5BD367241275}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F6D32858-7ACC-45BD-99D6-B0D5DCDC9D07}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{FA1E77AF-C946-4F2C-8E7D-BBAC0CB81C50}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe |
"TCP Query User{1F3F92F6-8EF1-4FC0-999E-74D63C6EA26C}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{53592FE2-A77A-4E2C-A7D5-E4D24E90DD43}C:\program files (x86)\steam\steam.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"TCP Query User{988A5EF3-EB76-4E05-8FB0-8F977456290A}E:\starcraft ii\versions\base22612\sc2.exe" = protocol=6 | dir=in | app=e:\starcraft ii\versions\base22612\sc2.exe |
"TCP Query User{AF43F5F8-8B2A-4AEF-BD3E-A6414680A565}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"UDP Query User{2135C201-23BA-4941-9D70-8371B915367C}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"UDP Query User{438A165B-737A-4782-B5C5-FF1DC7D22FFA}C:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe |
"UDP Query User{75D05584-B362-405B-B2CA-9A328C6BFEF8}E:\starcraft ii\versions\base22612\sc2.exe" = protocol=17 | dir=in | app=e:\starcraft ii\versions\base22612\sc2.exe |
"UDP Query User{F68B734E-515B-448E-B2E3-D8DCE2A85764}C:\program files (x86)\steam\steam.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC4
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{6199B534-A1B6-46ED-873B-97B0ECF8F81E}" = Intel® Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"EPSON SX510W Series" = EPSON SX510W Series Printer Uninstall
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}" = LightScribe System Software
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{83721450-E604-4C37-ABEB-CE7F18C587C8}" = LightScribe Template Labeler
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B512F025-E992-44D0-B1F4-D6E1D3339C80}" = TL-WN881ND Driver
"{BD8F867A-0ACB-427D-A4F2-9AEE29FBF98B}" = PocketCloud Windows Companion
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C0698BDA-0D29-40EE-8570-A31106DF9AB1}" = Medieval II Total War
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1" = EVGA OC Scanner X 2.1.2
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{E9757890-7EC5-46C8-99AB-B00F07B6525C}" = Nikon Transfer
"{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10
"{F007CBCE-D714-4C0B-8CE9-9B0D78116468}" = ViewNX
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10
"AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.50
"Audacity_is1" = Audacity 2.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DealPly" = DealPly
"EPSON Scanner" = EPSON Scan
"Free DVD Ripper Platinum_is1" = Free DVD Ripper Platinum 2.8.9
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Media Player - Codec Pack" = Media Player Codec Pack 4.2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"PrecisionX" = EVGA Precision X 3.0.3
"SpeedFan" = SpeedFan (remove only)
"StarCraft II" = StarCraft II
"Steam App 34330" = Total War: SHOGUN 2
"TightVNC" = TightVNC 2.0.4
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 21/10/2012 11:35:58 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 21/10/2012 11:38:42 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 21/10/2012 14:00:00 | Computer Name = James-PC | Source = Windows Backup | ID = 4103
Description =
Error - 21/10/2012 20:32:42 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 17:12:36 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 17:14:37 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 18:39:40 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 18:44:25 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 19:12:07 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
Error - 23/10/2012 19:15:07 | Computer Name = James-PC | Source = Microsoft-Windows-LoadPerf | ID = 3002
Description = The performance counter explain text string value in the registry
is not formatted correctly. The malformed string is . The first DWORD in the Data
section contains the index value to the malformed string while the second and third
DWORDs in the Data section contain the last valid index values.
[ System Events ]
Error - 14/09/2012 12:19:11 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 14/09/2012 14:32:22 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 14/09/2012 14:58:33 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 14/09/2012 15:42:28 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 14/09/2012 15:50:38 | Computer Name = James-PC | Source = Microsoft-Windows-Directory-Services-SAM | ID = 12291
Description = SAM failed to start the TCP/IP or SPX/IPX listening thread
Error - 14/09/2012 15:53:03 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 15/09/2012 10:34:25 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 15/09/2012 14:35:34 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 15/09/2012 15:07:48 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
Error - 15/09/2012 16:48:07 | Computer Name = James-PC | Source = DCOM | ID = 10016
Description =
< End of report >
Best regards,
Jim
Sign In
Create Account
