Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

McShield:dll error and computer slowing down

Started by MrIceCream , Dec 16 2012 05:33 PM

  • Please log in to reply

#1
MrIceCream
Posted 16 December 2012 - 05:33 PM

MrIceCream

    New Member

  • Member
  • Pip
  • 1 posts
I keep getting this error


CommonShell:McShield:dll


The specified resource language ID cannot be found in the image file.

McShiled:dll The system cannot find the file specified.


My desktop is also displaying message that my version of windows 7 is not genuine. It was purchased 18 months ago from a reputable store called memory express and has been used continuously since purchased with no conflicts or warnings from MS. This warning appeared today. The McShield error has been showing up for 3 days.

OTL log is here

OTL logfile created on: 16/12/2012 2:52:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jofo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.87 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 59.63% Memory free
7.74 Gb Paging File | 5.46 Gb Available in Paging File | 70.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 186.77 Gb Free Space | 80.23% Space Free | Partition Type: NTFS

Computer Name: JOFO-PC | User Name: jofo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/16 14:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jofo\Desktop\OTL.exe
PRC - [2012/12/16 00:32:39 | 000,308,368 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
PRC - [2012/12/12 09:37:14 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe
PRC - [2012/11/27 12:46:20 | 008,618,072 | ---- | M] (PokerStars) -- C:\Program Files (x86)\PokerStars\PokerStars.exe
PRC - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012/08/28 06:41:06 | 000,247,768 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2012/08/14 12:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/11/18 13:22:32 | 001,316,720 | ---- | M] (Shaw Communications) -- C:\Program Files (x86)\shaw\bin\shawsupport.exe
PRC - [2011/08/22 14:08:58 | 000,311,584 | ---- | M] (Pelmorex Media Inc.) -- C:\Users\jofo\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe
PRC - [2011/01/27 22:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) -- c:\postgreSQL\bin\pg_ctl.exe
PRC - [2011/01/27 22:13:43 | 004,538,368 | ---- | M] (PostgreSQL Global Development Group) -- c:\postgreSQL\bin\postgres.exe
PRC - [2011/01/17 18:37:40 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2011/01/17 18:37:40 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2010/02/10 08:04:48 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86)\Lexmark 7600 Series\ezprint.exe
PRC - [2010/02/10 08:04:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwmon.exe


========== Modules (No Company Name) ==========

MOD - [2012/12/04 18:15:15 | 012,456,040 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
MOD - [2012/12/04 18:15:15 | 000,460,904 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll
MOD - [2012/12/04 18:15:14 | 004,008,040 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
MOD - [2012/12/04 18:14:29 | 000,587,880 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
MOD - [2012/12/04 18:14:28 | 000,124,520 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll
MOD - [2012/12/04 18:14:21 | 000,157,304 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
MOD - [2012/12/04 18:14:20 | 000,275,576 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
MOD - [2012/12/04 18:14:19 | 002,168,952 | ---- | M] () -- C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
MOD - [2011/11/14 17:06:00 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2010/02/10 08:04:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwmon.exe
MOD - [2010/02/10 07:52:51 | 000,389,120 | ---- | M] () -- C:\Program Files\Lexmark Printable Web\resource.dll
MOD - [2010/02/10 07:52:37 | 000,180,224 | ---- | M] () -- C:\Program Files\Lexmark Printable Web\bho.dll
MOD - [2010/02/10 07:51:53 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwcaps.dll
MOD - [2010/02/10 07:51:37 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwscw.dll
MOD - [2010/02/10 07:51:34 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwdrs.dll
MOD - [2010/02/10 07:47:51 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\iptk.dll
MOD - [2010/02/10 07:25:20 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwdatr.dll
MOD - [2010/02/10 07:25:11 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwcnv4.dll
MOD - [2008/03/17 03:52:47 | 000,151,552 | ---- | M] () -- C:\Program Files (x86)\Lexmark 7600 Series\lxdwptp.dll


========== Services (SafeList) ==========

SRV:64bit: - [2012/11/16 21:10:22 | 000,383,608 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV:64bit: - [2012/08/31 13:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV:64bit: - [2012/07/17 14:52:28 | 000,177,144 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)
SRV:64bit: - [2012/07/17 14:49:24 | 000,218,320 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV:64bit: - [2012/07/17 14:47:42 | 000,237,920 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV:64bit: - [2009/10/16 09:09:18 | 001,044,136 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxdwcoms.exe -- (lxdw_device)
SRV:64bit: - [2009/10/16 09:09:08 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/12/12 09:37:16 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/28 06:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/01/27 22:15:33 | 000,066,048 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- c:\postgreSQL\bin\pg_ctl.exe -- (postgresql-8.4)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/10/16 09:09:08 | 000,033,960 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxdwserv.exe -- (lxdwCATSCustConnectService)
SRV - [2009/10/16 09:08:51 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxdwcoms.exe -- (lxdw_device)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/17 14:55:40 | 000,069,672 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)
DRV:64bit: - [2012/07/17 14:52:38 | 000,335,784 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)
DRV:64bit: - [2012/07/17 14:51:16 | 000,106,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)
DRV:64bit: - [2012/07/17 14:50:36 | 000,752,672 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2012/07/17 14:49:36 | 000,513,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)
DRV:64bit: - [2012/07/17 14:48:54 | 000,300,392 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2012/07/17 14:48:34 | 000,169,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)
DRV:64bit: - [2012/04/20 16:40:58 | 000,196,440 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)
DRV:64bit: - [2012/02/29 23:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/10 23:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 23:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 06:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 04:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/09/21 18:00:44 | 001,537,024 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/08/14 10:40:44 | 000,260,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2007/11/09 05:00:30 | 000,026,968 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?l...en-ca&OCID=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-ca
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = BC 1F 55 F9 0A A3 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{32D95E9D-458C-4943-80D3-34CEE2588FFF}: "URL" = http://ca.search.yah...p={SearchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7ADFA_enCA458
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_37: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\jofo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\jofo\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/08/25 10:21:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/12/11 17:55:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK [2012/12/11 22:40:45 | 000,000,000 | ---D | M]

[2011/12/19 12:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jofo\AppData\Roaming\Mozilla\Extensions
[2011/12/19 12:36:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jofo\AppData\Roaming\Mozilla\Extensions\[email protected]

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\jofo\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\jofo\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\jofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.2_0\McChPlg.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Users\jofo\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: SiteAdvisor = C:\Users\jofo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\

O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120628082604.dll (McAfee, Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120628082604.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Lexmark Printable Web) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Program Files\Lexmark Printable Web\bho.dll ()
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [EzPrint] C:\Program Files (x86)\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [lxdwmon.exe] C:\Program Files (x86)\Lexmark 7600 Series\lxdwmon.exe ()
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [EzPrint] C:\Program Files (x86) (x86)\Lexmark 7600 Series\ezprint.exe (Lexmark International Inc.)
O4 - HKLM..\Run: [lxdwmon.exe] C:\Program Files (x86) (x86)\Lexmark 7600 Series\lxdwmon.exe ()
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [shawnotify] c:\Program Files\Shaw\Update\siuloader.exe (Shaw Cablesystems)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [WeatherEye] C:\Users\jofo\AppData\Local\TheWeatherNetwork\WeatherEye\WeatherEye.exe (Pelmorex Media Inc.)
O4 - Startup: C:\Users\jofo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} http://zone.msn.com/...tz.cab99160.cab (MSN Games – Hearts)
O16 - DPF: {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/...vl.cab55579.cab (ZPA_SHVL Object)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn...k.cab102118.cab (MSN Games - Installer)
O16 - DPF: {CAC181B0-4D70-402D-B571-C596A47D0CE0} http://zone.msn.com/...ol.cab56649.cab (CBankshotZoneCtrl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {F773E7B2-62A9-4524-9109-87D2F0BEFAA4} http://zone.msn.com/...rp.cab56961.cab (ChessControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{12AA35FE-C235-4470-8D22-5F3EB84CEA36}: DhcpNameServer = 192.168.0.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F5E2839-34A0-41B2-B28D-F8D3DF18B3CE}: DhcpNameServer = 192.168.0.1 192.168.1.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/16 14:51:37 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\jofo\Desktop\OTL.exe
[2012/12/16 09:32:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/12/11 22:42:12 | 000,000,000 | ---D | C] -- C:\temp
[2012/12/11 22:16:05 | 000,196,440 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2012/12/11 20:06:32 | 000,000,000 | ---D | C] -- C:\Users\jofo\AppData\Local\shaw
[2012/12/11 20:06:32 | 000,000,000 | ---D | C] -- C:\ProgramData\shaw
[2012/12/11 20:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Shaw
[2012/12/11 20:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shaw Internet
[2012/12/11 20:05:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\shaw
[28 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[28 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/16 14:51:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jofo\Desktop\OTL.exe
[2012/12/16 14:45:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/16 14:37:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/12/16 14:20:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1553132057-4098925635-2228825760-1001UA.job
[2012/12/16 13:45:01 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/16 09:46:16 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1553132057-4098925635-2228825760-1001Core.job
[2012/12/16 09:35:56 | 000,778,834 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/12/16 09:35:56 | 000,664,780 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/12/16 09:35:56 | 000,125,484 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/12/16 09:32:19 | 000,001,828 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2012/12/16 09:32:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/12/16 01:05:53 | 3117,412,352 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/15 12:10:37 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/15 12:10:37 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/13 13:23:15 | 000,002,481 | ---- | M] () -- C:\Users\jofo\Desktop\Google Chrome.lnk
[2012/12/13 08:30:41 | 000,294,200 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/12/11 20:05:51 | 000,001,972 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Shaw Support.lnk
[2012/12/11 20:05:51 | 000,001,044 | ---- | M] () -- C:\Users\Public\Desktop\Shaw Support.lnk
[2012/12/03 12:20:47 | 327,223,757 | ---- | M] () -- C:\Windows\MEMORY.DMP
[28 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[28 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/11 20:05:51 | 000,001,972 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Shaw Support.lnk
[2012/12/11 20:05:51 | 000,001,044 | ---- | C] () -- C:\Users\Public\Desktop\Shaw Support.lnk
[2012/12/11 20:05:46 | 000,072,192 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2012/07/11 22:54:01 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDWinst.dll
[2012/07/11 22:54:01 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxdwcomx.dll
[2012/07/11 22:54:00 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwpmui.dll
[2012/07/11 22:54:00 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwinpa.dll
[2012/07/11 22:54:00 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwiesc.dll
[2012/07/11 22:53:59 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwserv.dll
[2012/07/11 22:53:59 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwusb1.dll
[2012/07/11 22:53:59 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwhbn3.dll
[2012/07/11 22:53:59 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcoms.exe
[2012/07/11 22:53:59 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwlmpm.dll
[2012/07/11 22:53:59 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwih.exe
[2012/07/11 22:53:58 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcomc.dll
[2012/07/11 22:53:58 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcomm.dll
[2012/07/11 22:53:58 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdwcfg.exe
[2012/03/31 16:11:44 | 000,681,984 | ---- | C] ( ) -- C:\Windows\SysWow64\LXDWhcp.dll
[2012/03/31 16:11:41 | 000,300,032 | ---- | C] () -- C:\Windows\SysWow64\lxdwgrd.dll
[2012/01/29 21:19:41 | 000,000,045 | ---- | C] () -- C:\Users\jofo\AppData\Local\machpro.dat
[2012/01/29 17:46:11 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/01/04 18:58:03 | 000,000,348 | ---- | C] () -- C:\Windows\WinInit.Ini
[2011/11/19 21:29:05 | 000,000,043 | ---- | C] () -- C:\Users\jofo\jagex_cl_runescape_LIVE.dat
[2011/11/19 21:29:05 | 000,000,001 | ---- | C] () -- C:\Users\jofo\random.dat
[2011/11/17 22:09:08 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdwdrs.dll
[2011/11/17 22:09:08 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxdwcaps.dll
[2011/11/17 22:01:07 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxdwcnv4.dll
[2011/02/11 19:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2011/02/11 19:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2011/02/11 19:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 22:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 21:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/11/17 22:16:46 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\7600 Series
[2012/01/29 17:57:35 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\HEM Data
[2012/02/06 23:51:23 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\HoldemManager
[2012/06/26 13:02:39 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\Lexmark Productivity Studio
[2012/02/22 14:26:14 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\OpenOffice.org
[2011/12/29 22:41:29 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\Silver Creek Entertainment
[2011/12/19 12:36:12 | 000,000,000 | ---D | M] -- C:\Users\jofo\AppData\Roaming\TomTom

========== Purity Check ==========



< End of report >





extras log


OTL Extras logfile created on: 16/12/2012 2:52:39 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\jofo\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.87 Gb Total Physical Memory | 2.31 Gb Available Physical Memory | 59.63% Memory free
7.74 Gb Paging File | 5.46 Gb Available in Paging File | 70.48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232.79 Gb Total Space | 186.77 Gb Free Space | 80.23% Space Free | Partition Type: NTFS

Computer Name: JOFO-PC | User Name: jofo | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DA4530B-1F72-4018-B050-3F37E80EAFFE}" = lport=2869 | protocol=6 | dir=in | app=system |
"{0EB94E05-1763-4122-A52E-3025AD8DB9F5}" = lport=138 | protocol=17 | dir=in | app=system |
"{130D98A2-8B87-4070-AD21-4D2F4FDCF9F5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1B57F800-21A6-4D76-831A-1582B70B9358}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{557369AF-7820-4579-A8B6-ED4B3D981E3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F23259F-6DDD-4DB7-BA7A-488DAD357E14}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{60416B64-B386-419A-9452-5D5F3EA3F94E}" = rport=445 | protocol=6 | dir=out | app=system |
"{6840C828-FBE0-4BAB-BD7D-2B9D27CF9DAA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6931CCBD-45D0-4B82-8466-902394538FCE}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7D9B8FB6-5FAC-4E56-A1F7-0A8ADA2BDA73}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B5D4DA0-858E-4BA3-9149-BBBBCCDBAD0A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8B882D82-E20B-4620-A855-286416646E1A}" = rport=138 | protocol=17 | dir=out | app=system |
"{925E67D9-15EB-489D-B4BC-40536B952C5D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9358821C-B85F-432F-8839-DB2F51A02895}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{9595A3A3-4CA8-48F2-868D-6E71AC781E7D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9D983359-0AE7-4358-82DC-012DDFA5091F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9FEE810D-0208-47CA-8166-E1829737826E}" = lport=139 | protocol=6 | dir=in | app=system |
"{A5C565C8-D32E-41E8-9341-31723B6EFA07}" = lport=5432 | protocol=6 | dir=in | name=postgres |
"{C6388801-475B-432D-9220-58D549D7A9B1}" = lport=445 | protocol=6 | dir=in | app=system |
"{D235FD3E-B666-4F47-8FD8-DE932C641F09}" = rport=137 | protocol=17 | dir=out | app=system |
"{D90C8912-D80F-43FB-A9AB-E810763303F8}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{DBF22CA3-E830-42E0-BECD-5AC524843E9F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{DE6CBD40-1900-43C1-AE3E-0F329C2572EE}" = lport=137 | protocol=17 | dir=in | app=system |
"{EF7B8FC0-14FB-44B5-88A8-672AFC4AB26E}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0291D714-80D8-4813-AFE6-1E2871F8AA56}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{033DFD3B-C80F-49EB-8B15-F0E02C695E5B}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{07AC7832-6D23-44B1-B942-66425E5666AA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{10F79D7C-033A-4752-86DD-BB476D20E94E}" = dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{11D4EB39-92EC-4C4D-AB5E-6BA31F6AA29E}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{14BFA218-975D-4774-910C-D47174217300}" = protocol=6 | dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{14C39E0A-ED6A-455A-96E1-40F78134ED47}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{18D230F4-DD2F-48FB-963E-232D75C00BCE}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{1B100EA5-DC64-4F3B-A6ED-03F37D4D366A}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{1EB640BC-F93D-42B6-90E1-BB6C6F40D867}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{22054560-6AD6-48D4-B7AA-B023F101E0A7}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{297B6406-39A1-47AE-B4AC-0B1247D53BC9}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwamon.exe |
"{29DBC698-E8C5-4382-B444-CEF323C25CFC}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{2DE50261-E067-4AEC-AD54-AB63B6F7F8DC}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{2F046706-1B21-4D38-AD1C-28A42671D184}" = dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{2FE82FFC-5C33-40A7-9B16-1E11A982CF8F}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwtime.exe |
"{3402FFE3-B07C-4CF9-ABE5-6F0BECF11A50}" = protocol=1 | dir=out | [email protected],-28544 |
"{3B15E66A-4E5D-4912-838B-F8CBC93FD380}" = dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{3BA3A9F2-0A0D-46BB-AEC7-252403C8EEDA}" = protocol=58 | dir=in | app=system |
"{3FBB9E2F-32A3-4E43-A8EF-CD106B54FEFF}" = protocol=1 | dir=in | [email protected],-28543 |
"{422ECF82-2012-4E8B-AE95-D837C5DDB707}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{42885A97-F39B-4CF5-8B22-D4E7197433E0}" = dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{430A9632-7908-4988-B645-61533F1F8091}" = dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{45D1BEFB-6ECB-45BE-947F-B580D2D34B2A}" = protocol=58 | dir=out | [email protected],-28546 |
"{45E594D5-31FE-4D6C-92B1-B83B20652661}" = protocol=6 | dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{4993C4A1-EB81-4D0E-BCE3-030A7F1F01D5}" = dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{4ABC90A4-F378-4057-9E34-8DA43AC16280}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\frun.exe |
"{4B51EC6E-29BD-4565-8A76-5F193EF50DA0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E895BF5-3F29-4B16-8B00-4083A07EA182}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{54E28184-69BF-4921-B75D-D3F92A3893BF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{55406C2A-9F43-475A-8768-8FC90F3BA4E8}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwtime.exe |
"{5E47B9E3-10D5-4429-8B1C-A5DD930B09F7}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{5FDBB9D3-BE64-4CC0-9DDC-A2594D37A157}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwtime.exe |
"{6264C104-6F0C-4FC2-ACF4-E76064F8E2A9}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwtime.exe |
"{62C25EC9-DE16-40E2-83F3-52C79462ED45}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\frun.exe |
"{63F06A39-D57E-4297-BB30-CD020916BB48}" = dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{696B6C47-04C8-4E98-873E-C97F4EDC9DF3}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwamon.exe |
"{7AF92209-79D9-4406-B4AC-6E51F21EBAB0}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwfax.exe |
"{847D245B-9593-424B-B1CC-178CB91A0F52}" = protocol=58 | dir=in | [email protected],-28545 |
"{89A1C430-11A6-499D-91E0-0EB2522BF54C}" = dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{925502B8-2EC5-4FA1-96C3-85FF18649947}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{94ECC800-C93B-4CF4-A93E-DBBFD31A12CF}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{9B69099A-F1CC-49A3-AF01-A48EE3A8AB72}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{9FE9B832-680A-4015-9C96-B0D56CEAC433}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\frun.exe |
"{A0060E2E-7DCE-4B01-A713-B3B6E20EE8CA}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{A0F64769-83AB-4E54-8C00-CFB2958DAFA9}" = dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwtime.exe |
"{A1A07C8E-EA4D-4171-A343-33E51E5D3CC4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A412C967-D1FF-45FD-A0BD-B43644F3FBC0}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwfax.exe |
"{A6AB0CC8-029F-4F32-992F-98808B36F240}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{B3D4931A-8220-4249-BDCF-BC83E07B9027}" = protocol=17 | dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{B4A6F3D0-DFA7-4CA5-81F8-4AE4FB76A0C8}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\frun.exe |
"{B92120CD-EA1E-4CA1-A2FB-9F2E596C43F9}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdwpswx.exe |
"{BA64C3DC-9BEC-4418-8802-4BEA09D10467}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwamon.exe |
"{BD37F393-06AF-4E23-AD39-112BDD414CB6}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwfax.exe |
"{C4BD109A-B066-4D23-98A8-A2E9E1B18F50}" = protocol=6 | dir=out | app=system |
"{C5CF94B4-D78C-4CFB-B87E-DC57A9F82332}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwfax.exe |
"{C85D2173-61C3-4C42-8182-6A2EAC334ABB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C96C86B8-02CC-4FEA-9841-058CD076232E}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{CA7272A1-C82D-4E5F-B387-EB167D205281}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CBC639F7-7E7D-4116-A3E4-A1EC7EAF85B4}" = protocol=17 | dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{CD4C05C2-E6AE-49B0-AD40-4DB1581281C7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CED63BDF-6C41-4BB5-807C-BF70E346D9D9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D3F17837-DC0D-4298-819D-F21CDC95DEEF}" = dir=in | app=c:\windows\syswow64\lxdwcoms.exe |
"{D4AF049E-22E0-4EB2-80C9-8D9BB4DB86EF}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 7600 series\lxdwamon.exe |
"{DA714B44-26C9-4530-9EE5-069D10143ED3}" = dir=in | app=c:\windows\system32\lxdwcoms.exe |
"{DB180A37-0295-4CA8-A1ED-5338258D5CAF}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{E0FEC168-792A-48DF-86B3-CAD7665815A3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB12EF06-A05B-4E22-9144-AD27A389A6D6}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F0B96604-1B55-4EFB-9DFC-13275B8E3FB8}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{F0CAA2BB-86AC-4CFA-A8EC-FA896FCB3441}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F28087E5-641D-45A9-856E-77B785A8F79C}" = protocol=58 | dir=out | [email protected],-503 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Lexmark 7600 Series" = Lexmark 7600 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 37
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{3E171899-0175-47CC-84C4-562ACDD4C021}" = OpenOffice.org 3.3
"{401879D1-AC26-43CD-BDDE-E0D5D5608083}" = TOSHIBA Supervisor Password
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E3FF67-450F-4ADD-99A7-4147780F6C7B}_is1" = Shaw Support 3.5.22
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark Printable Web
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"MSC" = McAfee SecurityCenter
"PokerStars" = PokerStars
"PostgreSQL 8.4" = PostgreSQL 8.4
"Shaw Internet Update_is1" = Shaw Internet Update 3.3.1

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"WeatherEye" = WeatherEye

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 09/12/2012 4:46:57 PM | Computer Name = jofo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Lexmark
7600 Series\Job Status\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 13/12/2012 11:18:14 AM | Computer Name = jofo-PC | Source = System Restore | ID = 8193
Description =

Error - 14/12/2012 4:26:14 PM | Computer Name = jofo-PC | Source = Application Error | ID = 1000
Description = Faulting application name: lxdwcoms.exe, version: 8.4.18.0, time stamp:
0x4a14fb84 Faulting module name: lxdwserv.dll, version: 8.4.18.0, time stamp: 0x4a151550
Exception
code: 0xc0000005 Fault offset: 0x00000000000b7ffd Faulting process id: 0x594 Faulting
application start time: 0x01cdda33c470d670 Faulting application path: C:\Windows\system32\lxdwcoms.exe
Faulting
module path: C:\Windows\system32\lxdwserv.dll Report Id: 8121c735-462c-11e2-b40d-001e33b484e2

Error - 16/12/2012 3:59:08 AM | Computer Name = jofo-PC | Source = Application Error | ID = 1000
Description = Faulting application name: lxdwcoms.exe, version: 8.4.18.0, time stamp:
0x4a14fb84 Faulting module name: lxdwserv.dll, version: 8.4.18.0, time stamp: 0x4a151550
Exception
code: 0xc0000005 Fault offset: 0x00000000000b4546 Faulting process id: 0x5bc Faulting
application start time: 0x01cddaf6d1759dda Faulting application path: C:\Windows\system32\lxdwcoms.exe
Faulting
module path: C:\Windows\system32\lxdwserv.dll Report Id: 77973aee-4756-11e2-9751-001e33b484e2

Error - 16/12/2012 12:32:03 PM | Computer Name = jofo-PC | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 4376 (0x1118) Thread address : 0x00000000771B138A Thread message : Build VSCORE.15.1.0.461
/ 5500.1093 Object being scanned = \Device\HarddiskVolume2\Windows\System32\sdengin2.dll

by C:\Windows\system32\sdclt.exe 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0)

7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 16/12/2012 12:34:43 PM | Computer Name = jofo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Lexmark
7600 Series\Job Status\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 16/12/2012 12:34:43 PM | Computer Name = jofo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Lexmark
7600 Series\Job Status\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 16/12/2012 3:34:14 PM | Computer Name = jofo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Lexmark
7600 Series\Job Status\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 16/12/2012 3:34:14 PM | Computer Name = jofo-PC | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\Program Files\Lexmark
7600 Series\Job Status\MFC80U.DLL". Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 16/12/2012 5:18:43 PM | Computer Name = jofo-PC | Source = Application Hang | ID = 1002
Description = The program iexplore.exe version 9.0.8112.16457 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: ca8 Start
Time: 01cddb64613b8da5 Termination Time: 96 Application Path: C:\Program Files (x86)\Internet
Explorer\iexplore.exe Report Id:

[ System Events ]
Error - 13/06/2012 11:44:52 AM | Computer Name = jofo-PC | Source = DCOM | ID = 10010
Description =

Error - 13/06/2012 1:59:31 PM | Computer Name = jofo-PC | Source = Service Control Manager | ID = 7034
Description = The Google Update Service (gupdate) service terminated unexpectedly.
It has done this 1 time(s).

Error - 13/06/2012 2:00:01 PM | Computer Name = jofo-PC | Source = DCOM | ID = 10010
Description =

Error - 14/06/2012 10:40:07 AM | Computer Name = jofo-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the lxdwCATSCustConnectService
service to connect.

Error - 14/06/2012 10:40:07 AM | Computer Name = jofo-PC | Source = Service Control Manager | ID = 7000
Description = The lxdwCATSCustConnectService service failed to start due to the
following error: %%1053

Error - 14/06/2012 9:08:59 PM | Computer Name = jofo-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 14/06/2012 9:08:59 PM | Computer Name = jofo-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 14/06/2012 9:09:00 PM | Computer Name = jofo-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 14/06/2012 9:09:00 PM | Computer Name = jofo-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.

Error - 14/06/2012 9:09:00 PM | Computer Name = jofo-PC | Source = cdrom | ID = 262155
Description = The driver detected a controller error on \Device\CdRom0.


< End of report >
Thank you for your time. I appreciate any help you can give.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP